System Tray Icon - WHY?

Avatar
  • updated

Yes, I've read this: https://docs.connectwise.com/ScreenConnect_Documentation/Technical_support_bulletins/Frequently-misused_customizations_disabled_and_reset_to_defaults

First, because some features are "frequently misused", none of us legitimate customers can use them? That's pretty harsh and unfair. It's akin to saying, "A very small percentage of people use knives to cut things they shouldn't, so we're removing all of the knives for everyone."


Second, why would ScreenConnect force the system tray icon?  Now we have over a thousand end users that can right-click the system tray icon, open the chat, ask for help, and get mad when they don't get it because there is no way we can staff chat support for 1000+ users.   Please find a way to return these features to us, and at the absolute very least, remove the system tray icon. 

Pinned replies
Avatar
0
Sean White Team Member
  • PINNED
  • Answer

While we recognize that partners have used application icon customization to help distinguish their installations of ScreenConnect, this feature has unfortunately been exploited by malicious actors. In many cases, they either remove the icon entirely or replace it with something that appears harmless or familiar—making it significantly harder for users and IT teams to detect suspicious activity. This reduces visibility into what’s running on a system and increases the risk of compromise.

In real-world scenarios—which I’ve seen more often than I’d like—victims are tricked into installing an agent. The attackers then either hide the tray icon or use one that mimics a trusted brand. For example, if a malicious actor uses an icon from a known MSP, the victim may place blind trust in it, leading to potentially serious consequences.



I hear you about the chat option, and we have couple of options for that:

  • You could disable the message box entirely from the Guest client, but that would have the side effect of not allowing chat at all. To take this approach you can use the advanced configuration editor Advanced Configuration Editor - ConnectWise
  • You can use the Auto Respond to Message - ConnectWise extension and tailor a response
    • Image 1356

Avatar
1
Sean Keown

Here's what we did. Go to automations and create this auto reply.  You can make it say anything you want like... 


i.e - You need to open a helpdesk ticket as the technician is no longer connected. 

Image 1358

Avatar
0
Sean White Team Member
  • PINNED
  • Answer

While we recognize that partners have used application icon customization to help distinguish their installations of ScreenConnect, this feature has unfortunately been exploited by malicious actors. In many cases, they either remove the icon entirely or replace it with something that appears harmless or familiar—making it significantly harder for users and IT teams to detect suspicious activity. This reduces visibility into what’s running on a system and increases the risk of compromise.

In real-world scenarios—which I’ve seen more often than I’d like—victims are tricked into installing an agent. The attackers then either hide the tray icon or use one that mimics a trusted brand. For example, if a malicious actor uses an icon from a known MSP, the victim may place blind trust in it, leading to potentially serious consequences.



I hear you about the chat option, and we have couple of options for that:

  • You could disable the message box entirely from the Guest client, but that would have the side effect of not allowing chat at all. To take this approach you can use the advanced configuration editor Advanced Configuration Editor - ConnectWise
  • You can use the Auto Respond to Message - ConnectWise extension and tailor a response
    • Image 1356

Avatar
0
Digital Dynamics

What's ScreenConnect doing ? Is the messy time over ? I'm going a bit mad over here... cloud version

Avatar
0
hadrien bonnenfant

I really don’t understand this decision... Three weeks ago, I completely redid the logos for ScreenConnect... I’m so disappointed!

Avatar
1
Sean Keown
Quote from hadrien bonnenfant

I really don’t understand this decision... Three weeks ago, I completely redid the logos for ScreenConnect... I’m so disappointed!

A few antivirus vendors have told me that they will continue to flag ScreenConnect as potentially unwanted or malicious unless the developers implement stronger safeguards to prevent misuse.


I'm guessing bad guys are making their screenconnect icons look like Defender and other apps. Consumers and some IT departments I work with wouldn't think twice about those icons. 

Image 1362

Avatar
4
Eric R Waggoner
Quote from Sean White

While we recognize that partners have used application icon customization to help distinguish their installations of ScreenConnect, this feature has unfortunately been exploited by malicious actors. In many cases, they either remove the icon entirely or replace it with something that appears harmless or familiar—making it significantly harder for users and IT teams to detect suspicious activity. This reduces visibility into what’s running on a system and increases the risk of compromise.

In real-world scenarios—which I’ve seen more often than I’d like—victims are tricked into installing an agent. The attackers then either hide the tray icon or use one that mimics a trusted brand. For example, if a malicious actor uses an icon from a known MSP, the victim may place blind trust in it, leading to potentially serious consequences.



I hear you about the chat option, and we have couple of options for that:

  • You could disable the message box entirely from the Guest client, but that would have the side effect of not allowing chat at all. To take this approach you can use the advanced configuration editor Advanced Configuration Editor - ConnectWise
  • You can use the Auto Respond to Message - ConnectWise extension and tailor a response
    • Image 1356

Translation: "While we recognize that we're causing our paying customers huge amounts of grief, we don't want to be bothered with even the most basic of account verification or validation. So we're just going to make it harder to abuse the platform while not making any extra work or expense for us."



Top contributors

Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar
Avatar