Potential Database Breach

[Tyerial12]

In response to post #31558720. #31559325, #31573900 are all replies on the same post.

piotrmil wrote: Well, I never had trust in you to begin with, so nothing has been lost.

sydney666 wrote: Geez, do you really have to be an ass?

piotrmil wrote: Yes, I really have to tell the truth.

well we dont trust you so nothing lost when you leave .. see ya

[Hoamaii]

Thanks Dark0ne - I wish all websites would have your attitude and honesty, actually it makes me trust the Nexus even more.

 

That being said, I agree that we should all encourage users to download files manually and check what's in the .zip folder before installing anything with NMM. Not just because of hackers which does remain a VERY rare threat on Nexus, but mostly so they can try and understand what they're doing to their games - it's usually pretty simple to understand.

 

Just in case, I quickly checked all my mods to make sure that their files were still intact (I haven't uploaded anything in quite a while but you never know) and I followed your advice and changed my passwords - I was thinking perhaps other modders who are still around could do the same.

 

 

[spidermandala]

In response to post #31573045. #31573920, #31573935 are all replies on the same post.

Dark0ne wrote: The three files affected were:

- Higher Settlement Budget (downloads from 5th December)
- Rename Dogmeat (downloads from 4th December)
- BetterBuild (downloads from 29th November)

OP updated to include that information.

ZedLeppelin wrote: Thank you for that info! I'm happy to say I downloaded/installed none of those 3 mods. I changed my Nexus p/w regardless, just to be safe.

Hickory wrote: That dsound.dll file should be sent away to all AV companies that participate in Virus Total for manual investigation. Relying on existing heuristics is not doing anybody any good, especially since these files are extremely suspect to begin with and have not been tagged by the scans.

Thanks so much for giving us the heads up Dark0ne, I too luckily didn't pick any of these up but Ill be double vigilant now.

[RaverWolfe]

In response to post #31573045. #31573920, #31573935, #31575350 are all replies on the same post.

Dark0ne wrote: The three files affected were:

- Higher Settlement Budget (downloads from 5th December)
- Rename Dogmeat (downloads from 4th December)
- BetterBuild (downloads from 29th November)

OP updated to include that information.

ZedLeppelin wrote: Thank you for that info! I'm happy to say I downloaded/installed none of those 3 mods. I changed my Nexus p/w regardless, just to be safe.

Hickory wrote: That dsound.dll file should be sent away to all AV companies that participate in Virus Total for manual investigation. Relying on existing heuristics is not doing anybody any good, especially since these files are extremely suspect to begin with and have not been tagged by the scans.

spidermandala wrote: Thanks so much for giving us the heads up Dark0ne, I too luckily didn't pick any of these up but Ill be double vigilant now.

I actually downloaded the Rename Dogmeat one, I'll change all my s#*! asap just incase.

[soulgamers]

Yay! I'm back with my new New password. for one minute there I almost forgot it. :huh: . . :woot:

 

do you think I should do another one.?

Edited December 6, 2015 by soulgamers

[morachi]

In response to post #31573580. #31574375 is also a reply to the same post.

Iamimpossibru wrote: And this is the precise reason why you should ALWAYS learn to manually alter files. Preaching NMM for convenience is bad practice. That is what leads to end user breaches, and complete disregard for web safety. I've encountered far too many mod authors and users alike pushing the miracles of NMM. No, just no. Learn to computer, or get off of one.

EmeraldShadow wrote: Not exactly. Manually installing mods is a massive pain and becomes impossible when you get large mod lists. The answer is mod organizer, it has a "manual" install option which shows what files are being installed, and thankfully all files are kept separate from not only the skyrim folder but also each other, so you can drag and drop different installation-orders separately. I always check what's going into my game when using MO, so I would have caught this.

I'm sorry but no. I do this for a living and what you're saying is a fallacy.

NMM is just a utility that automates a cumbersome and often complex set of moves and edits any which a mistake can cause the mod if not the program not to work.

Following your logic we'd no longer use Group Policy to set user environments, we wouldn't use patch management to manage security updates or hell we wouldn't use anti-virus we would instead sift through the files one by one looking for vulnerabilities.

I got news for you. Knowing how to mod isn't even remotely "learn to computer" and your thinking it is reminds me of folks who think knowing how to Facebook is somehow equivalent of being an IT professional...

[ShenGuardian]

In response to post #31558720. #31559325, #31573900, #31574430 are all replies on the same post.

piotrmil wrote: Well, I never had trust in you to begin with, so nothing has been lost.

sydney666 wrote: Geez, do you really have to be an ass?

piotrmil wrote: Yes, I really have to tell the truth.

Tyerial12 wrote: well we dont trust you so nothing lost when you leave .. see ya

Are you that bored with life that you have to post intentionally inflammatory posts to entertain yourself?

I swear, for every considerate human being that uses any kind of social outlet online, there is a substantially larger group that (VERY unfortunately) adds to your ranks... sickening.

[ShenGuardian]

In response to post #31558720. #31559325, #31573900, #31574430, #31575890 are all replies on the same post.

piotrmil wrote: Well, I never had trust in you to begin with, so nothing has been lost.

sydney666 wrote: Geez, do you really have to be an ass?

piotrmil wrote: Yes, I really have to tell the truth.

Tyerial12 wrote: well we dont trust you so nothing lost when you leave .. see ya

ShenGuardian wrote: Are you that bored with life that you have to post intentionally inflammatory posts to entertain yourself?

I swear, for every considerate human being that uses any kind of social outlet online, there is a substantially larger group that (VERY unfortunately) adds to your ranks... sickening.

Feel free to reply as I'm sure you feel you must, but be sure, it will not be read by myself, I've not the time for such foolishness.

[soulgamers]

In response to post #31573580. #31574375, #31575725 are all replies on the same post.

Iamimpossibru wrote: And this is the precise reason why you should ALWAYS learn to manually alter files. Preaching NMM for convenience is bad practice. That is what leads to end user breaches, and complete disregard for web safety. I've encountered far too many mod authors and users alike pushing the miracles of NMM. No, just no. Learn to computer, or get off of one.

EmeraldShadow wrote: Not exactly. Manually installing mods is a massive pain and becomes impossible when you get large mod lists. The answer is mod organizer, it has a "manual" install option which shows what files are being installed, and thankfully all files are kept separate from not only the skyrim folder but also each other, so you can drag and drop different installation-orders separately. I always check what's going into my game when using MO, so I would have caught this.

morachi wrote: I'm sorry but no. I do this for a living and what you're saying is a fallacy.

NMM is just a utility that automates a cumbersome and often complex set of moves and edits any which a mistake can cause the mod if not the program not to work.

Following your logic we'd no longer use Group Policy to set user environments, we wouldn't use patch management to manage security updates or hell we wouldn't use anti-virus we would instead sift through the files one by one looking for vulnerabilities.

I got news for you. Knowing how to mod isn't even remotely "learn to computer" and your thinking it is reminds me of folks who think knowing how to Facebook is somehow equivalent of being an IT professional...

I always Manually install my mods. cos I like to know where their going.
I do make a backup of those places first tho.

Yippy! . I'm a IT professional. would you credit that. Edited December 6, 2015 by soulgamers

[Deleted23213994User]

In response to post #31569000. #31569880, #31571725, #31573255, #31573815, #31573980, #31577155 are all replies on the same post.

xraybravoxray wrote: Windows defender has caught 3 Trojans since Thanksgiving, all from Nexus. Could it be all the adds? They all seem to target my browser. Virus scans after download have not caught anything. Only catching when looking a the site.

Psijonica wrote: which mods?

GenericFallout wrote: There are a few browser-high-jackers in the banner ads once in a while. It might be them?

Iamimpossibru wrote: Adblock is a must have!

ameezeez wrote: Don't use adblock, it's unreliable for preventing hijacks in the banner ads. use your HOST file instead (Windows users).

piotrmil wrote: >Don't use adblock, it's unreliable for preventing hijacks in the banner ads. use your HOST file instead (Windows users).

heh, use BOTH. Modify the host file to get rid of any connection to those pesky sites, and Adblock to block various different ads and web parts.

Gambit77 wrote: If you really want to surf safely use no-script. Most malvertising injects malware code through javascript. Sure, No-script will usually break vanilla website functionality, but you can restore the functionality that you need and continue blocking everything else by whitelisting javascript from only the sources you trust.

I've got 2 trojans a few days ago. Except Microsoft Security Essentials picked them up. I've only been downloaing off Nexus for a while. Coincidence? Seems like it. Edited December 6, 2015 by Guest