Curse

*URGENT* Adobe Flash Player - Severe Trojan Warning

Posted Aug 02, 2009 by Kody

Post your Comment (16)

Recently there were a number of websites compromised due to an Adobe flash player vulnerability.  This vulnerability allowed the injection of flash scripts that download keyloggers onto unsuspecting visitors' computers, opening up the potential for the player to be hacked and lose their video game account.

Thursday Adobe released an update, and it's important for everyone who has Adobe flash player installed to download this patch. If you do not, your computer and video game accounts are at risk.

Find out about the update, or download it and start installing it as soon as you can. You can also use the auto update feature within the flash player if you desire updating through that method.

Please, do this as soon as you can. This vulnerability is very real, and there are people attempting to steal accounts this very moment. Any website you visit until you've updated may be a potential threat to your computer's security.

As an extra precaution, please make sure to run virus scans on your computers to ensure they're clean of threats. The known keylogger files circulating related to this are:

  • a.exe
  • b.exe
  • c.exe
  • 6to4ex.dll

There may be variations of these files we don't know about yet, so please if you detect anything else let us know.

Unfortunately, several addon pages on Curse.com were compromised due to a obscure bug in the html sanitization process.  We've removed these comments and released an emergency patch to ensure that this does not happen again.  

While the Curse Client remained unaffected by the attack it is still very important for all users to to follow the above steps to make sure you're no longer vulnerable to these attacks. 

Share On:
  • Comments

Add Comment  

Add

You need to login or register to post.

Benefits of Registration

  • Interact with hundreds of thousands of other gamers on an open social network.
  • Post your stories, news, images, videos, and other content to share.
  • Create a network with your fellow gamers or join an existing one.
  • Gain reputation for everything you do.
 
  • jaspercon21 said 
    Mon, Nov 16 2009 12:17 PM ()

    I got this Trojan last night..It's bad news. I had to do a System Restore. TAKE CARE, keep ur antivirus updated.

    Report Permalink
  • nobbicologne said 
    Fri, Aug 7 2009 8:41 AM ()

    This needs a /PUSH !

    A friends account was compromised this morning.

    So this is still a problem and everyone needs to be warned of it!

    Place a warning message ON THE HOMEPAGE and in the CURSE UPDATER, or switch off all your Flashplugins, or no one will trust your website anymore !

    Report Permalink
  • Flyhard said 
    Tue, Aug 4 2009 5:24 AM ()

    Cought the keylogger yesterday. Filename had mutated. File was placed in my Temp-folder. Since the Keylogger was already loaded, I booted a Knoppix-Linux from CD and removed the file. I am so happy I have the Blizzard Authenticator.

    Report Permalink
  • kolz4ever said 
    Tue, Aug 4 2009 2:19 AM ()

    Thanks a lot for this post. I been giving the link to this page all over much as I could. very informative.

    Report Permalink
  • oopomopoo said 
    Mon, Aug 3 2009 12:30 PM ()

    ok, so since WoR it has gotten even worse?

    BTW once again, im not insulting or anything, i <3 curse. :D

    Report Permalink
  • suicidal2k8 said 
    Mon, Aug 3 2009 11:56 AM ()

    Firefox + NoScript + NoFlash + AdBlock Plus = Win

    Report Permalink
  • DonDanHan said 
    Mon, Aug 3 2009 9:21 AM ()

    Good work guys, thanks.

    Report Permalink
  • Xtek said 
    Mon, Aug 3 2009 8:23 AM ()

    I say we rise up against Flash and all install Silverlight.... yeah!

    Report Permalink
  • Nezarrah said 
    Mon, Aug 3 2009 6:19 AM ()

    Thanks for the update kody

    Report Permalink
  • Megamanx266 said 
    Mon, Aug 3 2009 4:03 AM ()

    well now this possibly explains how I got a keylogger a week or 2 ago.... too bad it came too late for me T.T

    Report Permalink
  • Kody said 
    Sun, Aug 2 2009 11:21 PM ()

    oopomopoo: It was a centralized situation at that point. Now it's grown to be a larger threat as other websites have since been attacked. This alert is primarily to make everyone aware they need to download the Adobe update.

    Report Permalink
  • NHDriver4 said 
    Sun, Aug 2 2009 9:11 PM ()

    Thanks for the heads up Kody.

    Report Permalink
  • scrumbus said 
    Sun, Aug 2 2009 7:44 PM ()

    Yup.. was surfing this site yesterday and was repeatedly attacked.  Luckily I had some antivirus that caught it.  It was for sure embedded into the ads.

    Report Permalink
  • mosselyn said 
    Sun, Aug 2 2009 5:10 PM ()

    I have reason to believe that there are ads on curse that exploit this vulnerability. I was hit with this attack yesterday (caught immediately by my security software) when I came visited a curse page. I cleaned this up.

    Today, after repeatedly re-verifying the infection wasn't present, I came to the QuestHelper page on curse and immediately was hit with the same attack. In neither case had I downloaded anything when the attack hit.

    I'm not saying curse is doing this, of course, but I think you have some compromised ads running on the site. I hadn't seen the warning because I go right to WoW addons area, normally. Anyway, I've installed the Flash update, so hopefully all is well now. Thank you for the heads-up.

    Report Permalink
  • oopomopoo said 
    Sun, Aug 2 2009 4:08 PM ()

    Yep, but just curious, why did it take so long to post this news on Curse when you posted it on WorldofRaids about a week ago? Not bashing / insulting, just curious.

    Report Permalink
  • tbearsuarez said 
    Sun, Aug 2 2009 3:52 PM ()

    I agree, this is urgent. I've had the hacking done to my account. Keep on top of all needed updates.

    Report Permalink
  • 1 page(s)
  • Syndication
  • Recent Posts
  • Tags
  • Archives