Advice Request Bitdefender exploit notification?

Please provide comments and solutions that are helpful to the author of this topic.
motox781

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
1,746
869
USA
I receive this message about twice a day. Cloudberry looks legit, but can't figure out why this notification is popping up. I don't have cloudberry installed.

I tried to search C: and the registry for "cloudberry", nothing came up.

What do you think? False positive? If so, why would Bitdefender be detecting something that isn't installed on my PC?

bitdefender.png
 
  • Like
Reactions: Protomartyr, harlan4096, Venustus and 2 others
@motox781 seems to be remote attack made from the website (maybe it was compromised or it is malicious) possibly via your browser, not something on your system. So the connection was severed to prevent it (probably via BD firewall). But this is normally aimed to servers, not home user personal computers.
 
  • Like
Reactions: fabiobr, Venustus, oldschool and 3 others
Umbra said:
@motox781 seems to be remote attack made from the website (maybe it was compromised or it is malicious) possibly via your browser, not something on your system. So the connection was severed to prevent it (probably via BD firewall). But this is normally aimed to servers, not home user personal computers.
Click to expand...

I assumed maybe it is an application on my PC that is connecting in someway to Cloudberry. I am using Edge Chromium as my main browser.

I've played with a couple AVs recently (Norton and Kaspersky). None of them have giving such messages. I'm kinda stumped on why this alert is happening, not worried though.
 
  • Like
Reactions: Venustus, oldschool, harlan4096 and 1 other person
motox781 said:
I assumed maybe it is an application on my PC that is connecting in someway to Cloudberry. I am using Edge Chromium as my main browser.
Click to expand...
This type of attack is when a attacker connects to a server via his browser (not yours) and using a particular written URL to access restricted/non-public folders (directories) in the said server. it is why i was wondering why you got such alerts, your system is definitely not a server (unless an application you have installed behave like a server).

I've played with a couple AVs recently (Norton and Kaspersky). None of them have giving such messages. I'm kinda stumped on why this alert is happening, not worried though.
Click to expand...
Reason i don't like suites, lot of fancy features which confuse the users...
 
  • Like
Reactions: Dex4Sure, Venustus, oldschool and 3 others
Update: As expected, support via Bitdefender was subpar. Support sent me to the malware analysis team, which I followed through. But the questions asked in the form fields, seem related directly to malware found, not questions pertaining to issues ,in general, such as mine....so I expect the same subpar support.
 

Attachments

  • email bit.png
    email bit.png
    28.4 KB · Views: 466
  • Like
  • Wow
Reactions: Venustus, Azure, upnorth and 5 others
Update 2: I did a little digging and believe the issue could be related to Sticky Password. An IP they call home to. I replicated this on 2 different PCs. Message happens when I install and use Sticky (randomly). I contacted their support to see if they've ever run across this.

I'm just curious more than anything. Testing Bitdefender ATM. ;)

P.S. The error in the image shows me trying to manually connect (via MS Edge Chromium) to that IP associated with Sticky Password. I received that blocked message.
 

Attachments

  • IP block.png
    IP block.png
    44.4 KB · Views: 537
Last edited:
  • Like
Reactions: Venustus, harlan4096, Protomartyr and 1 other person

You may also like...