MJmusicguy

Popular Anime Site Crunchyroll.com Hijacked to Distribute Malware

Recommended Posts

That is not a very sound argument at all while it is true common sense can save you most of the time even the most experienced user can make a misjudgment if the attack vector is presented in a certain way  and it does not mean we shouldn't do our best to analyze detect block or remove such a threat  

Share this post


Link to post
Share on other sites
6 hours ago, MJmusicguy said:

That is not a very sound argument at all while it is true common sense can save you most of the time even the most experienced user can make a misjudgment if the attack vector is presented in a certain way  and it does not mean we shouldn't do our best to analyze detect block or remove such a threat  

In the article, BleepingComputer mentioned "  Thankfully, removing the malware distributed by the Crunchyroll hack is fairly easy. The only issue is that this malware is not currently detected by many security vendors, so we will need to perform manual removal steps. " So yes, this is consider to be a zero day malware, and signature based antivirus like Avira or Windows Defender or Malwarebytes Anti Malware will let it go through easily unless Smartscreen can react fast enough to alert the user. If Crunchyroll did have a windows application, then they should mentioned it on their site and user have to manually download it. But in this case, it automatically download without user consent than this have to be a malicious behavior.  I do also agreed with you that by now we should analyze it, but what about first time discovered on the internet? 

I also forgot to mentioned, that Crunchyroll confirmed the app itself is not infected. 

 

 

 

 

 

Share this post


Link to post
Share on other sites

Yes well all I am wishing for is that someone can  can provide a sample of this do it can be analyzed and EAM can block and or removed so manual removal is not necessary being that this seems to be "new" it seems all the more important  this sees armature right now  but BC gave credit to a security researcher whose own blog seems to hit that in may contain a key logger and second payload   so it would be great if someone could look into this that would be great this may have been a test run for something larger and im a subscriber myself so i do worry 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.