Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
thier was no virus attack on mmorpg.com today, right?
ltlfishie
Member Posts: 93
i had a really rare error all of a sudden after visiting the website. I had my anti-virus on but was still curious. In case your wondering what happened.
- blue screen of death
- tried rebooting
- wouldnt boot
- tried safe mode and it left me at the loading screen for over a half a hour before i boot'd
- finally windows scanned booth my hardrives and did something with a bunch of files
- reloaded the setting and it worked
Im just curious because then when i tried to log on the website i couldnt and last time mmorpg had a hack attack on it they shut it down to remove the threat from their website. I did search the forum and nothing came up but im not sure how else this could have happened
Thx
Fun Fact: Sony Online Entertainments Corporate Office is located on the 10th level of hell in dante's inferno the catholic church censored this part of the book and deemed it to horrible to be written...
Comments
Actually, that is correct. We had a security breach and an AcitveX trojan was linked from our site (not actually hosted here, but a script tag was added to our page that called a source file located in Asia) which led us to shut down the site immediately when it was detected. We have since attempted to correct these issues and are watching the site very closely now to see if we fixed it.
In the mean time, if you run IE do one of 2 things:
1) Run Firefox instead
2) Install the new IE7. When you get the "ActiveX" alert bar, do NOT accept it.
Even with the infection on our site you are safe by following the above steps until we nail this down for good. We won't be sleeping until we are certain we shut these guys down.
- MMORPG.COM Staff -
The dead know only one thing: it is better to be alive.
I've had active X alerts on this website before and it pretty obvious what it is. But anyone with half a brain knows that the first rule of internet security is accept nothing, deny everything.
Oh wow, I actually had no idea this was happening. I noticed it's been running slow and that it went down a couple of times, but I access everything through Firefox on both my home and work computer, so I didn't notice a thing.
Bans a perma, but so are sigs in necro posts.
EAT ME MMORPG.com!
I have been running firefox for a couple of years are you sure it cant be infected by the virus?
Fun Fact: Sony Online Entertainments Corporate Office is located on the 10th level of hell in dante's inferno the catholic church censored this part of the book and deemed it to horrible to be written...
I have been running firefox for a couple of years are you sure it cant be infected by the virus?
Firefox does not support ActiveX, so you are safe with Firefox. Honestly, IE users should just disable ActiveX as it is a pretty venerable thing to have open.
- MMORPG.COM Staff -
The dead know only one thing: it is better to be alive.
thanks so much for the info i love this website and hate to see anything bad happen to it. I really appreciate you answering my question and sorry to hear about the hackers. Have a good night
PS... it must just have been a hard drive error....
Fun Fact: Sony Online Entertainments Corporate Office is located on the 10th level of hell in dante's inferno the catholic church censored this part of the book and deemed it to horrible to be written...
It's probably one of the WoW fanboys retaliating. @OP - I had a trojan on my computer a few days back so I reformatted. I couldn't be happier as my computer runs like a king now.
thanks for the info... this community can be great
! I was expecting to be called a idoit but ive actually gotten some great advice and help thanks so much
Fun Fact: Sony Online Entertainments Corporate Office is located on the 10th level of hell in dante's inferno the catholic church censored this part of the book and deemed it to horrible to be written...
Sounds like something nasty happened with your hard drive and windows had to do a scandisk/file system repair to boot up again. Regardless, I would back up anything important you have on the system at the moment.
Bans a perma, but so are sigs in necro posts.
EAT ME MMORPG.com!
change your game account password ( like wow or eq2), they like to steal your gold!!!
O and firefox FTW!
You can expect a lot more virus attacks if you keep banning people for no fricking reason
Hmm...I think I smell a duplicate account here... Now you can get banned for a real reason.
- MMORPG.COM Staff -
The dead know only one thing: it is better to be alive.
D'oh.
Again doubtful you have the brains to hack a wet paper bag... Just a very ignorant statement to make after a real attack.
-Atziluth-
- Never underestimate the predictability of stupidity.
I admit I'm not a programmer, but is it really that hard to keep people from writing malicious scripts directly onto your server? However I take it you guys are somehow dynamically accepting new code from your advertisers without it undergoing any vetting first.
How about simply not accepting dynamic content from advertisers who are not licensed, bonded and considered reliable? This virus thing is becoming too frequent a problem here I'd say.
More then likely the hack came through these boards... Forums and any sort of medium that lets you input information (posting, updating settings... etc) are notorious for security holes... kinda the nature of the beast. If it is anything like what has hit several web hosts it would even be hard to notice once they added the link. Do a google search on iframe exploit... more then likely this was what caused the initial redirect to the activeX script. The trouble is that unless you are hit by the virus chances are you would never notice a difference on the page... A 0 pixel iframe when processed is invisible on the page... only taking a look at the source code would you notice anything wrong. It *usually* appears at the very top of the page and is rather easy to spot once you know what you are looking for. Several large web hosting companies have been hit hard by this issue.
-Atziluth-
- Never underestimate the predictability of stupidity.
More then likely the hack came through these boards... Forums and any sort of medium that lets you input information (posting, updating settings... etc) are notorious for security holes... kinda the nature of the beast. If it is anything like what has hit several web hosts it would even be hard to notice once they added the link. Do a google search on iframe exploit... more then likely this was what caused the initial redirect to the activeX script. The trouble is that unless you are hit by the virus chances are you would never notice a difference on the page... A 0 pixel iframe when processed is invisible on the page... only taking a look at the source code would you notice anything wrong. It *usually* appears at the very top of the page and is rather easy to spot once you know what you are looking for. Several large web hosting companies have been hit hard by this issue.
To add to atziluth's post: back when this last happened here, there was a widespread attack against multiple websites which originated from China? I believe, using the activex attack to steal WoW account details, along with other games. Since Admin said that the attacks are originating in asia, it's a safe bet that it's likely just a repeat of the same attack.
As said above with IE7, a pop-up script will come up asking for your permission to allow the activex script to install. This is why I and many other who use IE7 were not infected. As long as you do not accept any activex controls that you are not absolutely sure of, there will be no problem with these attacks. And in fact, most of you who aren't really sure can just disable activex controls from running in your browser at all. The only hinderence there, is if you tend to play alot of aisin mmorpgs, which require games to be started from a browser page, as these require activex controls to be installed for this. Also, some music/video sites use activex as well, as does Fileplanet for their download launcher.
Main thing is to just familiarize yourself with the tactics used by hackers and the viruses/keyloggers they install. Althoough they continually find new ways to mask them initially ( as far as what they use as a "piggyback" into your system), the actual characteristics and symptoms caused by these rogue programs do not change quite as easily, as once they are in the PC, they are still limited to a very few choices for actual deployment/integration.
That was interesting. Thanks for replying you guys.
I don't really care myself because I disabled Active X in IE within minutes of first installing Windows on my computer. And I use Firefox anyway. But in, what, fifteen or twenty years of browsing the web I've never, ever visited a site that could or did give my computer a virus. So I was just wondering what the heck was going on here at mmorpg.com
I seem to remember last time these guys were going after gaming passwords. But if it's a different keylogger now - say grabbing bank or brokerage account passwords - that could be very serious. So to the guys doing this, I hope you find it all worth the risk. What are prison conditions like in your country? Are the police there pleasant, well meaning fellows?
Could this be related to the 17 cronous joiners and thread starters that keep getting "banned for no reason"?
----ITS A TRAP!!!----
What type of Trojan was it?
I don't know if i selected the Active X control or not but i want to be safe.
Hmm, dunno. Haven't been in the cronous forums in forever.
Edit; I can't even find a cronous section here. Were they posting in general discussion?
if you clicked on a the little yellow bar at the top under your IE browser and selected "Allow", then you got infected. Not sure what the name of the trojan is, as I didn't get infected, but a run-through with a good virus scanner should root it out.
was it trying to disguise as a Microsoft product?
I don't believe so. Most activex controls won't be from MS anyway.
i noticed this morning my computer is slow on boot up. GRRR i'll have to scan it when i get home