Hey guys I'm seeing a lot of user profiles getting submitted, where a script is trying to be uploaded inside of the social networking fields. It's not making it through, but it's trying to link to some obscure Javascript code. Please update your browsers and run your virus scans.
I'm running complete scans of my computer and laptop now, i'm sure everything will be fine, but considering just earlier today i've just bought and downloaded several videos, i'm rather concerned
HCW7 said: I'm running complete scans of my computer and laptop now, i'm sure everything will be fine, but considering just earlier today i've just bought and downloaded several videos, i'm rather concerned
Sounds like what MM is describing is that someone has a script on their machine that is trying to implant something dodgy on the umd. As he said though this isn't getting through so your downloads should be perfectly safe don't worry.
HCW7 said: I'm running complete scans of my computer and laptop now, i'm sure everything will be fine, but considering just earlier today i've just bought and downloaded several videos, i'm rather concerned
Sounds like what MM is describing is that someone has a script on their machine that is trying to implant something dodgy on the umd. As he said though this isn't getting through so your downloads should be perfectly safe don't worry.
I've ran complete scans and nothing came up other than a bad tracking cookie on my laptop (yep, just one, surprised me that did). Thanks for putting my mind at ease
cakebattercustard said: A malwarebytes scan threw up some adware, but that was it luckily. Glad to hear it's under control!
I did complete Malware scans with Malwarebytes free and nothing came up on any of my computers, but i do run it twice a day after they have been used for anything
Any chance you could message the users who you are seeing this activity from? (Admittedly I fear I could be a guilty party, but my virus scans haven't picked anything up... however my performance is crap)
Hi, some of you read a reply to this thread (deleted now) by an apparent script kiddie who posted usernames and passwords from UMD users. He did not obtain this info from inside of UMD. We do not store your passwords unencrypted here; I couldn't even tell you what your password was, which is why I have to reset them if you lose them.
If he was able to obtain your password, it would have been obtained during a faked login process that didn't come from UMD (phishing). I do recommend that everyone change their UMD passwords (regularly, really). Meanwhile I am going to change the password of everyone who I can find whose computer attempted to upload a script, as well as double UMD's security to make sure we're not missing holes there.
I also have to remind everyone that all your card information, as well transaction information, your address, phone number, etc reside on Epoch's servers, because we do not do any credit card processing here. We don't keep producers' Paypal payment info besides just the e-mail address. I purposely collect the bare minimum of information, to avoid liability. We do have a privacy statement (linked at bottom), but any questions about what's collected, you can ask me here.
Any chance you could message the users who you are seeing this activity from? (Admittedly I fear I could be a guilty party, but my virus scans haven't picked anything up... however my performance is crap)
We are actually notifying you right on the page if your browser tries to link to the script when submitting the form. I also get a notifications. I have been e-mailing those who were affected before this notice, so they know, too. I'll keep you posted on any new developments.
MessyGuyNC said: Any chance you could message the users who you are seeing this activity from? (Admittedly I fear I could be a guilty party, but my virus scans haven't picked anything up... however my performance is crap)
We are actually notifying you right on the page if your browser tries to link to the script when submitting the form. I also get a notifications. Thanks guys. MM
Hey - is this connected with the three things that seem to have been plaguing the site recently? 1. Random photos in gallery not available to view full size - 404 message. One photo will be okay but the one next to it may not be. 2. Very slow response times from site 3. Profiles instant messaging section changed to show the first entry in all four slots
sneaked666 said: Hey - is this connected with the three things that seem to have been plaguing the site recently? 1. Random photos in gallery not available to view full size - 404 message. One photo will be okay but the one next to it may not be. 2. Very slow response times from site 3. Profiles instant messaging section changed to show the first entry in all four slots
cheers!
The random photos not being clickable may have been due to a script, uploaded to a social networking slot, that was trying to do something else to the links on the page when you visit the page--redirect them all to a phishing site when you click them. I've wiped any attempts at this from all user profiles, and notified the owners that I've changed their passwords, to something else. There have been no other attempts so far, and I've been constantly hardening our scripts to be sure. UMD itself was not compromised--It's slow sometimes all by itself :-S But I have changed your password, and today I will likely be changing everyone's password who has accessed in the past week. I am looking into duplicate social networking info; anybody else experiencing this, please let me know.
I did find the source of that issue and it was unrelated to phishing. When one edited their profile, social networking info would be duplicated. It's corrected going forward, and I can edit any profile to get rid of the extras. Thanks for pointing this one out!