The Perils of CRIMPing

Posted by Ken
Jun 6, 2015 at 05:20 AM

Advance apologies for the partial rant, but I thought I would share the following CRIMP related story for your amusement and as a possible warning. As you may recall, I have not been happy with my task management software of late, Asana, and have again been looking for a possible program to use at work. I am again heading into a very busy period of work and the trial of Todoist was just not fully cutting it as a replacement for Asana. I decided to look at some other possible alternatives, including some software that I had previously considered, and was doing a bit of research on the web about some previous possible contenders that we had discussed here in prior posts. My research included a look at MyInfo again, including a quick look at what kind of files were available for download. While I clicked the download link to see the file type, which happened to be an EXE file, I cancelled the download when prompted because we are not permitted to download files at work. I also revisited AllMyNotes, of which a no-install portable copy was on my machine from a previous trial. Upon opening the application, I was greeted with a screen telling me that my trial had ended, and offering me several options for continuing. I decided not to take any action other than to close the application.

I then resumed working and had a large number of email messages open while I was trying to track the latest version of a number of documents that had been circulating among a number of parties. I was also engaged in a somewhat intense phone conversation when one of our department’s IT staff approached my cubicle and was standing there staring at me. I waved him off as I was at a very critical point in my phone call when he started shaking his head at me. I abruptly, and apologetically, ended the conversation only to be told that the main IT department had been detecting traffic from my machine to servers in Germany and elsewhere in eastern Europe, and that they had detected what appeared to be the Angler exploit. I was told that my machine had to be immediately unplugged from the network, and that my hard drive was to be “flattened” and a new image would be installed.

With only a minute to see what was on my C: drive, my machine was then immediately removed right in the middle of work. Now, I cannot say what I exactly infected my machine because they were not going to analyze it due to work load issues, but I was not a happy camper to say the least, and I am left to wonder if some server that I may have connected with was infected. I am also not going to say that either of these software sites was the culprit because the infection could have happened from almost anywhere, but I will say that I am probably going to stick with web-based applications at work from now on to avoid this kind of fiasco. Needless to say, it was a very frustrating day, and I am no closer to finding some software that I find up to the job. I would say the search continues, but I will be spending a large amount of time trying to rebuild my new computer next week, just as I had to do when they gave me a loaner today. No good deed goes unpunished in trying to be a more productive worker. End of rant.

—Ken