1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Greetings Guest!!

    In order to combat SPAM on the forums, all users are required to have a minimum of 2 posts before they can submit links in any post or thread.

    Dismiss Notice

can we have a statement on risk to our computers?

Discussion in 'UHall' started by Nails, May 30, 2010.

Thread Status:
Not open for further replies.
  1. Nails

    Nails Journeyman
    Stratics Veteran Stratics Legend

    Joined:
    Apr 15, 2004
    Messages:
    257
    Likes Received:
    0
    is there much more risk to our computers and accts from exposure to whatever was happening here.

    I never got a message like some others did but i really would like to understand what is meant by if you think yo are at risk seek additional assistance. AS in beyond our virus scanners and firewalls?

    If so were do we go to do that?

    Just a general sticky or posting would be really supportive to those like myself that are concerned.
     
  2. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,175
    I'll ask for a statement from those who understand the techie stuff.
    All I can tell you is, not one single member of staff got any infection, not even those who went surfing the boards with old, unprotected pcs deliberately trying to get an infection for checking.
     
  3. Nails

    Nails Journeyman
    Stratics Veteran Stratics Legend

    Joined:
    Apr 15, 2004
    Messages:
    257
    Likes Received:
    0
    thank you for taking the time to help; much appreciated.
     
  4. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,382
    Likes Received:
    4,706
    I just wish to echo Petra's reply. I have scanned thoroughly and often. Just cookies.
     
  5. George

    George Guest

  6. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,382
    Likes Received:
    4,706
    I did get banned for a second... *glares at George*
     
  7. Tinsil

    Tinsil Guest

    Well that makes me feel a lot better about the virus I got from here.

    I haven't been virused in a looong time -- about 1 and a half years. I also heard from a few other people they got the same thing.

    Program was called xxvseydtssd.
     
  8. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,382
    Likes Received:
    4,706
    A lot of us tried to get these "virus". I got a false report... once. If you have more please pass that information on as requested. It would help.
     
  9. Tinsil

    Tinsil Guest

    Just did. PMed George. I strongly doubt its any coincedence that it was the same, first night that all this happened that it showed up. Hadn't done anything else remotely risky besides go here.
     
  10. Ilysess

    Ilysess Guest

    Thank you Tinsil, we do definitely recognize there are reports coming in from different situations and in order to deal with them appropriately we need all the details available. :)
     
  11. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,382
    Likes Received:
    4,706
    *nods* Thank you, Tinsil.
     
  12. George

    George Guest

    Tinsil, thank you for the PM. I replied.

    My biggest concern is that Googling for the virus you got "xxvseydtssd" returns 0 results!

    Are you sure it is spelled correctly?
     
  13. bumblefutz

    bumblefutz Guest

    Run Firefox with the NoScript, AdBlock, and FlashBlock add-ons and you're proof against 99% of the generic bullcrap malware floating around.
     
  14. Storm

    Storm UO Forum Moderator
    Moderator Professional Premium Wiki Moderator Stratics Veteran Stratics Legend

    Joined:
    Mar 18, 2004
    Messages:
    7,469
    Likes Received:
    361
  15. Tinsil

    Tinsil Guest

    PMed again, and yes.
     
  16. Taylor

    Taylor Former Stratics CEO (2011-2014)
    Professional VIP Stratics Veteran Supporter Alumni Campaign Benefactor Alumni

    Joined:
    Oct 21, 2008
    Messages:
    8,023
    Likes Received:
    1,714
    Throughout the fiasco, I constantly clicked through the warnings on Chrome while searching/reading forums. No viruses here and no ad blocker used.
     
  17. Flutter

    Flutter Always Present
    Stratics Veteran Alumni Stratics Legend

    Joined:
    May 12, 2004
    Messages:
    21,553
    Likes Received:
    3,840
    I can assure you that I did indeed get two trojans from Stratics forums.
    I do not know what time it occurred but looking at my scan history I have a completed scan at 6:54

    Which came up clear as you see:
    "Scheduled scan";"5/27/2010, 6:30 AM";"5/27/2010, 6:54 AM";"0/0";"0/0";"0/0";"0/0";""


    I logged into the stratics forums and UO. I had stratics forums minimized in my browzer while I played UO. Checking back every so often between then and 3PM my time when we got notice the shards were going to come down.

    It was at that time I found out about the Stratics hacking and ran an scan on my computer which found 60 spyware notices and 2 trojans:

    "Scan whole computer";"5/27/2010, 3:29 PM";"5/27/2010, 4:01 PM";"2/2";"0/0";"60/60";"0/0";""


    Both read as:
    "Trojan horse Java/Downloader.P";"Moved to Virus Vault"


    I have no reason to lie about this.
     
  18. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,175
    Thank you, I'm sure George will look into it.
    All I could do in my inexpert way was google it. There weren't many entries for it by itself. Those few got it from a spoof Java install/update, but I guess these things mutate.
     
  19. Alvinho

    Alvinho Great Lakes Forever!
    Stratics Veteran

    Joined:
    Sep 7, 2003
    Messages:
    14,075
    Likes Received:
    2
    I just find it completely coincidental that i got the e-mails from the phishing attempts from "blizzard" and "NC Soft" i have accounts on both games, that have been inactive for at least 2 years or more, and did not reply however stratics is the only e-mail that is tied to that e-mail account, my gaming accounts are tied to different e-mail accounts, Very coincidental how i got e-mails phishing attempts on my stratics only e-mail, I am not making any accusations whatsoever i am just a bit concerned how the e-mail tied to only stratics got the e-mails phishing for Blizzard and NC Soft.
     
  20. It is painfully obvious that Statics was compromised. Instead of making excuses, the Stratics team needs to rectify, then apologize. Period.

    I love this site, I post here a lot, but if these sorts of incidents continue, I will move on...and so will many others.

    Just deal with the issues at hand, stop denying it, and move on. Got it?
     
  21. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,175
    I think we've all had those, there were reports on the boards long before this happened.
    I've a feeling they have some kind of program that can send to *.hotmail.com *.yahoo.com and other popular addresses. Where else you use the address would, in that case, be totally irrelevant.
     
  22. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,175
    Excuses? Where? We have explained as fully as we can what happened. When I say 'no staff member got an infection' that is the absolute truth. I don't lie. The problem is fixed.
    And yes, there are coincidences that have happened. There's also some deliberate misinformation been put out. I'd love to know the source of that.
     
  23. Archie

    Archie Sage
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    507
    Likes Received:
    1
    Yes, they were, and apparently the Stratics people in this thread aren't qualified to speak about the nature of the threat, which was real.

    HTML/Infected.WebPage.Gen real, to be precise.
     
  24. Farsight

    Farsight Crazed Zealot
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    3,191
    Likes Received:
    36
    Contrary to official reports,

    The risk is greater than zero, so clear your cache, run your virus scan and play it safe.

    If you haven't done at least that much, you are putting yourself at greater risk.
     
  25. As i stated in another post i got the anti-spyware soft virus the other night, and all i did that night was play uo, check my emails (never opened any) and read stratics, also had icq running, but as ive said i dont know where it came from, my avg or spybot never puck it up till it was too late :(
     
  26. lucksi2

    lucksi2 Guest

    They also say that the database was not affected.
    I.e. the emails not taken and such.

    To me that sounds like a lie, simple as that.

    If not, then why were so many people banned or unable to post?
    Why is my main account still unable to post, PM, see attachments or even use the friggin "contact us" page because I don´t have the privileges to do so?
     
  27. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,175
  28. MalagAste

    MalagAste Belaern d'Zhaunil
    Reporter Professional Stratics Veteran Stratics Legend Campaign Supporter Royal Knight

    Joined:
    Aug 21, 2000
    Messages:
    18,976
    Likes Received:
    5,462
    I've been getting those for weeks ...... but I don't have any of those accounts ..... the only Blizzard account I made ever was a free trial..... of which I used a whole 2 hours... so I think that crap just goes to every email they can get their hands on, in hopes someone would be dumb enough to click their links. As for getting a virus from here I run firefox with ad block and no script... ran several virus scans since haven't found anything.
     
  29. Alvinho

    Alvinho Great Lakes Forever!
    Stratics Veteran

    Joined:
    Sep 7, 2003
    Messages:
    14,075
    Likes Received:
    2
    you see there in lies a problem i don 't have a .yahoo, .hotmail accounts, i have a similar pop3 as you have to [email protected] , however mine is not @stratics it is @ somethingelse im not divulging atm i have my own exchange addressee, and stratics account the only on that uses one of my @somethingelse address not even my game accounts use that addressee got the phishing e-mails, and yes it was before the obvious breech in this server, the only way it that e-mail address could have been sent to was from access to the stratics database nowhere else on the web have i used the addressee to receive anything. There have been ads going back a long way that showed as viruses and it could have been anytime from the first advertisement that poped positive, not necessarily this last attack the proverbial stuff has happened to hit the ceiling coinciding with this last breech of stratics but it was not the first time stratics was compromised.
     
  30. Harlequin

    Harlequin Babbling Loonie
    Stratics Veteran

    Joined:
    Jun 11, 2008
    Messages:
    2,716
    Likes Received:
    32
    The initial mass "permanently banned" issue was due to a human mistake while they were resolving the problem -

    http://stratics.com/stories/stratics-back-normal
    If your account is still getting the banned message, it is possible that some accounts were missed or that there is some data corruption. The admins will need to check. PM George using your new alt to bring it to his attention.



    I have a few concerns regarding this statement here:
    http://stratics.com/stories/stratics-infecting-computers
    What constitute as unknown parties in this case? Does that mean there are downloads from known parties?

    Were the SQL injections done from an unknown party? You are able to get the source IP I'm guessing?

    Also, I presume the server logs you are referring to is separate from the compromised database server and there's no indication that it has been tampered with?

    Have you confirmed that it's due to an backdoor, drupal vulnerability or hacked admin account?



    I know you are trying to cover your bases here...but the way you put it, it means folks running less updated software could be infected by malware from the site.
    (a whois indicates that the IP is registered to a German address, but owner name could be fake "Wendy Webb").
     
  31. Harlequin

    Harlequin Babbling Loonie
    Stratics Veteran

    Joined:
    Jun 11, 2008
    Messages:
    2,716
    Likes Received:
    32
    BTW, it might be a good idea to create an announcement (or at least sticky a post) that links to George's statement.
     
  32. Petra Fyde

    Petra Fyde Peerless Chatterbox
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Jan 5, 2001
    Messages:
    30,889
    Likes Received:
    5,175
    Alvinho, please check your personal details in your user cp. I think you are mistaken in what you have just claimed.

    Harlequin, I'll make a sticky. The rest of your question will need a response I'm not qualified to give.
     
  33. Llewen

    Llewen Grand Inquisitor
    Professional Stratics Veteran Stratics Legend Campaign Supporter

    Joined:
    Mar 3, 2006
    Messages:
    4,699
    Likes Received:
    200
    For what it's worth, I've gotten phishing emails related to MMO's long before this incident on Stratics. I have no idea how many I have gotten because they go straight to my junk folder, but I know Stratics had nothing to do with them.

    And if anyone got infected because they haven't kept Windows and IE up to date, well, I'm afraid you have to take some responsibility for that. There really isn't much of an excuse for not being up to date these days, and most of the threats that you see on the internet exploit vulnerabilities that have been fixed long ago. My guess is that is the case with these as well.

    And if you are still running Windows 9x/Me, well I'm afraid it is long past time when those operating systems should have been ditched. Windows 7 will run on pretty old machines, and if money is an issue, Linux is a good option, and both the classic and the enhanced clients will run on Linux with WINE, including UOA.
     
  34. DevilsOwn

    DevilsOwn Stratics Legend
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Oct 27, 2003
    Messages:
    8,922
    Likes Received:
    379
    I've been getting the mails from NCSoft for months now, and anything that has another game in the title doesn't even get opened, no matter how threatening the title line reads, cause I don't play the other games........ if you *do* play the other games, then wouldn't they have a notice of anything important on their websites?
     
  35. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    Windows 7 will not run on a PC designed to run Windows 9x

    for any computer with less than 2 GB ram just run XP
     
  36. Llewen

    Llewen Grand Inquisitor
    Professional Stratics Veteran Stratics Legend Campaign Supporter

    Joined:
    Mar 3, 2006
    Messages:
    4,699
    Likes Received:
    200
    Windows 7 will run on some pretty old hardware. A P I or P II like that guy would probably not produce great results, but from everything I've heard it will run just fine on a P III.

    And if you are going to upgrade your OS, unless you are running truly ancient hardware, I'd definitely recommend Windows 7 ahead of XP. I'd also recommend a Linux distro ahead of XP.

    Put it to you this way. You could probably buy a used computer that would easily run Windows 7 for under $100. But if you are going to be spending $100+ on an OS, and $100 on a used computer, you might as well save up a little bit more and get a low end new computer that will include Win 7.

    The whole point being that you shouldn't be running an OS that is no longer supported, and XP is almost ten years old, and it probably isn't going to be supported for too many more years, so if you are going to be upgrading your OS to another Windows OS, you should be upgrading it to Windows 7. And Windows 7 will run on just about anything that Windows XP will.
     
  37. Archie

    Archie Sage
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    507
    Likes Received:
    1
    Yes, everyone is responsible for maintaining security on their own computer.

    No, this post is not acceptable.
    http://vboards.stratics.com/showthread.php?t=211041

    Stratics was compromised, it was a real security threat, and I think the site should have been taken down and the stratics.com domain redirected to a "Down for maintenance" page, or something similar. That would have been the respectful and secure way to handle it, instead of leaving people open to attack and then downplaying the nature of the actual threat.
     
  38. Llewen

    Llewen Grand Inquisitor
    Professional Stratics Veteran Stratics Legend Campaign Supporter

    Joined:
    Mar 3, 2006
    Messages:
    4,699
    Likes Received:
    200
    Well I'm afraid I'd have to agree with that.
     
  39. Taylor

    Taylor Former Stratics CEO (2011-2014)
    Professional VIP Stratics Veteran Supporter Alumni Campaign Benefactor Alumni

    Joined:
    Oct 21, 2008
    Messages:
    8,023
    Likes Received:
    1,714
    George posted his Skype info. If you feel that your computer was compromised, I hope you'll give him a call. Turns out, he's pretty smart when it comes to this computer stuff and I've been told he's a pretty nice guy.
     
  40. JC the Builder

    JC the Builder Crazed Zealot
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    3,154
    Likes Received:
    708
    There are thousands of computer configurations. A couple Stratics staff not being affected means nothing. People are posting they were infected from the Stratics attack. The announcements that Stratics did not distribute any malware is ridiculous. It is even worse to place the blame on people affected for not being able to block it.
     
  41. Storm

    Storm UO Forum Moderator
    Moderator Professional Premium Wiki Moderator Stratics Veteran Stratics Legend

    Joined:
    Mar 18, 2004
    Messages:
    7,469
    Likes Received:
    361
    There were more than a "couple staff members" and we were not only running with 0 protection we were actively seeking to get infected!
    With that said anything is possible!
    and any of the other gaming sites Could possible carry viruses or be hacked nothing is 100% !
    and if you are told different you are being lied to !
     
  42. RawHeadRex

    RawHeadRex Slightly Crazed
    Stratics Veteran

    Joined:
    Jan 6, 2010
    Messages:
    1,324
    Likes Received:
    12
    this is why avg blows, sorry this happened to you wee papa smurf.
    quickest way to clean this drive is to take it out and put it as a secondary drive in another computer and scan it that way. you can clean it manually but it's just annoying and time consuming. windows anti-spyware has a few variations and the latest is a real pain to clean manually.
     
  43. Beer_Cayse

    Beer_Cayse Guest

    I'm not staff, but bypassed the Firefox warning several times and did scans afterward ... no signs of anything nasty - at home or the office.
     
  44. Flutter

    Flutter Always Present
    Stratics Veteran Alumni Stratics Legend

    Joined:
    May 12, 2004
    Messages:
    21,553
    Likes Received:
    3,840
    I never got anything on my laptop either. Just my desktop somewhere between the hours I mentioned.
     
  45. Mapper

    Mapper Crazed Zealot
    Stratics Veteran Alumni Stratics Legend

    Joined:
    Oct 24, 2005
    Messages:
    3,528
    Likes Received:
    110
    Same here, On both XP and Windows 7 machines.
     
  46. Lord Chaos

    Lord Chaos Always Present
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    10,075
    Likes Received:
    0
    It could also simply have been fished out from your mail servers, which often happens.

    I got no bad emails after the attack on Stratics, nor did I get any infections. Despite having dozens of tab pages open og clicking through tons of pages during the attack.
     
  47. Lord Chaos

    Lord Chaos Always Present
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    10,075
    Likes Received:
    0
    That wouldn't have helped anything.

    While yes, its partially Stratics fault, its a blame that lie with people far in the past that aren't even here anymore and haven't been in a long time
     
  48. Wait. Not turning off the boards during the attack yesterday was the fault of people who left a long time ago?

    Seriously?

    I've run enough vBulletin sites to know, it's one click.

    rolleyes:
     
  49. ingsmsico

    ingsmsico Visitor

    Joined:
    Oct 17, 2009
    Messages:
    484
    Likes Received:
    0
    dude, browers have vulnerabilities.

    if someone is successful at distributing a new version of a virus, there's not much that can be done.

    http://www.mozilla.org/security/known-vulnerabilities/
     
  50. kelmo

    kelmo Old and in the way
    Professional Stratics Veteran Alumni Dread Lord

    Joined:
    May 12, 2008
    Messages:
    17,382
    Likes Received:
    4,706
    Take your agenda elsewhere, folks.
     
Thread Status:
Not open for further replies.
  • About Us

    Stratics is the oldest continually running MMORPG Fansite on the Internet. Founded in 1997 Stratics has served the Ultima Online Community for 18 years. We strive to provide the most complete social experience for Ultima Online players.
  • Subscribe Now!

    Want to provide Continual Support? Subscribe and gain additional benefits as a patron of Stratics.com!
    Subscribe Now!

    Stratics Professional Accounts feature the following advantages:

    • Ad-Free Browsing of our Forums
    • Upload a custom Profile Cover
    • Unlimited media upload storage space
    • Use of the theme styler
    • Ability to collapse the sidebar
    • Premium background themes to choose from
    • Access to additional features of the Classifieds System
    • Ability to Customize Your User Title
    • No Post Delays
    • Additional Signature Allowances:
    • Special Professional Banner Display with your Account
    • PM Allowance Upgrade
    • Additional Thread Allowances
  • Support Us!

    Don't feel like subscribing? Donations to benefit the further development of Stratics and for purchase and inclusion of additional features are always welcome.

    Donate to us!