Puush Update Malware Steals Passwords From Windows Users

Puush Update Malware Steals Password From Windows Users

Updated Puush ? If you did, you are probably infected. Users of popular screenshot sharing app Puush have reported that many antivirus programs detected the new push update as a malware.

Puush Update Is a Malware ?

Over the weekend, the puush server was breached and the hackers placed a malware infected program as an update. Windows users who updated the puush app to the version r94 are infected with a malware that steals their passwords.

As a precautionary measure, the update server has been taken offline and a clean update has been made available as a standalone download.
iOS and OS X apps are not affected.
Puush said in a statement :

"The malware may be collecting locally stored passwords, but we are yet to confirm these have been transmitted back to a remote location. We have been running the malware in sandboxed environments and have not been able to reproduce any such behaviour. Even so, we recommend you change any important passwords which were stored on your PC (unless they were in a secure password manager). This includes chrome/firefox saved passwords."

"We have created a cleaner for people who do not wish to continue using puush. It is stand-alone and will tell you if you were infected (assuming you have not already updated to r100). You can obtain this here: http://puush.me/dl/puush_is_sorry.exe. "

No comments

Powered by Blogger.