Advice Request Bitdefender exploit notification?

Please provide comments and solutions that are helpful to the author of this topic.

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
I receive this message about twice a day. Cloudberry looks legit, but can't figure out why this notification is popping up. I don't have cloudberry installed.

I tried to search C: and the registry for "cloudberry", nothing came up.

What do you think? False positive? If so, why would Bitdefender be detecting something that isn't installed on my PC?

bitdefender.png
 
F

ForgottenSeer 823865

@motox781 seems to be remote attack made from the website (maybe it was compromised or it is malicious) possibly via your browser, not something on your system. So the connection was severed to prevent it (probably via BD firewall). But this is normally aimed to servers, not home user personal computers.
 

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
@motox781 seems to be remote attack made from the website (maybe it was compromised or it is malicious) possibly via your browser, not something on your system. So the connection was severed to prevent it (probably via BD firewall). But this is normally aimed to servers, not home user personal computers.

I assumed maybe it is an application on my PC that is connecting in someway to Cloudberry. I am using Edge Chromium as my main browser.

I've played with a couple AVs recently (Norton and Kaspersky). None of them have giving such messages. I'm kinda stumped on why this alert is happening, not worried though.
 
F

ForgottenSeer 823865

I assumed maybe it is an application on my PC that is connecting in someway to Cloudberry. I am using Edge Chromium as my main browser.
This type of attack is when a attacker connects to a server via his browser (not yours) and using a particular written URL to access restricted/non-public folders (directories) in the said server. it is why i was wondering why you got such alerts, your system is definitely not a server (unless an application you have installed behave like a server).

I've played with a couple AVs recently (Norton and Kaspersky). None of them have giving such messages. I'm kinda stumped on why this alert is happening, not worried though.
Reason i don't like suites, lot of fancy features which confuse the users...
 

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
Update: As expected, support via Bitdefender was subpar. Support sent me to the malware analysis team, which I followed through. But the questions asked in the form fields, seem related directly to malware found, not questions pertaining to issues ,in general, such as mine....so I expect the same subpar support.
 

Attachments

  • email bit.png
    email bit.png
    28.4 KB · Views: 361

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
Update 2: I did a little digging and believe the issue could be related to Sticky Password. An IP they call home to. I replicated this on 2 different PCs. Message happens when I install and use Sticky (randomly). I contacted their support to see if they've ever run across this.

I'm just curious more than anything. Testing Bitdefender ATM. ;)

P.S. The error in the image shows me trying to manually connect (via MS Edge Chromium) to that IP associated with Sticky Password. I received that blocked message.
 

Attachments

  • IP block.png
    IP block.png
    44.4 KB · Views: 420
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top