Supply side attack on a very popular malware recovery tool. This particular attack is especially scary because the download server was compromised destroying the trust relationship between the user and official software sources. Checked the MD5 hash? too bad you’re still boned..
But as the article says. It is now and will always be more secure to keep your software up to date.
Source: Attack on CCleaner Highlights the Importance of Securing Downloads and Maintaining User Trust | Electronic Frontier Foundation
Thank You for this.