Home Security Computer Malicious Puush Update Stealing Passwords from Windows Users

Malicious Puush Update Stealing Passwords from Windows Users

Lock is opened broken password

There is bad news for users of Windows who have downloaded the Puush update.

Puush promises the users to share screenshots in a fast and easy way. However, the moment you opt for the recent update, you are openly inviting it to infect your desktop with malware. This malware has the potential to steal your passwords.

Early detection

Now, this has not been done by the company deliberately by design. There seems to have been a mistake when the malware may have been accidentally pushed into the computers of Windows users.

A regular user of Bitdefender Graham Barker was the first one who noticed this potential threat. He immediately alerted Puush to inform it that something greatly wrong has happened with the latest update.

Graham Barker alerts Puush about malware

Following the news, there has been a number of tweets quickly coming in. Puush however came out in the open to state that its r94 update available for downloading between 29th March, 18:51–21:41 UTC was the one that was affected by malware. It stated that users who had their computers on during this time were at risk because it was possible that malware could have been automatically downloaded to their computers. This malware had the ability to steal passwords and it is prudency for users to consider that any of the passwords they have stored in their computers has been compromised.

What does Puush have to say?

Puush logo

The Puush blog also provided more details on the latest update. It confirmed that those who have downloaded the Puush update and are non-Windows users have nothing to fear. The update is also available for users of OS X and iOS. However, they will not be affected by the malware when they download Puush.

Puush also added that its recent version r100 has the ability to automatically detect and clean the infection. Puush also stated that is has introduced a standalone clean-up tool called puush_is_sorry.exe.

However, there is further disappointment here again. This clean-up tool can be downloaded via a HTTP link over a protected and secure HTTPS link. Now, after reading this, you will find it hard to trust Puush and use the company’s software again. However, Puush said it has by now patched up its systems with the latest security updates.

Now we can only hope that Puush will carry out a complete review urgently to figure out what had gone wrong. The issue needs to be resolved to prevent unauthorized versions of compromised software from affecting its customers again.

To sum up, if you wish to protect your system against malware, you should ensure the antivirus package on your device is updated and the latest security patches are applied.