SS88 Posted December 6, 2015 Share Posted December 6, 2015 (edited) I don't see how our user accounts being potentially compromised is a big deal at all for those just downloading mods (obviously different story for those uploading content). However mods being compromised with .dll's that 56 virus scanners haven't picked up is a major issue and it begs the question why you haven't informed us yet about which mods have been compromised. I'm assuming it's popular mods in an effort to infect as many PCs as possible and you are complicit if you know which mods are affected but do not release this information and thereby prevent us from removing these from our PCs (other than getting rid of all mods). Edited December 6, 2015 by SS88 Link to comment Share on other sites More sharing options...
setiweb Posted December 6, 2015 Share Posted December 6, 2015 In response to post #31549740. #31549810, #31549880, #31561980 are all replies on the same post.Jokerine wrote: OH GOD. OH GOD. OKAY, MUST NOT PANIC, MUST NOT PANIC!http://i.imgur.com/69zS5JG.gifIn all seriousness, thank you for the heads up, Dark0ne! Hope we can get to the bottom of this soon.Insertnameplz wrote: PANIC PANIC PANIC!!! PANIC IN THE DISCO!J Allin wrote: Don't panic Captain Mainwaring! Don't panic! Don't panic!! Don't Panic!!! CreeperLava wrote: Oh, a fellow Stargate ! Hi !See this is what happens when you host your site on Hillary's private server. Link to comment Share on other sites More sharing options...
Zaldir Posted December 6, 2015 Share Posted December 6, 2015 In response to post #31570530. SS88 wrote: I don't see how our user accounts being potentially compromised is a big deal at all for those just downloading mods (obviously different story for those uploading content). However mods being compromised with .dll's that 56 virus scanners haven't picked up is a major issue and it begs the question why you haven't informed us yet about which mods have been compromised. I'm assuming it's popular mods in an effort to infect as many PCs as possible and you are complicit if you know which mods are affected but do not release this information and thereby prevent us from removing these from our PCs (other than getting rid of all mods).The mods in question has been removed from Public View.As to having already downloaded them, and them infecting your PC; If you had downloaded them, you would quickly spot that something was wrong. The downloaded archive would not contain the mod your were downloading at all. It would only contain a dll, a txt document, and a ".mod" file.Sitting in an archive, this dll file will be incapable of doing anything to your computer at all. Link to comment Share on other sites More sharing options...
tmmods Posted December 6, 2015 Share Posted December 6, 2015 In response to post #31570530. SS88 wrote: I don't see how our user accounts being potentially compromised is a big deal at all for those just downloading mods (obviously different story for those uploading content). However mods being compromised with .dll's that 56 virus scanners haven't picked up is a major issue and it begs the question why you haven't informed us yet about which mods have been compromised. I'm assuming it's popular mods in an effort to infect as many PCs as possible and you are complicit if you know which mods are affected but do not release this information and thereby prevent us from removing these from our PCs (other than getting rid of all mods).The mods in question has been removed from Public View. As to having already downloaded them, and them infecting your PC; If you had downloaded them, you would quickly spot that something was wrong. The downloaded archive would not contain the mod your were downloading at all. It would only contain a dll, a txt document, and a ".mod" file. Sitting in an archive, this dll file will be incapable of doing anything to your computer at all. That seems to only count for manual downloads, not downloading/installing with NMM - when I do that I do not see what actual files are in the archive/mod. Link to comment Share on other sites More sharing options...
GrimCamel Posted December 6, 2015 Share Posted December 6, 2015 In response to post #31570090. #31570360 is also a reply to the same post.TooManyGhouls wrote: So you guys are saying that there's a SPY in this very website?! *dramatic music and camera close-up*gianperlas wrote: Must be The Institute.Only a synth would say that Link to comment Share on other sites More sharing options...
GenericFallout Posted December 6, 2015 Share Posted December 6, 2015 In response to post #31569000. #31569880 is also a reply to the same post.xraybravoxray wrote: Windows defender has caught 3 Trojans since Thanksgiving, all from Nexus. Could it be all the adds? They all seem to target my browser. Virus scans after download have not caught anything. Only catching when looking a the site.Psijonica wrote: which mods? There are a few browser-high-jackers in the banner ads once in a while. It might be them? Link to comment Share on other sites More sharing options...
zahgrim231 Posted December 6, 2015 Share Posted December 6, 2015 (edited) Hello Dark0ne, Let me first add my thanks to those below for your taking a proactive stance on this troubling issue, and informing your user base; That said, I would like to make a couple of requests/suggestions: 1) Like many prior posters, I would think that getting the names of the 3 potentially compromised mods out there would be an absolute priority - have the authors confirm that the currently posted version is "clean" (or re-upload a "clean" version) once they have of course changed their login credentials. 2) If possible, perform a contents sweep of all your mods (you could limit to those changed/edited within the last week say to make it less overwhelming)... any mods containing dll's, exes, etc. should be placed on "lock down" until you can verify with the authors in question that they have changed their credentials and that they have posted clean versions. I think those two steps could very much help in getting out in front of this... even if in the end there was not a breach (or a substantial breach anyway), it's nothing that isn't good practice either way. Keep calm and carry on! :) Edited December 6, 2015 by zahgrim231 Link to comment Share on other sites More sharing options...
soulgamers Posted December 6, 2015 Share Posted December 6, 2015 (edited) When Play Station network had a database breach. a few years back. My email account was tampered with. all my emails was moved around. I guess they were looking for on line banking dealings. oh my!..good job I didn't have any at that time..SO CHEK TO SEE IF YOUR E-MAILS HAVE BEEN MESSED WITH. :facepalm: not joking. They'll not find any in mine this time too. cos I not got any in there. Edited December 6, 2015 by soulgamers Link to comment Share on other sites More sharing options...
Dark0ne Posted December 6, 2015 Author Share Posted December 6, 2015 (edited) The three files affected were: - Higher Settlement Budget (downloads from 5th December)- Rename Dogmeat (downloads from 4th December)- BetterBuild (downloads from 29th November) OP updated to include that information. Edited December 6, 2015 by Dark0ne Link to comment Share on other sites More sharing options...
urielz Posted December 6, 2015 Share Posted December 6, 2015 All mods with DLL / executables should be approach with warning. Any way to alert users of this? Link to comment Share on other sites More sharing options...
Recommended Posts