Page 1 of 2 12 LastLast
Results 1 to 15 of 21
  1. #1
    Ahlwong's Avatar
    Join Date
    Dec 2012
    Gender
    female
    Location
    Seoul
    Posts
    14,381
    Reputation
    3110
    Thanks
    5,136
    My Mood
    Angelic

    [PSA] KRELAY SELF UPDATER FIXED!

    Greetings MPGH Users,

    Approximately 14 hours ago the attachment from the thread KRELAY SELF UPDATER FIXED! was approved and we've discovered it contained a .sol stealer within /Data/Updater.exe


    The following people have downloaded the program:

    @ @Ponyash
    @ @savel21
    @ @proplayers1
    @ @tidalwaves2345
    @ @kaasca
    @ @KyleHacksxd
    @ @Ellebora
    @ @Bleyatero
    @ @Danypoop
    @ @-eXtremeX-
    @ @miho1
    @ @Freddebola
    @ @omarsweiss0111
    @ @SammytheBEAST
    @ @ILikeToHackjOnROTMG
    @ @olssonftw
    @ @mralex87
    @ @kaisad
    @ @poc123


    If you're one of the people who downloaded this program, please delete it immediately and secure your account. If you have emails or other accounts that have shared the same password as your RotMG account, please change them immediately.

    From what we've found, the information stolen are from rotmg.sol stored in both your Macromedia and Chrome folder directories, account.js stored within your computer account.

    If you have any other questions, please post them below.

    We're sorry we let through this file and see to regain your trust within this section and on this site.

    - MPGH Staff
    Last edited by Ahlwong; 05-17-2019 at 08:44 PM.
    T W I C E
    NaJeongMoSaJiMiDaChaeTzu
    TWICE - One In A Million

     
    News Force Head Editor 09/2018
    Publicist 11/2017
    Global Moderator 09/2017
    Minion+ 04/2017
    Market Place Minion 04/2017
    Minecraft Minion 02/2017
    Realm of the Mad God Minion 11/2016

    Middleman 09/2016
    News Force Editor 08/2016
    News Force (Section of the Week) 03/2016
    News Force (User News) 10/2015

    Donator 03/2015
    Realm of the Mad God Editor 05/2014
    Member 12/2012

    -=Gifts=-
    [Organized Chaos]

  2. The Following 2 Users Say Thank You to Ahlwong For This Useful Post:

    [MPGH]Flengo (05-18-2019),Royce (05-20-2019)

  3. #2
    KyleHacksxd's Avatar
    Join Date
    Apr 2019
    Gender
    male
    Posts
    1
    Reputation
    10
    Thanks
    0
    Great... XD

    - - - Updated - - -

    So what's the best way to make sure everything is gone from my pc?

  4. #3
    MikeRaarupBirk's Avatar
    Join Date
    Mar 2016
    Gender
    male
    Posts
    1,581
    Reputation
    38
    Thanks
    3,755
    My Mood
    Stressed
    This is the second .sol stealer thats been approved within a month i believe, do you guys even check the files anymore?

  5. The Following 4 Users Say Thank You to MikeRaarupBirk For This Useful Post:

    AllYourX (05-18-2019),LRZ (06-05-2019),Matthew (05-19-2019),Plus22 (05-22-2019)

  6. #4
    Ahlwong's Avatar
    Join Date
    Dec 2012
    Gender
    female
    Location
    Seoul
    Posts
    14,381
    Reputation
    3110
    Thanks
    5,136
    My Mood
    Angelic
    Quote Originally Posted by KyleHacksxd View Post
    Great... XD

    - - - Updated - - -

    So what's the best way to make sure everything is gone from my pc?
    When I went through the files, it seems like it only uploads your information to this person.

    The best thing you could do is removing the files from your computer.

    Quote Originally Posted by MikeRaarupBirk View Post
    This is the second .sol stealer thats been approved within a month i believe, do you guys even check the files anymore?
    We do check files thoroughly. Seems like both of these .sol stealers were overlooked as I found the .sol stealer code pretty quickly in both cases.

    Safest thing to do with downloading in this section is to download from someone who has been contributing safe clients for a long time now rather than downloading from people who don't have many posts or contributions. The thread shouldn't have been approved since the user didn't meet the 125 post requirement.
    Last edited by Ahlwong; 05-18-2019 at 12:25 AM.
    T W I C E
    NaJeongMoSaJiMiDaChaeTzu
    TWICE - One In A Million

     
    News Force Head Editor 09/2018
    Publicist 11/2017
    Global Moderator 09/2017
    Minion+ 04/2017
    Market Place Minion 04/2017
    Minecraft Minion 02/2017
    Realm of the Mad God Minion 11/2016

    Middleman 09/2016
    News Force Editor 08/2016
    News Force (Section of the Week) 03/2016
    News Force (User News) 10/2015

    Donator 03/2015
    Realm of the Mad God Editor 05/2014
    Member 12/2012

    -=Gifts=-
    [Organized Chaos]

  7. #5
    AllYourX's Avatar
    Join Date
    Aug 2018
    Gender
    male
    Posts
    143
    Reputation
    40
    Thanks
    27
    Quote Originally Posted by Ahlwong View Post
    we've discovered it contained a .sol stealer within /Data/Updater.exe
    Is this a "Columbus discovering America" type deal going on here? My guess is that 059 or another n̶o̶n̶-̶s̶t̶a̶f̶f̶ experienced forum member did a cursory inspection, noticed the malicious code, quelled their surprise with practiced skill, and brought their findings to your attention.

     
    I love MPGH as a community. It's a great idea and is generally well moderated. The file checking though, at least on the RotMG forum, is subpar. It's honestly bad enough that it is causing harm by giving the average user the illusion of security. At this point it seems like MPGH is only useful as a resource for long time users who have learned not to trust the approved files and want to learn how to check and or make tools themselves.

    For the uninitiated user, MPGH is a reverse lottery. It is mostly filled with amazing, generously shared gems like K-Relay, 059 client, and KBK's famebot and NRelay, but if you happen to be one of the monthly winners, you wake up, not to untold riches, but instead rather harshly, to your RotMG accounts trashed and subsequently the dangers of hacking.

    People like to give MPGH hard time (see above, very satisfying), but nobody can realistically expect them to do a perfect job. My biggest gripe is with MPGH's response to malware getting past their checks. Since the CrazyClient account stealer, submission rules have become noticeably more restrictive. There are members who graciously want to contribute but can't, and yet somehow it seems like the number of malicious programs that have escaped detection has only increased. Maybe it's a terrible idea, but I think MPGH would be better served opening submission rights to more people, and in exchange, more loudly and explicitly outlining the inherent risks of executing third party programs to prospective downloaders.

  8. The Following 2 Users Say Thank You to AllYourX For This Useful Post:

    Plus22 (05-22-2019),Warforward (06-08-2019)

  9. #6
    T-800's Avatar
    Join Date
    Aug 2014
    Gender
    male
    Location
    Romania
    Posts
    15,163
    Reputation
    1306
    Thanks
    68,058
    Yea that was my bad, i completely missed a file. Not like i didn't analyzed but i missed a file to check that i saw just after it got reported.

    I'm very sorry guys .

    Global Moderator -> 23-3-2019 - current
    Steam Moderator -> 12-12-2017 - 23-3-2019
    Steam Minion+ -> 09-04-2017 - 12-12-2017
    Steam Minion -> 03-01-2017 - 09-04-2017


  10. #7
    Ahlwong's Avatar
    Join Date
    Dec 2012
    Gender
    female
    Location
    Seoul
    Posts
    14,381
    Reputation
    3110
    Thanks
    5,136
    My Mood
    Angelic
    Quote Originally Posted by AllYourX View Post
    Is this a "Columbus discovering America" type deal going on here? My guess is that 059 or another n̶o̶n̶-̶s̶t̶a̶f̶f̶ experienced forum member did a cursory inspection, noticed the malicious code, quelled their surprise with practiced skill, and brought their findings to your attention.

     
    I love MPGH as a community. It's a great idea and is generally well moderated. The file checking though, at least on the RotMG forum, is subpar. It's honestly bad enough that it is causing harm by giving the average user the illusion of security. At this point it seems like MPGH is only useful as a resource for long time users who have learned not to trust the approved files and want to learn how to check and or make tools themselves.

    For the uninitiated user, MPGH is a reverse lottery. It is mostly filled with amazing, generously shared gems like K-Relay, 059 client, and KBK's famebot and NRelay, but if you happen to be one of the monthly winners, you wake up, not to untold riches, but instead rather harshly, to your RotMG accounts trashed and subsequently the dangers of hacking.

    People like to give MPGH hard time (see above, very satisfying), but nobody can realistically expect them to do a perfect job. My biggest gripe is with MPGH's response to malware getting past their checks. Since the CrazyClient account stealer, submission rules have become noticeably more restrictive. There are members who graciously want to contribute but can't, and yet somehow it seems like the number of malicious programs that have escaped detection has only increased. Maybe it's a terrible idea, but I think MPGH would be better served opening submission rights to more people, and in exchange, more loudly and explicitly outlining the inherent risks of executing third party programs to prospective downloaders.
    I did checks myself after 2 people reported they had their accounts hacked within that thread.
    T W I C E
    NaJeongMoSaJiMiDaChaeTzu
    TWICE - One In A Million

     
    News Force Head Editor 09/2018
    Publicist 11/2017
    Global Moderator 09/2017
    Minion+ 04/2017
    Market Place Minion 04/2017
    Minecraft Minion 02/2017
    Realm of the Mad God Minion 11/2016

    Middleman 09/2016
    News Force Editor 08/2016
    News Force (Section of the Week) 03/2016
    News Force (User News) 10/2015

    Donator 03/2015
    Realm of the Mad God Editor 05/2014
    Member 12/2012

    -=Gifts=-
    [Organized Chaos]

  11. #8
    Ponyash's Avatar
    Join Date
    Oct 2012
    Gender
    male
    Location
    Russia
    Posts
    62
    Reputation
    10
    Thanks
    5
    My Mood
    Fine
    Good thing i saw the stealer report once downloaded.
    Didn't even open it tho.

  12. #9
    tidalwaves2345's Avatar
    Join Date
    Oct 2015
    Gender
    male
    Posts
    60
    Reputation
    10
    Thanks
    7
    Thanks, should I be concern if I haven't extracted it yet?

  13. #10
    T-800's Avatar
    Join Date
    Aug 2014
    Gender
    male
    Location
    Romania
    Posts
    15,163
    Reputation
    1306
    Thanks
    68,058
    Quote Originally Posted by tidalwaves2345 View Post
    Thanks, should I be concern if I haven't extracted it yet?
    No, but make sure you delete it so nothing bad happens.

    Global Moderator -> 23-3-2019 - current
    Steam Moderator -> 12-12-2017 - 23-3-2019
    Steam Minion+ -> 09-04-2017 - 12-12-2017
    Steam Minion -> 03-01-2017 - 09-04-2017


  14. #11
    Akira Mado's Avatar
    Join Date
    Nov 2018
    Gender
    male
    Posts
    16
    Reputation
    10
    Thanks
    2
    There already is a self updating K-Relay. Why was another one approved? I thought posting duplicate hacks is not allowed?

  15. #12
    SammytheBEAST's Avatar
    Join Date
    Feb 2013
    Gender
    male
    Posts
    40
    Reputation
    10
    Thanks
    2
    My Mood
    Inspired
    Quote Originally Posted by Akira Mado View Post
    There already is a self updating K-Relay. Why was another one approved? I thought posting duplicate hacks is not allowed?
    The one posted doesn't work for a lot of people for some reason (myself included), I've tried a lot of things to fix it but nothing has worked so far.

    Sad my account got hacked but he only deleted my characters and took my tradeable items so as long as Deca can undelete my characters I can recover. Hopefully, this makes mods more careful when searching files, I love this community but if it happens a third time I don't think I can stay much longer.
    A game only truly dies when the modding community dies.

  16. The Following User Says Thank You to SammytheBEAST For This Useful Post:

    Royce (05-20-2019)

  17. #13
    Royce's Avatar
    Join Date
    Oct 2011
    Gender
    male
    Posts
    17,872
    Reputation
    3923
    Thanks
    6,331
    Quote Originally Posted by MikeRaarupBirk View Post
    This is the second .sol stealer thats been approved within a month i believe, do you guys even check the files anymore?
    I'm sorry for my absence. I'll make sure all files are okay before being approved.


    Contact me via
    | MPGH IM
     
    Nig Boi since - 12.15.??
    MPGH Member Since - 12.28.08
    MPGH Cocksucker Since - 05.17.12
    MPGH Wiki Manager Since - 11.16.12
    ROTMG Minion Since -10.22.13
    PB Minion Since - 12.12.13

    R.I.P Royce Since - 1.13.14
    The Return (ROTMG) since 03.23.15
    GTA Minion since 04.22.15

    R.I.P Royce again since 06.28.15
    The Return again(Steam) since 02.28.17
    CrossFire Minion Since -09.20.17
    Fornite Minion Since - 10.10.17

    Minion+ since 04.03.2019
    ROTMG Minion since 04.08.2019

     
    "well ain't dat sum shit. Sucks for you, but you did well professionally, and nobody can ever say you would be shit at any future positions. But you just gotta know when to not fuck up, or just go the silent mod route like tommi, or ravallo, or nico." - Doc


    Quote Originally Posted by Illuminarly View Post
    Did you refresh the thread and see my comment? No way you replied that quickly


  18. #14
    Plus22's Avatar
    Join Date
    Nov 2013
    Gender
    male
    Posts
    489
    Reputation
    53
    Thanks
    93
    I've been on this section for years and sincerely it has never been this bad, ever. How many .sol stealers were approved within a year until now, like 4 or 5? Or more? That's insane.

  19. #15
    SammytheBEAST's Avatar
    Join Date
    Feb 2013
    Gender
    male
    Posts
    40
    Reputation
    10
    Thanks
    2
    My Mood
    Inspired
    Well my account was hacked again after I changed my password and deleted the bad KRelay, any chance this downloaded something to my computer to gain persistance? Also on my realmeye it had the message "Bert was here."
    A game only truly dies when the modding community dies.

Page 1 of 2 12 LastLast

Similar Threads

  1. Hackshield update fix
    By Raiden-Thunder God in forum Piercing Blow Discussions
    Replies: 5
    Last Post: 01-13-2011, 09:40 AM
  2. [Detected] im00: Self Updating Code / DLL
    By Themonsterman in forum Call of Duty 6 - Modern Warfare 2 (MW2) Hacks
    Replies: 13
    Last Post: 11-08-2010, 01:05 AM
  3. [Tutorial] Please tell me when WolfTeam-DLL to be detected after the update fixes it!
    By conquer1313374 in forum WolfTeam Hacks
    Replies: 1
    Last Post: 10-19-2010, 09:24 AM
  4. Failed to donwload self-update file[SOLVED]
    By Markus in forum CrossFire Help
    Replies: 7
    Last Post: 09-20-2010, 04:55 AM
  5. [Release] Matypatty's Pub Hack (with updater) FIXED
    By matypatty in forum Combat Arms Hacks & Cheats
    Replies: 959
    Last Post: 04-08-2010, 07:44 PM