Dear community,
Earlier yesterday and today 5uck has spread malicious content through one of his scripts, the Insane Druids script, for a total amount of 12 hours. We removed access to the scripts immediately after finding out. Most of the scripts at OSBot need to be validated before they are updated, which means the contents of the code are inspected before approved to be sent to the users. In this case, 5uck was given a position with more responsibility and the contents of his script were allowed to be auto updated (due to his former rank of global moderator). This means his scripts didn't require staff approval.
He has put malicious content in the Insane Druids script but luckily we caught up on this fast, thanks to one of our previous administrators Raflesia. We have disabled all his scripts for the time being in the SDN. We have taken action by contacting the hosting provider of the malicious application and asked for further action against the user who uploaded it. Furthermore, we are reverse engineering the application to tell you exactly what malicious practices are run by it.
We are very touched by this. This was the reason why we had pre-approvals of script contents in the first place, something for the better of the community. It meant updates sometimes had to wait for a couple of days, but in the end a secure solution. We gave in to giving some people trust, giving them the ability to control updating of their own scripts. This trust has been broken today.
But before I continue on this matter, I want to provide you (the users of the Insane Druids script) with some steps to get rid of this malicious content. Please note that you have only been infected if you ran the script yesterday or today. I also URGE you to change your passwords, but AFTER doing the next few steps and reading some information:
Download the anti virus software called Kaspersky. Scan your computer, remove and/or quarantaine any infections found. By now you probably know what you are going to do. Restart your computer and come back to this thread. You have restarted your computer. Change your passwords now. You are done and safe again.
5uck has abused his privileges. He did this to get access and rob you from your private information. It has made us see that even though some developers we 'think' we trust can't be trusted. We have decided that we will take away any auto-update privileges from anyone (only 3 others had such privileges).
We can say that only a hand full of people got infected and hope to have informed you well enough and stay safe.
We will be refunding anyone who bought any of his scripts with account credit within the next 2 days. We are sorry for the inconvenience and hope we can satisfy the customers with this refund. Please note: the refunds will occur automatically, there is nothing you have to do for this to happen. It will take some time for IP.Board to process all the refunds though.
5uck has been banned and will not be associated with OSBot any longer.
Sincerely,
OSBot.org
P.S. On a side note, there were some problems with the web server hosting the website in the last couple of hours. These issues have should be resolved.
P.S.S. I accidentally typed Insane Fletcher but I meant Insane Druids, I fixed it in the post.