I need to clarify a couple of things. I found out after some further digging about that although I would have suspected it would have been targeting business clients, the bug was found only in the free version of 5.33.
Also worth noting is this was in a signed version of the program with compiled information. What does this mean? The code was in the program before it was turned into a program by the programmers.
It would be impossible to speculate how it got there besides ill intent, but if I find anything else more about the malware in CCleaner 5.33 I will certainly update everyone. Especially if it becomes a issue we should discus further.