Top

Troubleshooting

See more

Design Space for Desktop: Blank White Screen - Potential Malware Issue

 

There are a few things to check if you receive a blank white screen when you launch Design Space for Desktop.  

Version

Most older Design Space for Desktop versions are no longer supported, and you may experience a blank white screen when you launch the application if your version is outdated.

If your current version is giving you a blank white screen or "Design Space Didn't Load" error, uninstall Design Space for Desktop, then reinstall the latest version from design.cricut.com

If this does not help, see the information below. 

 

Malware

Cricut has detected an issue related to malware that is affecting Design Space for Desktop on some computers. Due to Cricut security measures, presence of this malware causes a blank white screen, "Design Space didn't load" error message or "machine families not loaded" error message in Design Space for Desktop. The issue remains unresolved, regardless of troubleshooting. 

 

Here is what we discovered:

On affected computers, all HTTPS traffic has been subject to MITM (man-in-the-middle) attack, and each website had a fake certificate "Go Proxy untrusted MITM proxy INC".

To verify this on your Mac computer: 

  1. Open Safari and navigate to www.google.com.

  2. Click on the padlock icon. 

    1.png

  3. The following window will open. Select Show Certificate.

    2_show_certificate.png

  4. If you see the information below, you are experiencing this issue.

    mceclip0.png

  5. We found a malicious self-signed root certificate authority called "Apple" which is being trusted by the system. A list of certificates can be found in Keychain Access > Systems.

    To open your computer's Keychain Access, press the following keys: Command+Space. Then search Keychain Access. Once Keychain Access is open, select System to view the list of certificates and see if the malicious self-signed certificate is listed.  

    5_malicious_self-signed_certificate_authority.png

If so, we suspect that there is possible malware. 

Computers with this certificate have been compromised, and it is possible that all network traffic has been captured by the malicious third-party certificate, along with any entered passwords.  

We encourage affected users to contact Apple Support for further investigation and assistance. 

To verify this on your Windows computer:

These steps may vary depending on the browser you are using. The Firefox brower is used in the walk-through below. 

  1. Open a browser and navigate to www.google.com.

Note: You cannot check a certificate on a new tab. You must first navigate to a website, such as Google.com.

  1. Select the lock symbol in the search bar. Some browsers will then give you the option to check or view certificate, but in Firefox, first select Connection secure.

    FFsCertGoogle.png

  2. Select More information

    FFsCertSecure.png

Tip: If using Microsoft Edge, select the certificate icon in the top right.

2022-10-19_07-10-26.png

  1. A new window will appear (in Firefox). Select View Certificate.

    FFsCertMoreInfo.png

  2. A new window showing you full certificate information will appear. The image below shows how Google should read on any browser. If any other organization is listed, particularly GoProxy, you may be subject to a MITM attack and should contact an IT professional for further investigation and assistance.

    FFsCertFinal.png

Related articles