Yup. Worse, the security of folks using CCleaner was seemingly fully bypassed by this. Rendering it nothing more than security theater for the most part........ You think this programs can't be hacked ....... like we All have been thinking that CCleaner can't be hacked ....... (all is the same story, toooo ).
Think about this.. Some criticized me in another thread after my extensive, well secured gateway/network was compromised by a hijacked Trend Micro update. These same people were possibly compromised by this, or certainly would have been. Even IF some security product warned about CCleaner, how fast would most people whitelist it out of habit with the assumption CCleaner was always safe?