Potential Database Breach

[Iamimpossibru]

In response to post #31569000. #31569880, #31571725 are all replies on the same post.

xraybravoxray wrote: Windows defender has caught 3 Trojans since Thanksgiving, all from Nexus. Could it be all the adds? They all seem to target my browser. Virus scans after download have not caught anything. Only catching when looking a the site.

Psijonica wrote: which mods?

GenericFallout wrote: There are a few browser-high-jackers in the banner ads once in a while. It might be them?

Adblock is a must have!

[KingArkon]

I'm sure the Nexus site has to prioritize its expenditure based on whats deemed most beneficial for the community. No matter how much money is put into security, nothing is ever 100% secure. I'm sure you tried your best, so no trust has been broken. Thanks for the update.

[Iamimpossibru]

And this is the precise reason why you should ALWAYS learn to manually alter files. Preaching NMM for convenience is bad practice. That is what leads to end user breaches, and complete disregard for web safety. I've encountered far too many mod authors and users alike pushing the miracles of NMM. No, just no. Learn to computer, or get off of one.

[ameezeez]

In response to post #31569000. #31569880, #31571725, #31573255 are all replies on the same post.

xraybravoxray wrote: Windows defender has caught 3 Trojans since Thanksgiving, all from Nexus. Could it be all the adds? They all seem to target my browser. Virus scans after download have not caught anything. Only catching when looking a the site.

Psijonica wrote: which mods?

GenericFallout wrote: There are a few browser-high-jackers in the banner ads once in a while. It might be them?

Iamimpossibru wrote: Adblock is a must have!

Don't use adblock, it's unreliable for preventing hijacks in the banner ads. use your HOST file instead (Windows users).

[piotrmil]

In response to post #31558720. #31559325 is also a reply to the same post.

piotrmil wrote: Well, I never had trust in you to begin with, so nothing has been lost.

sydney666 wrote: Geez, do you really have to be an ass?

Yes, I really have to tell the truth.

[ZedLeppelin]

In response to post #31573045.

Dark0ne wrote: The three files affected were:

- Higher Settlement Budget (downloads from 5th December)
- Rename Dogmeat (downloads from 4th December)
- BetterBuild (downloads from 29th November)

OP updated to include that information.

Thank you for that info! I'm happy to say I downloaded/installed none of those 3 mods. I changed my Nexus p/w regardless, just to be safe.

[Hickory]

In response to post #31573045. #31573920 is also a reply to the same post.

Dark0ne wrote: The three files affected were:

- Higher Settlement Budget (downloads from 5th December)
- Rename Dogmeat (downloads from 4th December)
- BetterBuild (downloads from 29th November)

OP updated to include that information.

ZedLeppelin wrote: Thank you for that info! I'm happy to say I downloaded/installed none of those 3 mods. I changed my Nexus p/w regardless, just to be safe.

That dsound.dll file should be sent away to all AV companies that participate in Virus Total for manual investigation. Relying on existing heuristics is not doing anybody any good, especially since these files are extremely suspect to begin with and have not been tagged by the scans.

[piotrmil]

In response to post #31569000. #31569880, #31571725, #31573255, #31573815 are all replies on the same post.

xraybravoxray wrote: Windows defender has caught 3 Trojans since Thanksgiving, all from Nexus. Could it be all the adds? They all seem to target my browser. Virus scans after download have not caught anything. Only catching when looking a the site.

Psijonica wrote: which mods?

GenericFallout wrote: There are a few browser-high-jackers in the banner ads once in a while. It might be them?

Iamimpossibru wrote: Adblock is a must have!

ameezeez wrote: Don't use adblock, it's unreliable for preventing hijacks in the banner ads. use your HOST file instead (Windows users).

>Don't use adblock, it's unreliable for preventing hijacks in the banner ads. use your HOST file instead (Windows users).

heh, use BOTH. Modify the host file to get rid of any connection to those pesky sites, and Adblock to block various different ads and web parts.

[Dusseldorf]

I've been getting a lot of invasive redirects from this site that tries to install malware on my computer. I have a feeling that they are related to the ads. For this reason I have re-enabled adblock on this site. I appreciate that you guys are upfront with us and I had adblock disabled here because I truly want to support this site. However you should really be more discriminatory with regards to who you let advertise on your site. Especially when it can affect your users in a negative way.

[EmeraldShadow]

In response to post #31573580.

Iamimpossibru wrote: And this is the precise reason why you should ALWAYS learn to manually alter files. Preaching NMM for convenience is bad practice. That is what leads to end user breaches, and complete disregard for web safety. I've encountered far too many mod authors and users alike pushing the miracles of NMM. No, just no. Learn to computer, or get off of one.

Not exactly. Manually installing mods is a massive pain and becomes impossible when you get large mod lists. The answer is mod organizer, it has a "manual" install option which shows what files are being installed, and thankfully all files are kept separate from not only the skyrim folder but also each other, so you can drag and drop different installation-orders separately. I always check what's going into my game when using MO, so I would have caught this.