Jump to content

PSA: Puush update contained malware

nohman

By nohman
in General Discussion

 Share

Recommended Posts

nohman Fuwa Master

nohman

Posted
Posted

I know at least a handful of people in the community use puush for taking screenshots, so I thought it would be good to give you guys a heads up in case you don't already know: 

 

https://twitter.com/puushme

 

If your puush was updated to r94, you got infected. They recommend changing any password that are important to you because it seemed to access your locally stored passwords. They don't seem to think it was transmitted anywhere.

LinovaA Fuwa Elite

LinovaA

Posted
Posted

Well... shit. xD

 

I had been wondering why puush didn't want to work today.

Welp, time to go through the long process of changing every single password I have.

CryingWestern Fuwa Veteran

CryingWestern

Posted
Posted

Ditto. All this password hacking is a little scary, I'm going to regret my lax security measures one day...

 

If anything, someone on their side was the one who put the malware into the program before they uploaded the update, or someone else has access to their site and uploaded a modified version of their program that contained a virus.

Yuuko Fuwa Master

Yuuko

Posted
Posted

AVAST killed it before the update happened, but I still uninstalled it after AVAST gave me a warning. A shame, because I like the convenience of puush.

solidbatman Fuwa Master

solidbatman

Posted
Posted

Someone decompiling the malware informed puush on twitter that their remover does nothing but remove the dropper for the virus. Apparently the virus drops into the RAM and writes itself a rootkit. So it is likely that any computers that got the fake update are still infected.

Puush says they have completed analysis of the virus and will post more details tomorrow. You know, because a malicious programs hijacking their software is enough reason to make users wait another day for details.

Abyssal Monkey Fuwa Elite

Abyssal Monkey

Posted
Posted

It's the internet guys, you really expect any privacy? I use 2 step authentication for anything that is valuable, like my email, and a throwaway master password for everything else, including Fuwa (makes things easier to remember).  My line of thought is that if you don't want people to know things, don't store them in the first place, and anything that is actually important probably has a secondary method nowadays to protect you.  Hell, Twitch just emailed me saying I had unauthorized access to my account, and I laughed, as I haven't used the thing since I created it.

 

I actually did run a thorough virus check last night while I slept as a regular maintenance measure to prevent slowdowns, followed by a defrag, and the only shady thing my avast! quarantined to the virus chest was the patched Koi ga Saku Koro Sakura Doki launcher.

Funyarinpa Fuwa Master

Funyarinpa

Posted
Posted

I do not even use Puush but well, fuck, I probably have like 6515 different malware on my computer and browser by now and my passwords are probably familiar to the community of hackers like the pussy of the most experienced whore in the only brothel of a mostly male-dominated small coastal city 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...