Jump to content

Potential Database Breach

Dark0ne

By Dark0ne
in Site Updates

 Share

Recommended Posts

umiluv Newbie

umiluv

Posted
Posted
In response to post #31586835.


Krazeecain wrote: "If you've ever wondered why some sites ask you to have at least 1 number and one "special" character, this is why. It makes passwords a lot harder to crack (and yes, we'll implement these forced requirements soon, too). "

NONONONO! Don't do this. This is a horrible practice and it needs to be eradicated. Using longer passwords made of random unrelated words is much more secure, and much easier for people to remember.

https://xkcd.com/936/

(Did I just cite a webcomic as a source? Yes. Yes I did.)


I believe it's good to have a mix of both. I like to make small phrases using L33T to get the numbers in and add special characters as required. Then you have a phrase that's easy to remember AND you have the number and special character requirement as well.
Link to comment
Share on other sites
  • Replies 365
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

daftshadow Contributor

daftshadow

Posted
Posted
In response to post #31573045. #31573920, #31573935, #31575350, #31575375, #31581750, #31584915, #31585005, #31586510, #31587355, #31590785, #31592405 are all replies on the same post.


Dark0ne wrote: The three files affected were:

- Higher Settlement Budget (downloads from 5th December)
- Rename Dogmeat (downloads from 4th December)
- BetterBuild (downloads from 29th November)

OP updated to include that information.
ZedLeppelin wrote: Thank you for that info! I'm happy to say I downloaded/installed none of those 3 mods. I changed my Nexus p/w regardless, just to be safe.
Hickory wrote: That dsound.dll file should be sent away to all AV companies that participate in Virus Total for manual investigation. Relying on existing heuristics is not doing anybody any good, especially since these files are extremely suspect to begin with and have not been tagged by the scans.
spidermandala wrote: Thanks so much for giving us the heads up Dark0ne, I too luckily didn't pick any of these up but Ill be double vigilant now.
RaverWolfe wrote: I actually downloaded the Rename Dogmeat one, I'll change all my s#*! asap just incase.
adventnova wrote: glad i never downloaded those files.
sydney666 wrote: Thanks for the update...

Any news on synlSDLL.dll? This file and some program triggered my UAC and installed a touchpad service without me having such hardware. I don't know if the program acted as though it was a touchpad and thus my pc needed to install this service or if the actual file was a virus...once I uninstalled everything, no virus was found on my pc.

I have since cleaned my system, but it was a little difficult as the program would not uninstall by normal means aka control panel.

Very odd, but I am glad you are getting this under control.
sonkaro wrote: Lets just hope it is just FO4 mods being affected. Thousands upon thousands could be affected if they touch Skyrim, Oblivion, and many of the other games Nexus hosts.

But alas, only time will tell. Thank you for taking the time to preemptively warn us.
RealmEleven wrote: There is nothing wrong with Higher Settlement Budget. I've been using it without problem ever since I found it (and I've been checking nexus daily since I got my mits on FO4) so I don't think I would have missed any fun and games, if any.

Also, I eyeballed the files inside the archive. Two XML files, two BAT files and a text file. None of these five files show any unnecessary code, much less anything potentially suspicious.

I don't think your database is compromised. If it was, we'd all be getting the same problem from the same mods. One of your informants on this thread mentioned Windows Defender catching malware in the browser but not in the file system. While I haven't had that experience, it's worth pointing out that I'm a premium member so I don't see your ads. Put these three facts together and it's pretty obvious where the potential issue is.

Your site's only as secure as its weakest channel. If you can't vet every single advertisement that gets piped onto your site, before it is allowed to be displayed on your site, then you can't prevent hackers from abusing that channel. After all, the only way launch a driveby off a site without hacking that site's hosting server is to buy or steal advertising space on the advertising channel used by that site. Given the facts, that's the first place I'd look for a problem.

One other thing: Including birthdays as a field in your account database makes your site's accounts a jackpot for identity thieves. In countries like Australia and, I suspect, throughout all the Commonwealth (British Colonies) a date of birth is an all access pass to a person's life, identity and property. One way to make a significant improvement to a site's security is to make a point of excluding all sensitive information like this.

Anyways, I'll shut down cycle my disks for a dead system scan and see if anything interesting pops out of the woodwork. If I find anything, I'll let you know.
jipao wrote: i downloaded the higher settlement mod, and after this warning i already change all my password. what do i do next? should i uninstalled the mod or it already late to do that?
Zaldiir wrote: If the archive contained those files, you downloaded it before it was re-uploaded with the sound.dll file, so you are safe. :)

The specific names of the archives that contain this dll are:
BetterBuild-3002-1-2.zip
Higher Settlement Budget v1.3-818-1-3.zip
Rename Dogmeat-4507-1-0.zip
CatherineMartin wrote: I found dsound.dll in one of my Skyrim mods, not sure what, I just cleaned ALL 50 of them out, and am currently redownloading all of them, and checking them.


Thanks for the list! Good thing I never downloaded these mods. Phew.
Link to comment
Share on other sites
DFiNo Contributor

DFiNo

Posted
Posted
In response to post #31596145.


Ssweetsimplicity wrote: Hm...it turns out that I do have "dsound.dll" but it's been on my computer since long before I even started playing and modding Skyrim...and it claims to be an application extension of DirectX.


yes...it is
Link to comment
Share on other sites
westsidekidd

westsidekidd

Posted
Posted (edited)
In response to post #31558720. #31559325, #31573900, #31574430, #31575890, #31575970, #31579990, #31580480, #31581870, #31584585, #31589515, #31590620 are all replies on the same post.


piotrmil wrote: Well, I never had trust in you to begin with, so nothing has been lost.
sydney666 wrote: Geez, do you really have to be an ass?
piotrmil wrote: Yes, I really have to tell the truth.
Tyerial12 wrote: well we dont trust you so nothing lost when you leave .. see ya
ShenGuardian wrote: Are you that bored with life that you have to post intentionally inflammatory posts to entertain yourself?

I swear, for every considerate human being that uses any kind of social outlet online, there is a substantially larger group that (VERY unfortunately) adds to your ranks... sickening.
ShenGuardian wrote: Feel free to reply as I'm sure you feel you must, but be sure, it will not be read by myself, I've not the time for such foolishness.
FishBiter wrote: Doesn't have time for this foolishness... but has the time to respond twice.

Strangely, I'm not bothered by what piotrmil wrote at all, he's just being honest. The "positive comments only!" police will just have to deal with it I guess.
SableDreamer wrote: ...he said, after replying to comments he had to have read to have replied to.
Ge0rgeCostanza wrote: piotrmil, you're kind of my hero.
sydney666 wrote: Well I certainly didn't post anything along the lines of "all super positive". However the comment from piotrmil wasn't honest, it was quite a personal dig - and rude as hell. Anyway who cares, obviously he is just a troll/keyboard warrior and probably not raised properly by his parents. One of the new "tv raised" generation aka "the lazy generation that think the world owes them something".
Damuel wrote: As you shouldn't have. This is entirely unsurprising coming from this site.
Nekoyoubi wrote: Meh. Haters gonna' hate. Nexus never did me wrong. f*#@ your "all positive"-esque commentary too. So he's allowed to have a negative opinion, but the rest of us are mocked for a positive one. Sounds like trolls feeding trolls to me.


@sydney666
Very well said. I agree 100% with you. The exact same thing I think, when I have to read those kind of bullcrap like the one from the OP.
If he doesn't trust the Nexus, then why he is even here to comment or on here at all? There are people on this planet, who don't think before they talk... Edited by westsidekidd
Link to comment
Share on other sites
FredNotBob Newbie

FredNotBob

Posted
Posted
In response to post #31586835. #31595470 is also a reply to the same post.


Krazeecain wrote: "If you've ever wondered why some sites ask you to have at least 1 number and one "special" character, this is why. It makes passwords a lot harder to crack (and yes, we'll implement these forced requirements soon, too). "

NONONONO! Don't do this. This is a horrible practice and it needs to be eradicated. Using longer passwords made of random unrelated words is much more secure, and much easier for people to remember.

https://xkcd.com/936/

(Did I just cite a webcomic as a source? Yes. Yes I did.)
umiluv wrote: I believe it's good to have a mix of both. I like to make small phrases using L33T to get the numbers in and add special characters as required. Then you have a phrase that's easy to remember AND you have the number and special character requirement as well.


And any properly-programmed dictionary-based cracking system will chew through those 'random' words in a matter of -hours-.

Use longer passwords, by all means, but don't assume that 'purplemonkeydishwasher' is going to be too hard for a computer to break.
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...