Developer Maxi Posted December 1, 2013 Developer Share Posted December 1, 2013 Dear community, Earlier yesterday and today 5uck has spread malicious content through one of his scripts, the Insane Druids script, for a total amount of 12 hours. We removed access to the scripts immediately after finding out. Most of the scripts at OSBot need to be validated before they are updated, which means the contents of the code are inspected before approved to be sent to the users. In this case, 5uck was given a position with more responsibility and the contents of his script were allowed to be auto updated (due to his former rank of global moderator). This means his scripts didn't require staff approval. He has put malicious content in the Insane Druids script but luckily we caught up on this fast, thanks to one of our previous administrators Raflesia. We have disabled all his scripts for the time being in the SDN. We have taken action by contacting the hosting provider of the malicious application and asked for further action against the user who uploaded it. Furthermore, we are reverse engineering the application to tell you exactly what malicious practices are run by it. We are very touched by this. This was the reason why we had pre-approvals of script contents in the first place, something for the better of the community. It meant updates sometimes had to wait for a couple of days, but in the end a secure solution. We gave in to giving some people trust, giving them the ability to control updating of their own scripts. This trust has been broken today. But before I continue on this matter, I want to provide you (the users of the Insane Druids script) with some steps to get rid of this malicious content. Please note that you have only been infected if you ran the script yesterday or today. I also URGE you to change your passwords, but AFTER doing the next few steps and reading some information: Download the anti virus software called Kaspersky. Scan your computer, remove and/or quarantaine any infections found. By now you probably know what you are going to do. Restart your computer and come back to this thread. You have restarted your computer. Change your passwords now. You are done and safe again. 5uck has abused his privileges. He did this to get access and rob you from your private information. It has made us see that even though some developers we 'think' we trust can't be trusted. We have decided that we will take away any auto-update privileges from anyone (only 3 others had such privileges). We can say that only a hand full of people got infected and hope to have informed you well enough and stay safe. We will be refunding anyone who bought any of his scripts with account credit within the next 2 days. We are sorry for the inconvenience and hope we can satisfy the customers with this refund. Please note: the refunds will occur automatically, there is nothing you have to do for this to happen. It will take some time for IP.Board to process all the refunds though. 5uck has been banned and will not be associated with OSBot any longer. Sincerely, OSBot.org P.S. On a side note, there were some problems with the web server hosting the website in the last couple of hours. These issues have should be resolved. P.S.S. I accidentally typed Insane Fletcher but I meant Insane Druids, I fixed it in the post. 12 Link to comment Share on other sites More sharing options...
Harry Posted December 1, 2013 Share Posted December 1, 2013 What a scumbag, have you banned him yet? I would like to see that. Link to comment Share on other sites More sharing options...
Administrator Maldesto Posted December 2, 2013 Administrator Share Posted December 2, 2013 He is ip banned from the site. 6 Link to comment Share on other sites More sharing options...
Unversable Posted December 2, 2013 Share Posted December 2, 2013 I traded 5uck game keys for 2 of his scripts, do I get credit as well or am I SOL? Link to comment Share on other sites More sharing options...
Dat weed Posted December 2, 2013 Share Posted December 2, 2013 wat a noob Link to comment Share on other sites More sharing options...
beststrpkerx Posted December 2, 2013 Share Posted December 2, 2013 how do i get my credits from this?? or will the insane druid bot be back on here sometime soon??? Link to comment Share on other sites More sharing options...
Ducro123 Posted December 2, 2013 Share Posted December 2, 2013 (edited) There was also the virus from the Chaos druids bot I noticed my avast blocking it and pausing the bot till I clicked the x icon and had to click pause on the bot then resume and it would go back to collecting herbs just so you know! Edited December 2, 2013 by Ducro123 Link to comment Share on other sites More sharing options...
Peter Posted December 2, 2013 Share Posted December 2, 2013 Ouch... He was a nice lad as well. Link to comment Share on other sites More sharing options...
beastlymaul Posted December 2, 2013 Share Posted December 2, 2013 What about his insane druids script? Link to comment Share on other sites More sharing options...
Cinnamon Posted December 2, 2013 Share Posted December 2, 2013 how do i get my credits from this?? or will the insane druid bot be back on here sometime soon??? You'll be refunded with Osbot credit. Link to comment Share on other sites More sharing options...
Joe Posted December 2, 2013 Share Posted December 2, 2013 So sad that someone so trusted would do this, he really tried to rake it in with his coupons, do you refund automatically or do we have to pm you with incoice#? 1 Link to comment Share on other sites More sharing options...
Prefraud Posted December 2, 2013 Share Posted December 2, 2013 (edited) inb4crypters...maxi, for the love of god: anti viruses don't work anymore. people have become smarter. go into your registry and find it. anti viruses do not work do to crypters. Edited December 2, 2013 by Maxi Link to comment Share on other sites More sharing options...
Developer Maxi Posted December 2, 2013 Author Developer Share Posted December 2, 2013 inb4crypters... maxi, for the love of god: anti viruses don't work anymore. people have become smarter. go into your registry and find it. anti viruses do not work do to crypters. This will be found by Kasperky, NOD32, Avast and a couple of other AV's. Link to comment Share on other sites More sharing options...
Prefraud Posted December 2, 2013 Share Posted December 2, 2013 (edited) inb4crypters... maxi, for the love of god: anti viruses don't work anymore. people have become smarter. go into your registry and find it. anti viruses do not work do to crypters. This will be found by Kasperky.Wow. What a skid. He doesn't even try to make it undetectable? Anyways, it was a dick move and no one should be trusted with anything on here. Edited December 2, 2013 by Prefraud Link to comment Share on other sites More sharing options...
Developer Maxi Posted December 2, 2013 Author Developer Share Posted December 2, 2013 I traded 5uck game keys for 2 of his scripts, do I get credit as well or am I SOL? Everyone who has the script in their collection will get refunded. This means that you will get refunded as well. 3 Link to comment Share on other sites More sharing options...
