Warning!

[Neovalen]

This was posted by Dark0ne over on the Nexus today.

 

https://www.nexusmods.com/skyrim/news/12297/?

6 March 2014 13:40:26

Be careful: Trojans masquerading as popular executables

posted by Dark0ne Site News

This is a heads up announcement to please, for the love of all that is good, always keep your wits about you when downloading from here or anywhere on the internet.

There is currently an individual who is placing trojans within well known pieces of Skyrim software, such as the Skyrim Character Editor and even Skyrim Mod Organizer, and then uploading them as new files here on Skyrim Nexus (note, the original files here and here are NOT compromised, this user is uploading new files to the site masquerading as these files). This trojan has code within it that will retrieve any passwords you have stored in your browser and send them to the script kiddy's email address. The script kiddy is then using the details he has stolen from users "unlucky" enough to be exploited in this way, logging in to their accounts here on the Nexus and then uploading another trojan via the same method.

If you believe you may have fallen for this exploit then ALL the passwords you have stored in your browser have been compromised. You should change your passwords immediately for any and all sites you use, and change your passwords on any sites where you have used the same password, even if you don't have that site's login stored.

If you stick to common sense practises while browsing the internet then this will not be a problem for you at all. Things you should always be suspicious of or do:
 

[*]Files with comments disabled that have only been uploaded in the past day [*]Elaborate and complex files uploaded by new users or users who have previously not uploaded a single file or made a single comment on the sites [*]Software that has absolutely no business using your internet connection trying to make a connection to the internet [*]Executable files, or files containing .DLL libraries unless you are absolutely sure it can be trusted. [*]Always, always run a virus scan on any files you download from this or any site you download from [*]If in doubt, don't download or open the file and wait to see what other more experienced users are reporting

I sympathise with the people who have been caught by this, but you got caught by this because you aren't using your common sense. Please, for your sake, keep your wits about you and don't let your guard down when downloading files on the internet.

If you don't have a firewall, or if your firewall does not warn you when new, unrecognised and untrusted software is trying to connect to the internet please follow these steps:
 

[*]Find your router [*]Rip your router away from any connected cables [*]Open the nearest window [*]Throw your router out of it [*]Close the window



Honestly, get a firewall, install it, and understand how it works. Without one it's very possible your system is a drone in a botnet and likely a part of the perpetual problem of the internet that is DDoS'ing, something that we're no stranger to here.

[Marlen]

 

 

If you don't have a firewall, or if your firewall does not warn you when new, unrecognised and untrusted software is trying to connect to the internet please follow these steps:

 

• Find your router
• Rip your router away from any connected cables
• Open the nearest window
• Throw your router out of it
• Close the window

lol'd hard on this. 

[CJ2311]

Bah, it's not like changing all your passwords will help if you have a trojan. Quite the contrary actually, since keyloggers will then be able to access whatever passwords aren't saved on the PC when you type them...

[DoubleYou]

I saw one of these trojans appear on the Nexus the other day. I wish there was a mod report button or something.

[EssArrBee]

I knew something was up a couple weeks ago when I saw BSAOpt re-uploaded with no comments and the description was just copy-pasted from the real BSAOpt page. Glad I didn't download it.

[Kuldebar]

This is part of the (justifiable) reason that modders get criticized for not writing up adequate descriptions on their newly posted mod files, and rightfully so, in my opinion. There's a certain matter of trust when it comes to installing a relatively unknown and unrated file from an unrated or unknown author. Obviously, a balance has to be struck. But I always get a laugh when a juvenile modder will post a new file with a craptastic description, no images (if applicable) or other necessary information. Amazingly, there are many who will still download such...products.

 

The "fake" posting of well known mods (Mod Organizer, for instance) is very bothersome...I could see how someone newish might fall for that.

Edited March 8, 2014 by Kuldebar

[phazer11]

This is one of the reasons I scan anything I download on Windows with at least 3 scanners and only download from sites I know, or have been referred to by a friend and always double check to make sure I'm downloadig what I think I'm downloading and from where.

[TehKaoZ]

DoubleYou, there is a report button for mods, its right below the version number called "Report"

[Octopuss]

This is one of the reasons I scan anything I download on Windows with at least 3 scanners and only download from sites I know, or have been referred to by a friend and always double check to make sure I'm downloadig what I think I'm downloading and from where.

I've recently installed antivirus (ESET Smart Security) after about at least 10 years of running without one. Gives me a good feeling of being safe.

[CJ2311]

Funny you'd feel safe with an antivirus that never picks up on any of the trojans that a friend of mine codes, even if all other AVs from virustotal do...

[Octopuss]

No antivirus is 100%, and I will go with global years-lasting reputation rather than forum rumours :P

[rootsrat]

Avast and AVG are the two leading free anti virus programs that I would recommend. Both were winners in many tests over the past few years. Malwarebytes Anti Malware is a good tool as well. Add Windows Firewall to it and with these 3 programs you're pretty safe, provided you will scan all downloaded files.

I've recently installed antivirus (ESET Smart Security) after about at least 10 years of running without one. Gives me a good feeling of being safe.

I have a friend who always claimed he didn't need an antivirus and he's PC is perfectly safe without one. He came over one day with an USB stick to bring me some documentary movies. I ran a scanner on it. Over 500 (sic!) viruses and bugs were found. 10 years with no antivirus? Thanks for letting me know, now I'll know not to get any files from you :DSent from my GT-I9505 using Tapatalk

[Kuldebar]

I use Microsoft Security Essentials myself, but I also practice safe internet.

[Octopuss]

10 years with no antivirus? Thanks for letting me know, now I'll know not to get any files from you :D

Lmao! Hey I have this awesome screensaver with Sasha Grey, go check it out!

No, seriously, if you are just a bit above basic user and possess some common sense, you don't need an antivirus. Of course, there are some other important factors, like not using Windows XP, having firewall running, router properly configured, and ideally Adblock Plus installed. Honestly, that's all you need.

I scanned my PC a few times over the years and always was clean.

[CJ2311]

10 years with no antivirus? Thanks for letting me know, now I'll know not to get any files from you :D

Hey, I've not used any AV software in the last 10 years as well, but I can assure you my PC is clean, simply because I rarely download any executables, and I always run them through virustotal before installing them :P

[Malouz]

Thanks for the information.