Puush Security Compromise

[Venexis]

So basically, earlier today, someone compromised the puush web server. This means that anyone with version r94 is infected with malware. More information can be found here. This link also has instructions for a removal tool if you're no longer comfortable using puush, MyImgur seems like a promising alternative.

To start, any puush users should definitely update their stuff by right clicking the puush icon in their system tray, going to Settings, then the Updates tab. Check for updates, then make sure you're on version r100 (or later, rightclick the puush icon and the first thing should be your current version). You may then want to follow up with antivirus/antimalware scans to double check that it was removed.

Figured there's enough puush users here to warrant a topic. Honestly, I would've missed it if I hadn't scrolled up in chat on impulse. Keep your computers safe, yo.

---

I'm currently scanning my system, I'd rather be safe than sorry. Will update here with the results if anyone's curious.

EDIT: Managed to do a single scan with Avast before heading to bed, nothing detected. I plan to run a couple more tomorrow but it looks like the r100 update/removal tool are working.

EDIT2: Looks clean, guys.

---

Also, not sure where to put this. Off Topic seemed as good a choice as any, it's high exposure and not directly related to site stuff, but if a mod wants to more this anywhere else feel free. The important thing is to spread the word, as it's not guaranteed that you'll be safe relying on automatic updates with a compromised client.

[Oranjui]

Wait, so there was an update pushed earlier today that downgraded clients to r94 and installed malware? That means that to get the compromised client, you would have had to update at some point today, so if you haven't tried to update today, you should be fine..? (Just clarifying; my computer is fine, though I'm doing a scan anyway because I haven't done one very recently. :B)

[Venexis]

No, yesterday it was version r93. r94 came out this morning (ish), and r100 was just a little while ago.

But yes, to get the malware, you had to have downloaded the r94 update. It automatically downloaded for me, so I was hit; like I said, if I hadn't randomly scrolled up in chat it may have been ages before I found out and thought to check my puush. I autoupdated to r94 but not to r100, so it's a good idea to check regardless if you have puush installed currently or have in the last couple of days.

[Oranjui]

Okay. Is there any information on when r100 was released? My PC hasn't been on in the past few days, and I want to say that I got on it around... 4pm CST, maybe later? today, so it shouldn't have auto-updated from whatever version it was on before any earlier than then.

[Venexis]

r100? As near as I can tell from their Twitter, about 2-3 hours ago. The r94 one was live for about 3 hours, the exact times are given in the link above.

The link says that the r100 update should remove the malware anyway, this is just being double safe lawl.

EDIT: Ran one scan, more to follow tomorrow. Results in the first post.

[Kimonio]

I have 170 viruses, one more wouldn't hurt, would it?

[~MP3 Amplifier~]

It automatically downloaded for me too, but thanks to my neat antiviral software, my laptop told me straight away and went and killed it for me. <3

[ChaosYoshi]

It's a good thing that I don't have puush, let alone the fact that I wasn't online at the time. It was a little bit of a shock to come back a week later to see that all my browsers and anti-virus software had updates against trojans, though.