nohman Posted March 30, 2015 Share Posted March 30, 2015 I know at least a handful of people in the community use puush for taking screenshots, so I thought it would be good to give you guys a heads up in case you don't already know: https://twitter.com/puushme If your puush was updated to r94, you got infected. They recommend changing any password that are important to you because it seemed to access your locally stored passwords. They don't seem to think it was transmitted anywhere. Quote Link to comment Share on other sites More sharing options...
solidbatman Posted March 30, 2015 Share Posted March 30, 2015 It was transmitted. The malware seemed to have taken the passwords, and then the location where they were uploaded was disconnected before puush got on top of it from what I understand Quote Link to comment Share on other sites More sharing options...
Yuuko Posted March 30, 2015 Share Posted March 30, 2015 RIP ME. I downloaded puush yesterday D: I don't even know if I was infected but better change all passwords Quote Link to comment Share on other sites More sharing options...
Ceris Posted March 30, 2015 Share Posted March 30, 2015 AVAST killed it before the update happened, but I still uninstalled it after AVAST gave me a warning. A shame, because I like the convenience of puush. Quote Link to comment Share on other sites More sharing options...
LinovaA Posted March 30, 2015 Share Posted March 30, 2015 Well... shit. xD I had been wondering why puush didn't want to work today. Welp, time to go through the long process of changing every single password I have. Quote Link to comment Share on other sites More sharing options...
GetterEmperor Posted March 30, 2015 Share Posted March 30, 2015 Damn it sucks to have this happen. Well I guess it's time to change some passwords. Quote Link to comment Share on other sites More sharing options...
Zenophilious Posted March 30, 2015 Share Posted March 30, 2015 By the way, everyone should launch an additional virus scan, if you didn't already. There was apparently more malware than what puush removed on my computer, and I don't have a habit of downloading obscure files or anything. According to puush, their "sandboxed investigations show no sign of data (passwords) being transmitted", but yeah, you should change any passwords you have saved on your browsers, just in case. Quote Link to comment Share on other sites More sharing options...
Schnarf Posted March 30, 2015 Share Posted March 30, 2015 whew, thank god i don't use puush Quote Link to comment Share on other sites More sharing options...
Darklord Rooke Posted March 30, 2015 Share Posted March 30, 2015 whew, thank god i don't use puush Ditto. All this password hacking is a little scary, I'm going to regret my lax security measures one day... Quote Link to comment Share on other sites More sharing options...
CryingWestern Posted March 30, 2015 Share Posted March 30, 2015 Ditto. All this password hacking is a little scary, I'm going to regret my lax security measures one day... If anything, someone on their side was the one who put the malware into the program before they uploaded the update, or someone else has access to their site and uploaded a modified version of their program that contained a virus. Quote Link to comment Share on other sites More sharing options...
Zenophilious Posted March 30, 2015 Share Posted March 30, 2015 If anything, someone on their side was the one who put the malware into the program before they uploaded the update, or someone else has access to their site and uploaded a modified version of their program that contained a virus. The latter sounds the most likely to me, since it's a lot less risky for the fucker who put the malware in the update. I mean, that's what I'd do if I wanted to spread malware as much as possible as safely as possible. That said, some people do stupid things. Hope whoever did it gets caught, but I know just how unlikely that is. *sigh* Quote Link to comment Share on other sites More sharing options...
Down Posted March 30, 2015 Share Posted March 30, 2015 Storing passwords on your browser or computer sounds like a terrible idea anyway. Quote Link to comment Share on other sites More sharing options...
Zenophilious Posted March 30, 2015 Share Posted March 30, 2015 Storing passwords on your browser or computer sounds like a terrible idea anyway. Quote Link to comment Share on other sites More sharing options...
Down Posted March 30, 2015 Share Posted March 30, 2015 If you're worried about memory issues, use cryptic hints stored in a txt file or a physical paper haha. Quote Link to comment Share on other sites More sharing options...
Yuuko Posted March 30, 2015 Share Posted March 30, 2015 AVAST killed it before the update happened, but I still uninstalled it after AVAST gave me a warning. A shame, because I like the convenience of puush. Quote Link to comment Share on other sites More sharing options...
CryingWestern Posted March 30, 2015 Share Posted March 30, 2015 If you download the newest update they have, it'll tell you if you've been infected, it also eliminates the malware as well... or so they say. Quote Link to comment Share on other sites More sharing options...
solidbatman Posted March 30, 2015 Share Posted March 30, 2015 If you download the newest update they have, it'll tell you if you've been infected, it also eliminates the malware as well... or so they say. Quote Link to comment Share on other sites More sharing options...
CryingWestern Posted March 30, 2015 Share Posted March 30, 2015 that's just it, i have no idea either, mine never came up with anything... i guess it was only if you uploaded something in that time period, would it do that. Quote Link to comment Share on other sites More sharing options...
solidbatman Posted March 30, 2015 Share Posted March 30, 2015 Someone decompiling the malware informed puush on twitter that their remover does nothing but remove the dropper for the virus. Apparently the virus drops into the RAM and writes itself a rootkit. So it is likely that any computers that got the fake update are still infected. Puush says they have completed analysis of the virus and will post more details tomorrow. You know, because a malicious programs hijacking their software is enough reason to make users wait another day for details. Quote Link to comment Share on other sites More sharing options...
CryingWestern Posted March 30, 2015 Share Posted March 30, 2015 I believe i was only on r93 so i should be fine. Quote Link to comment Share on other sites More sharing options...
Snowtsuku Posted March 30, 2015 Share Posted March 30, 2015 Glad I stopped using it. Quote Link to comment Share on other sites More sharing options...
Lewycool Posted March 30, 2015 Share Posted March 30, 2015 I'm still on 93. DC-ed from internet when I got home to check and to uninstall it Quote Link to comment Share on other sites More sharing options...
Zenophilious Posted March 30, 2015 Share Posted March 30, 2015 puush: "further investigation shows the malware spawns another process disguised as your web browser- please reboot after updating/running cleaner" My computer crashed after I tried launching avast!, and after I launched a full scan from the boot menu(?), it said it found an infected file in C:\Users\*username*\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\. The file was called "00000000" and had a virus description of "Win32:Somoto-R [PUP]". Really, guys, if you haven't already done a full scan, do it now. Quote Link to comment Share on other sites More sharing options...
solidbatman Posted March 30, 2015 Share Posted March 30, 2015 They went back and deleted that tweet, along with a tweet correcting themselves saying the virus was capable of doing so, but they had no evidence that it had done so. Quote Link to comment Share on other sites More sharing options...
Zenophilious Posted March 30, 2015 Share Posted March 30, 2015 Well, that's irritating. Still, though, I regularly scan my computer for malware, and I got it right after the puush malware was supposedly removed, so...dunno what to say. Better to be safe than sorry. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.