motox781

Level 9
Verified
I receive this message about twice a day. Cloudberry looks legit, but can't figure out why this notification is popping up. I don't have cloudberry installed.

I tried to search C: and the registry for "cloudberry", nothing came up.

What do you think? False positive? If so, why would Bitdefender be detecting something that isn't installed on my PC?

bitdefender.png
 

Umbra

Level 26
Verified
@motox781 seems to be remote attack made from the website (maybe it was compromised or it is malicious) possibly via your browser, not something on your system. So the connection was severed to prevent it (probably via BD firewall). But this is normally aimed to servers, not home user personal computers.
 

motox781

Level 9
Verified
@motox781 seems to be remote attack made from the website (maybe it was compromised or it is malicious) possibly via your browser, not something on your system. So the connection was severed to prevent it (probably via BD firewall). But this is normally aimed to servers, not home user personal computers.
I assumed maybe it is an application on my PC that is connecting in someway to Cloudberry. I am using Edge Chromium as my main browser.

I've played with a couple AVs recently (Norton and Kaspersky). None of them have giving such messages. I'm kinda stumped on why this alert is happening, not worried though.
 

Umbra

Level 26
Verified
I assumed maybe it is an application on my PC that is connecting in someway to Cloudberry. I am using Edge Chromium as my main browser.
This type of attack is when a attacker connects to a server via his browser (not yours) and using a particular written URL to access restricted/non-public folders (directories) in the said server. it is why i was wondering why you got such alerts, your system is definitely not a server (unless an application you have installed behave like a server).

I've played with a couple AVs recently (Norton and Kaspersky). None of them have giving such messages. I'm kinda stumped on why this alert is happening, not worried though.
Reason i don't like suites, lot of fancy features which confuse the users...
 

motox781

Level 9
Verified
Update: As expected, support via Bitdefender was subpar. Support sent me to the malware analysis team, which I followed through. But the questions asked in the form fields, seem related directly to malware found, not questions pertaining to issues ,in general, such as mine....so I expect the same subpar support.
 

Attachments

motox781

Level 9
Verified
Update 2: I did a little digging and believe the issue could be related to Sticky Password. An IP they call home to. I replicated this on 2 different PCs. Message happens when I install and use Sticky (randomly). I contacted their support to see if they've ever run across this.

I'm just curious more than anything. Testing Bitdefender ATM. ;)

P.S. The error in the image shows me trying to manually connect (via MS Edge Chromium) to that IP associated with Sticky Password. I received that blocked message.
 

Attachments

Last edited: