Jump to content

Potential Database Breach


Dark0ne

Recommended Posts

I don't see how our user accounts being potentially compromised is a big deal at all for those just downloading mods (obviously different story for those uploading content). However mods being compromised with .dll's that 56 virus scanners haven't picked up is a major issue and it begs the question why you haven't informed us yet about which mods have been compromised. I'm assuming it's popular mods in an effort to infect as many PCs as possible and you are complicit if you know which mods are affected but do not release this information and thereby prevent us from removing these from our PCs (other than getting rid of all mods). Edited by SS88
Link to comment
Share on other sites

  • Replies 365
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

In response to post #31549740. #31549810, #31549880, #31561980 are all replies on the same post.


Jokerine wrote: OH GOD. OH GOD. OKAY, MUST NOT PANIC, MUST NOT PANIC!

http://i.imgur.com/69zS5JG.gif

In all seriousness, thank you for the heads up, Dark0ne! Hope we can get to the bottom of this soon.
Insertnameplz wrote: PANIC PANIC PANIC!!! PANIC IN THE DISCO!
J Allin wrote: Don't panic Captain Mainwaring! Don't panic! Don't panic!! Don't Panic!!!
CreeperLava wrote: Oh, a fellow Stargate ! Hi !


See this is what happens when you host your site on Hillary's private server.
Link to comment
Share on other sites

In response to post #31570530.


SS88 wrote: I don't see how our user accounts being potentially compromised is a big deal at all for those just downloading mods (obviously different story for those uploading content). However mods being compromised with .dll's that 56 virus scanners haven't picked up is a major issue and it begs the question why you haven't informed us yet about which mods have been compromised. I'm assuming it's popular mods in an effort to infect as many PCs as possible and you are complicit if you know which mods are affected but do not release this information and thereby prevent us from removing these from our PCs (other than getting rid of all mods).


The mods in question has been removed from Public View.

As to having already downloaded them, and them infecting your PC; If you had downloaded them, you would quickly spot that something was wrong. The downloaded archive would not contain the mod your were downloading at all. It would only contain a dll, a txt document, and a ".mod" file.

Sitting in an archive, this dll file will be incapable of doing anything to your computer at all.
Link to comment
Share on other sites

 

In response to post #31570530.

 

 

 

SS88 wrote: I don't see how our user accounts being potentially compromised is a big deal at all for those just downloading mods (obviously different story for those uploading content). However mods being compromised with .dll's that 56 virus scanners haven't picked up is a major issue and it begs the question why you haven't informed us yet about which mods have been compromised. I'm assuming it's popular mods in an effort to infect as many PCs as possible and you are complicit if you know which mods are affected but do not release this information and thereby prevent us from removing these from our PCs (other than getting rid of all mods).

The mods in question has been removed from Public View.

 

As to having already downloaded them, and them infecting your PC; If you had downloaded them, you would quickly spot that something was wrong. The downloaded archive would not contain the mod your were downloading at all. It would only contain a dll, a txt document, and a ".mod" file.

 

Sitting in an archive, this dll file will be incapable of doing anything to your computer at all.

 

That seems to only count for manual downloads, not downloading/installing with NMM - when I do that I do not see what actual files are in the archive/mod.

Link to comment
Share on other sites

In response to post #31570090. #31570360 is also a reply to the same post.


TooManyGhouls wrote: So you guys are saying that there's a SPY in this very website?! *dramatic music and camera close-up*
gianperlas wrote: Must be The Institute.


Only a synth would say that
Link to comment
Share on other sites

In response to post #31569000. #31569880 is also a reply to the same post.


xraybravoxray wrote: Windows defender has caught 3 Trojans since Thanksgiving, all from Nexus. Could it be all the adds? They all seem to target my browser. Virus scans after download have not caught anything. Only catching when looking a the site.
Psijonica wrote: which mods?


There are a few browser-high-jackers in the banner ads once in a while. It might be them?
Link to comment
Share on other sites

Hello Dark0ne,

 

Let me first add my thanks to those below for your taking a proactive stance on this troubling issue, and informing your user base;

 

That said, I would like to make a couple of requests/suggestions:

 

1) Like many prior posters, I would think that getting the names of the 3 potentially compromised mods out there would be an absolute priority - have the authors confirm that the currently posted version is "clean" (or re-upload a "clean" version) once they have of course changed their login credentials.

 

2) If possible, perform a contents sweep of all your mods (you could limit to those changed/edited within the last week say to make it less overwhelming)... any mods containing dll's, exes, etc. should be placed on "lock down" until you can verify with the authors in question that they have changed their credentials and that they have posted clean versions.

 

I think those two steps could very much help in getting out in front of this... even if in the end there was not a breach (or a substantial breach anyway), it's nothing that isn't good practice either way.

 

Keep calm and carry on! :)

Edited by zahgrim231
Link to comment
Share on other sites

When Play Station network had a database breach. a few years back. My email account was tampered with. all my emails was moved around. I guess they were looking for on line banking dealings. oh my!..

good job I didn't have any at that time..

SO CHEK TO SEE IF YOUR E-MAILS HAVE BEEN MESSED WITH. :facepalm: not joking.

 

They'll not find any in mine this time too. cos I not got any in there.

Edited by soulgamers
Link to comment
Share on other sites

The three files affected were:

 

- Higher Settlement Budget (downloads from 5th December)

- Rename Dogmeat (downloads from 4th December)

- BetterBuild (downloads from 29th November)

 

OP updated to include that information.

Edited by Dark0ne
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...