[PSA] KRELAY SELF UPDATER FIXED!

[KarenericZ]

Well my account was hacked again after I changed my password and deleted the bad KRelay, any chance this downloaded something to my computer to gain persistance? Also on my realmeye it had the message "Bert was here."

Rip the the number 1 paladin

[Riigged]

Is this a "Columbus discovering America" type deal going on here? My guess is that 059 or another n̶o̶n̶-̶s̶t̶a̶f̶f̶ experienced forum member did a cursory inspection, noticed the malicious code, quelled their surprise with practiced skill, and brought their findings to your attention.

 

I love MPGH as a community. It's a great idea and is generally well moderated. The file checking though, at least on the RotMG forum, is subpar. It's honestly bad enough that it is causing harm by giving the average user the illusion of security. At this point it seems like MPGH is only useful as a resource for long time users who have learned not to trust the approved files and want to learn how to check and or make tools themselves.

For the uninitiated user, MPGH is a reverse lottery. It is mostly filled with amazing, generously shared gems like K-Relay, 059 client, and KBK's famebot and NRelay, but if you happen to be one of the monthly winners, you wake up, not to untold riches, but instead rather harshly, to your RotMG accounts trashed and subsequently the dangers of hacking.

People like to give MPGH hard time (see above, very satisfying), but nobody can realistically expect them to do a perfect job. My biggest gripe is with MPGH's response to malware getting past their checks. Since the CrazyClient account stealer, submission rules have become noticeably more restrictive. There are members who graciously want to contribute but can't, and yet somehow it seems like the number of malicious programs that have escaped detection has only increased. Maybe it's a terrible idea, but I think MPGH would be better served opening submission rights to more people, and in exchange, more loudly and explicitly outlining the inherent risks of executing third party programs to prospective downloaders.

It's quite easy to glance over malicious/blackhat code in clients containing hundreds of folders and thousands of files, and programs (like this one) that have dozens of applications and other files that it can be put into, its not often that viruses/phishers are posted, so that just makes it a hundred times easier to glance right over something, especially when the blackhat code looks exactly like legitimate code when you are skipping through everything at the rate you do it at when you have to deal with, like I said, as many files as it could be. Like, that one client, the bert one or whatever, they added a line of code that basically PM'd a bot your info or was that false? Idk, anyways, that code prob looked exactly like any other line of code you could have seen, and would have just assumed it was code relating to the PM system when you glance right past it, obviously seeing the Email and Password part would be a red flag, but its way easier than u think to miss it. Very easy to not miss it when you are the one doing a 2nd check after someone has already brought it up about something fishy being in the client/program because then you actually read from top to bottom left to right instead of just simply top to bottom which is what most people who scan clients do, which is why whenever a virus is posted, its almost always approved, I think only 1 person tried to upload a virus and i deleted it and reported person during time of staff, and it was from simply putting it in virus scanner myself because he posted fake virus scans. This happens a lot in other sections too Im sure, the mods go 40 legit approvals in a row and then obviously let their guard down each more and more after every approval and then slipping up. All we can do is apologize and help the people affected, no reason to hate on the mods for something that can happen to you just as easily as the next person. Don't bother giving me all that "but I'm different" talk, every single person who applied for minion ever since MPGH was born, said that in their application, look what happens.

And no, Ahlwong would never claim he found out himself if it wasn't him, he is a super chill guy, but then again its not like they struck gold so who cares about credits.

[FlutterM4rk]

It's quite easy to glance over malicious/blackhat code in clients containing hundreds of folders and thousands of files, and programs (like this one) that have dozens of applications and other files that it can be put into, its not often that viruses/phishers are posted, so that just makes it a hundred times easier to glance right over something, especially when the blackhat code looks exactly like legitimate code when you are skipping through everything at the rate you do it at when you have to deal with, like I said, as many files as it could be. Like, that one client, the bert one or whatever, they added a line of code that basically PM'd a bot your info or was that false? Idk, anyways, that code prob looked exactly like any other line of code you could have seen, and would have just assumed it was code relating to the PM system when you glance right past it, obviously seeing the Email and Password part would be a red flag, but its way easier than u think to miss it. Very easy to not miss it when you are the one doing a 2nd check after someone has already brought it up about something fishy being in the client/program because then you actually read from top to bottom left to right instead of just simply top to bottom which is what most people who scan clients do, which is why whenever a virus is posted, its almost always approved, I think only 1 person tried to upload a virus and i deleted it and reported person during time of staff, and it was from simply putting it in virus scanner myself because he posted fake virus scans. This happens a lot in other sections too Im sure, the mods go 40 legit approvals in a row and then obviously let their guard down each more and more after every approval and then slipping up. All we can do is apologize and help the people affected, no reason to hate on the mods for something that can happen to you just as easily as the next person. Don't bother giving me all that "but I'm different" talk, every single person who applied for minion ever since MPGH was born, said that in their application, look what happens.

And no, Ahlwong would never claim he found out himself if it wasn't him, he is a super chill guy, but then again its not like they struck gold so who cares about credits.

mate all this wall of text and literally all minions have to do is download process monitor for check for rotmg.sol read...

[Riigged]

mate all this wall of text and literally all minions have to do is download process monitor for check for rotmg.sol read...

bEcaUsE thAtS tHe OnLY wAy To HaCk PeOpLe ツ

rotmg.sol is just a file that saves your credentials so that you can stay logged in whenever you re-open client (maybe it has other uses too but i know it does that part i just said at least xd).. but yes its obviously the most common phish method in realm , sorry for being cocky but still lol i know you know that theres a million ways to do this type of stuff

[AllYourX]

It's quite easy to glance over malicious/blackhat code in clients containing hundreds of folders and thousands of files

This makes sense, but only for completely new releases. Old K-Relay version (proven safe by time and previous checks) + new K-Relay version + winmerge = a hell of a lot less lines to check.

Other than that, I feel like we are saying the same thing: viruses will always be a risk.

I just can't understand what the deal is with the post requirement rule. No matter what, it stifles new content, but even worse, it's followed completely arbitrarily. What's the point?

[Vispectra]

Also on my realmeye it had the message "Bert was here."

LMFAO Bert