First  Prev  1  2  Next  Last
Post Reply Crunchyroll Viewer?
75489 cr points
Send Message: Send PM GB Post
28 / M / canada
Offline
Posted 11/8/17 , edited 11/8/17
I can't seem to get crunchyviewer to work, I didn't used to have to install anything to watch stuff on crunchyroll. Is it because I linked my Apple TV with my account? When I double click and try to install it, it just goes away after installation? I can still watch anime but what is it for exactly?
Guest Pass Litter Moderator
121166 cr points
Send Message: Send PM GB Post
F / Boston-ish
Offline
Posted 11/8/17 , edited 11/8/17

rizelmine17 wrote:

I can't seem to get crunchyviewer to work, I didn't used to have to install anything to watch stuff on crunchyroll. Is it because I linked my Apple TV with my account? When I double click and try to install it, it just goes away after installation? I can still watch anime but what is it for exactly?


If this is something you downloaded on Saturday, then unfortunately you were victim of a malicious attack when someone, who was not Crunchyroll, caused a redirection of www.crunchyroll.com to a site that was not Crunchyroll, where a "CrunchyViewer" executable file was made available for download. It is not an actual viewer of any sort.That file, if installed, will, apparently result in all your files becoming encrypted and unaccessible. You should run an antivirus program on your computer right away, and not reboot your computer until you've got rid of the infection.

Here's official info from Crunchyroll's parent company, Ellation, that explains what happened and what your next steps should be.

https://blog.ellation.com/crunchyroll-com-update-a2a593cf9155

If you browse the Help forums here, especially if you look back to threads created on Saturday and Sunday, you'll see several threads regarding this event, and some of them may contain some additional useful information.

55194 cr points
Send Message: Send PM GB Post
62 / M / Earth
Offline
Posted 11/8/17 , edited 11/8/17
Hate to be the one to break it to you, but you just installed a virus/malware. Do not boot. Immediately install malwarebytes and run a full scan: https://www.malwarebytes.com/ Also read this:

https://blog.ellation.com/crunchyroll-com-update-a2a593cf9155
Cenric 
12729 cr points
Send Message: Send PM GB Post
Offline
Posted 11/8/17 , edited 11/8/17
Considering he's still here unaware of this and says it keeps disappearing, changes are he's either not running Windows or some anti-malware or similar is blocking it and he just hasn't noticed. If not, then what the people above said.
75489 cr points
Send Message: Send PM GB Post
28 / M / canada
Offline
Posted 11/8/17 , edited 11/8/17
Holy crap, wtf. Thank god I'm running a Mac but I guess I should run the Malwarebytes on my parallels machine... How did such a thing happen? This is so stupid.
75489 cr points
Send Message: Send PM GB Post
28 / M / canada
Offline
Posted 11/8/17 , edited 11/8/17
I'm getting really pissed off, how the hell would I have known about this? There is no site news or any type of news on the site about it. Why the hell should I have to go to a sub forum, open up a topic and embarrass myself to learn that I just got victimized by a site I used to trust?
Guest Pass Litter Moderator
121166 cr points
Send Message: Send PM GB Post
F / Boston-ish
Offline
Posted 11/8/17 , edited 12/3/17

rizelmine17 wrote:

I'm getting really pissed off, how the hell would I have known about this? There is no site news or any type of news on the site about it. Why the hell should I have to go to a sub forum, open up a topic and embarrass myself to learn that I just got victimized by a site I used to trust?


For a couple of days they did have a short message and link to that Ellation blog article in that blue notificaiton banner that usually advertises anime shows and store deals, but I agree that it wasn't was very prominently announced on the site aside from that little blue banner. They did, however, announce it on Twitter, and there were several items regarding it on Reddit, plus an AnimeNewsNetwork article. Maybe other places, but unless you frequent those places, or already suspected a problem and did a google search about it, you probably wouldn't have seen them.
109503 cr points
Send Message: Send PM GB Post
58 / M / U.S.A. (mid-south)
Online
Posted 11/8/17 , edited 11/9/17

rizelmine17 wrote:

I'm getting really pissed off, how the hell would I have known about this?

Frankly, the text on the bottom of that page should have given you a clue something was amiss (emphasis added):

Stream your favorites animes in full 4k HD from anywhere! Supports lasts crunchyroll features, inbuilt microtransactions management. Get your FREE trial now!

75489 cr points
Send Message: Send PM GB Post
28 / M / canada
Offline
Posted 11/9/17 , edited 11/9/17
You're right, forgive me for trusting to go to a website that I have given my credit card information to to not have HTTPS and allow a malicious redirect that made me become a victim of a malware attack. I can be blamed for not noticing the clues, but my 10 year old daughter? I'm really sick to my stomach right now. And I hope you aren't defending Crunchyroll for this.
55194 cr points
Send Message: Send PM GB Post
62 / M / Earth
Offline
Posted 11/9/17 , edited 11/10/17
It is on display on the front page now. Don't know when they put this up though, because I hardly ever visit there.



74002 cr points
Send Message: Send PM GB Post
35 / M / Seattle
Online
Posted 11/9/17 , edited 11/10/17
Yeah, it was a virus and as much as I would like to have my anime in 4K, it just isn't widespread yet. Anyway, that was a virus that redirected the home page to the malware site, and the fact that it automatically downloaded just screams virus. It's a good thing I use a Mac for Crunchyroll streaming, so my machine couldn't get infected by it.
109503 cr points
Send Message: Send PM GB Post
58 / M / U.S.A. (mid-south)
Online
Posted 11/10/17 , edited 11/10/17

rizelmine17 wrote:

I can be blamed for not noticing the clues, but my 10 year old daughter? I'm really sick to my stomach right now. And I hope you aren't defending Crunchyroll for this.

Anyone that was a victim of this and simply complains about what CR should do in response to this attack and doesn't also examine what they could have done better is very likely going to end up "internet roadkill" on the information superhighway again at some point.

For example, if you haven't taught your 10 year old daughter not to run files downloaded from the internet, why is she apparently using a Windows computer running under an administrator account instead of having her own standard user account?


Before anyone claims I'm blaming the victim, look in the mirror. Don't forget CR was also the victim of this hack. If it is right for their actions to be critiqued (and I don't see a problem with that), why not your own?

If someone gets T-boned at an intersection by someone running a red light, that doesn't mean the that if the person who got hit just barreled through the green light without even glancing at oncoming lanes of the intersecting street could have possibly avoided getting hit.
75489 cr points
Send Message: Send PM GB Post
28 / M / canada
Offline
Posted 11/10/17 , edited 11/10/17

TheAncientOne wrote:


rizelmine17 wrote:

I can be blamed for not noticing the clues, but my 10 year old daughter? I'm really sick to my stomach right now. And I hope you aren't defending Crunchyroll for this.

Anyone that was a victim of this and simply complains about what CR should do in response to this attack and doesn't also examine what they could have done better is very likely going to end up "internet roadkill" on the information superhighway again at some point.

For example, if you haven't taught your 10 year old daughter not to run files downloaded from the internet, why is she apparently using a Windows computer running under an administrator account instead of having her own standard user account?


Before anyone claims I'm blaming the victim, look in the mirror. Don't forget CR was also the victim of this hack. If it is right for their actions to be critiqued (and I don't see a problem with that), why not your own?

If someone gets T-boned at an intersection by someone running a red light, that doesn't mean the that if the person who got hit just barreled through the green light without even glancing at oncoming lanes of the intersecting street could have possibly avoided getting hit.



The hell sort of logic is that? first of all you are making an analogy of traffic accidents and comparing it to internet security which doesn't make any sense. Second of all, the burden of security of private information and safety when using a product/service should always be on the company. What use is there to blame the victims? Where in this messed up scenario do you see an area that can be improved by saying "well you should have known and done better".

To correct your incoherent analogy of car accidents, this is what what the situation is. You start your car and the onboard system tells you to turn on the radio. You do that and your house locks are replaced and now can only be opened by paying money to criminals. What? should I say "oh man I should have known better to trust the car that I paid money for to not hold my house hostage".

My daughter didn't install the file, I did. I installed it through a virtual machine called parallels which intercepted the malware but didn't give any notifications. It is because I am examining how I could have easily been victimized by crunchyroll's terrible cyber security practices that I am very frustrated now. This shit shouldn't have happened, it happened because Crunchyroll did not make the problem prominent on the website, and followed outdated cyber security practices that can be easily exploited. This caused some users like myself to be attacked by malware without realizing it.
15050 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 11/10/17 , edited 11/10/17

TheAncientOne wrote:
Anyone that was a victim of this and simply complains about what CR should do in response to this attack and doesn't also examine what they could have done better is very likely going to end up "internet roadkill" on the information superhighway again at some point.

For example, if you haven't taught your 10 year old daughter not to run files downloaded from the internet, why is she apparently using a Windows computer running under an administrator account instead of having her own standard user account?


Before anyone claims I'm blaming the victim, look in the mirror. Don't forget CR was also the victim of this hack. If it is right for their actions to be critiqued (and I don't see a problem with that), why not your own?

If someone gets T-boned at an intersection by someone running a red light, that doesn't mean the that if the person who got hit just barreled through the green light without even glancing at oncoming lanes of the intersecting street could have possibly avoided getting hit.


fact 1: the CR viewer announcement looked very convincing


fact 2: Crunchyroll is NOT a shady website. it's one thing to download an executable file from a suspicious website.
it's another thing entirely to download a program advertised by a legit website. it's like blaming people for getting infected after visiting Microsoft.com only to be infected by a virus.

fact 3: Crunchyroll response clearly wasn't enough. They assumed people would just read the announcement from twitter or reddit, which clearly wasn't the case - this thread is proof.

fact 4: thankfully, someone NOT Crunchyroll developed a fix to remove the malware, and it should have been prominently displayed.
instead, it's hidden somewhere on the forums. but it's nice to see CR warning users on the front page...

...nevermind.

109503 cr points
Send Message: Send PM GB Post
58 / M / U.S.A. (mid-south)
Online
Posted 11/10/17 , edited 11/11/17

rizelmine17 wrote:

The hell sort of logic is that? first of all you are making an analogy of traffic accidents and comparing it to internet security which doesn't make any sense.

I'm sorry the analogy was not exacting enough for you to grasp it. The key point is that being aware can help one avoid being a victim. Not being aware doesn't make the other party less guilty, but isn't it better not to be a victim to begin with?


Second of all, the burden of security of private information and safety when using a product/service should always be on the company. What use is there to blame the victims? Where in this messed up scenario do you see an area that can be improved by saying "well you should have known and done better".

Here we disagree. You also completely missed the point the point that CR was also a victim, but you seem to have zero problem blaming them. By continuing to believe that you don't have to take any precautions or should aware, you are just setting yourself up to be a online victim again in the future.




namealreadytaken wrote:

fact 1: the CR viewer announcement looked very convincing

Very convincing? Did you read my message further up the page?


fact 2: Crunchyroll is NOT a shady website. it's one thing to download an executable file from a suspicious website.
it's another thing entirely to download a program advertised by a legit website. it's like blaming people for getting infected after visiting Microsoft.com only to be infected by a virus.

People have gotten malware via legit websites before, either via malicious advertising or even the website itself getting hacked. Being at a legit website is no reason to drop your guard, especially when it asks you to do something it has never asked before. (When had CR ever asked you to download and install an executable, especially via badly worded text)?


First  Prev  1  2  Next  Last
You must be logged in to post.