Home >> Support Board

Support Board

Date/Time: Wed, 24 Apr 2024 13:16:58 +0000

How to Post a Message for Support

[Locked] - malware infection detected in 2 dll files in Sierra

View Count: 1128

[2018-01-05 02:49:02] #1 [Go To First Post]
User836939 - Posts: 2
Hi Support, I discovered two dll files in the latest version of Sierra (1681) have been infected by malware as of January 4th, 2018: 1) sierrachartstudies.dll 2) usercontributedstudies.dll (inside the /Data/ folder) Both files have been infected by Gen:Variant.Ursu.50117 (B), as detected by Emsisoft Anti-Malware installed in my PC. Please see attached JPG for proof. As well, I tried downloading and scanning all zipped installation files from this page: http://www.sierrachart.com/index.php?page=doc/SCZipInstallerList.php, and found all files on the page have been infected (from version 1676 to 1681). The latest installer-software-downloaded Sierra (v1681) has also been infected. Both dll files were automatically quarantined by my anti-malware software once discovered and now Sierra does not show any of the studies I have put on the chart :( Please kindly advise when the files have been cleaned, and consider investing in better anti-malware protection for the future. Thanks.


Sierra Malware2.JPG / V - Attached On 2018-01-05 02:48:28 UTC - Size: 103.77 KB - 353 views

[2018-01-05 04:04:56] #2 [Go To First Post]
Sierra Chart Engineering - Posts: 104368
These are false positives. Hopefully you really do not believe there is a problem like this. The malware type that it is detecting is a general pattern. It is nonspecific. Never in the history of this operation has malware ever been released nor will it ever. Refer to the information here which includes instructions on what you need to do: Software Download: Antivirus/Anti-malware Software Flagging Sierra Chart Installer or other Files as Unsafe/Infected Sierra Chart Support - Engineering Level Your definitive source for support. Other responses are from users. Try to keep your questions brief and to the point. Be aware of support policy: https://www.sierrachart.com/index.php?l=PostingInformation.php#GeneralInformation For the most reliable, advanced, and zero cost futures order routing, change to the Teton service: Sierra Chart Teton Futures Order Routing Date Time Of Last Edit: 2018-01-06 00:29:31

[2018-01-05 04:32:05] #3 [Go To First Post]
User836939 - Posts: 2
I appreciate your prompt response and virustotal data. And to clarify I was not trying to accuse your company of releasing/spreading malware intentionally. When I shared the finding, I was trying to alert you guys to an external risk. So please do not be overly defensive. On a pragmatic note, I would rather wait for Emsisoft to confirm it is indeed a false positive, simply because that's what they do and you guys' expertise is not in info security or malware prevention. By the way, which anti-malware software do you use on your computers? Just wondering why you guys are so confident that such a widely used platform would not be targeted by hackers to plant malwares into your program? Even well-funded well-managed large companies have been hacked. Not trying to start a debate though. Was just hoping that you would take the opportunity to review your information security policy and anti-malware software to see if there's any ground for improvement.

[2018-01-05 23:08:39] #4 [Go To First Post]
Sierra Chart Engineering - Posts: 104368
Even well-funded well-managed large companies have been hacked. That is the problem. When companies get too big, they become more vulnerable. We are not vulnerable to this kind of issue. Sierra Chart Support - Engineering Level Your definitive source for support. Other responses are from users. Try to keep your questions brief and to the point. Be aware of support policy: https://www.sierrachart.com/index.php?l=PostingInformation.php#GeneralInformation For the most reliable, advanced, and zero cost futures order routing, change to the Teton service: Sierra Chart Teton Futures Order Routing Date Time Of Last Edit: 2018-01-05 23:09:06

[2018-01-06 00:16:10] #5 [Go To First Post]
Sierra Chart Engineering - Posts: 104368
Overly defensive? You made this statement: Please kindly advise when the files have been cleaned, and consider investing in better anti-malware protection for the future. We are not overly defensive, we are only communicating the facts. Sierra Chart Support - Engineering Level Your definitive source for support. Other responses are from users. Try to keep your questions brief and to the point. Be aware of support policy: https://www.sierrachart.com/index.php?l=PostingInformation.php#GeneralInformation For the most reliable, advanced, and zero cost futures order routing, change to the Teton service: Sierra Chart Teton Futures Order Routing

To post a message in this thread, you need to log in with your Sierra Chart account: