Announcements

Filters

 
Date
Date

Malicious Spammer Alert

Posted by Kaelten Dec 02, 2008 at 01:10 UTC

Hey guys,

Another jerk or group of jerks took advantage of the holiday weekend to spam a few thousand comments on the website.

These comments, due to a small security hole in one of the parsers, was able to embed an iframe on the page. It would then in turn try to target out of date versions of Flash.

We've cleaned up any of the comments that we can find, prevented any further ones from rendering, and plugged the leak in the parsers.

I'm not sure exactly what he was trying to install on machines, but I know it looks like it specifically targeted IE with Flash lower than 9 r124.

We're doing what we can to ensure that this type of attack on our users is impossible in the future. Please check your flash version, if you have a vulnerable version please run a virus scanner and try to make sure all is good.

If anyone discovers more information about what exactly they where trying to do, the effectiveness, and detection/cleanup techniques please post them in the comments.


  1. 6 comments

Merry Christmas!!!

Posted by Kaelten Dec 26, 2008 at 04:12 UTC

I hope everyone has had a great Christmas, or observation of choice. Sorry I didn't post it earlier, my internet is spotty atm.

Anyway, blessed holidays to all!

  1. 2 comments

Merry Christmas and Happy Holidays

Posted by Ackis Dec 18, 2009 at 22:37 UTC

Well, it's that time of the year again. The holidays are upon us.

On behalf of all the people that work with Curse, CurseForge and WowAce, I'd like to wish everyone a very Merry Christmas and hope that you have a safe and fun filled holidays.

A lot of people will be taking time off so please have a bit of patience when submitting new files/projects for approval. We'll get to them as soon as possible.

A puppy dog having a great Christmas

We'll see you next year!

  1. 7 comments

Man in the middle attack compromises authenticators

Posted by Ackis Mar 01, 2010 at 04:49 UTC

Going to share this news with everyone. Kody over at World of Raids has said it the best so I'm just going to repeat what he's said over there.

Anyone who has an authenticator attached to their account should run a search (and probably an antivirus scan in case it's on the threat list already) immediately and ensure the file emcor.dll does not exist on your computer. This file is one reported to be allowing hackers to access World of Warcraft accounts that have authenticators attached to them. It's also possible there are other variations of these suspicious files, so if anyone has additional information please respond in the comments.

Based on this thread, the file may be found in /users/username/appdata/Temp. Since the file is fairly new (first mentions of it are only a few days ago), and the common source is unknown, I urge everyone to not log in to World of Warcraft or the account management site until you've run a scan. Confirm your computer is secure before using your authenticator, because this DLL file is allowing hackers to crack through it and access your account.

A warning sign that you're currently infected with this keylogger is that WoW will say your authentication code is incorrect, even if you know for sure you typed in the correct code. Thanks to Cameron for posting about this in our forums, too.

  1. 5 comments

Meet ckknight at Dragon*Con Sept 3-6

Posted by ckknight Sep 02, 2010 at 03:34 UTC

Hey beautiful people, ckknight here.

I know this is a shameless plug, but I'm gonna go for it anyway.

I'll be on two panels this year at Dragon*Con in Atlanta, GA, which is happening Sept 3-6, talking about WoW addons, so if you're around there or going to it anyway, feel free to come by.

There's gonna be a lot of fun WoW-related and general MMO-related stuff going on this year outside of the panels I'm gonna be on.

Here's the ones I'm doing:

Title: World of Warcraft - Q&A
Time: Sat 01:00 pm Location: Capitol Ballroom - Sheraton
Description: Everything you wanted to know about World of Warcraft, but were afraid to ask. (Yes, that includes information on Cataclysm)

Title: World of Warcraft - Addon Kung-Fu
Time: Sat 04:00 pm Location: Savannah 1-3 - Sheraton
Description: We'll show you which ones to use, how to use them, and why.

Update:

Well, that's all done and I'm glad to be back. Was able to meet a few people and I hope I made a good impression ;-).

  1. 2 comments