Daenerys (10-24-2013),jollyboots (10-24-2013)
Yesterday @C4pt4in 4lph4 posted a ROTMG Easy Hotkeys tool and it contained a phisher, If you used this program you are a victim!!! Change all important information when you have a chance before your personal things are stolen
Thanks to Krazy for breaking it down a little. Going to have Master decompile the file when he's awake and get a more detailed analysis.
Make sure to:
-Change any passwords related to MPGH, ROTMG, Steam, or your emails. (obviously any other accounts you may be concerned of)
-Run an anti-malware program to make sure your clean. Program doesn't seem to install anything.
Last edited by Distraught; 10-24-2013 at 02:37 PM.
Daenerys (10-24-2013),jollyboots (10-24-2013)
Got hacked. Used all my coins + took all my WC tops. RIP.
Sorry about this. Getting it sorted. That's why it's important for us to decompile every file. I suggest doing this yourself if you don't already. Here is the malicious code:
Dang. Thought it was safe, so went lazy mode.
and so did the minion who approved it. Thank god it wasn't @Royce
Royce (10-24-2013)
If you need help removing a keylogger and such post here. Any flame will lead to this thread being closed.
Well, I deleted almost all of the remains of it. Is there a way that there is still the residue of this keylogger existing on my computer?
thanks certainly, but I already lost also the numerous gold and many things)))
There's not much to do besides change your info and run Malware Anti-bytes or something similar. @master131 if you want to elaborate.
Last edited by Distraught; 10-24-2013 at 02:21 PM.
Would @Royce have been able to decompile and locate this malicious code if he was the minion on at the time? This is why we need atleast one well-versed ROTMG minion.
How do I make sure I have removed it?
this is sad can't believe people do this I just hope next time we can find if someone put bad juju in :/
It's not like it wasn't easy to catch. Trust me, you could see the suspicious string right off the back then decompile it further to understand it. Anyone would of caught this one if they actually took the steps they were supposed to. but yes this is the exact reason I agreed we needed someone familiar with the section or malicious code.
My anti-viruses wouldn't pick it up so your manually going to have to check your processes/services under Task Manager. You can also go further by checking your registry. Any program similar to Malware Anti-bytes will clean it though.
Last edited by Distraught; 10-24-2013 at 02:13 PM.