My Chrome says
Woops! Google Chrome cant find realmofthemadgod.com
Click here to try again.
Also my Panda Cloud says nothing when entering the website.
Thanks for saying tho.
We all know that SwatSec hacked RotMG again
But now he placed a javascript which installs keylogger on your computer!
EDIT: He is updating site alot but virus is still there..
And don't go in the chat. He uses you to spam something , forgot what.
My Chrome says
Woops! Google Chrome cant find realmofthemadgod.com
Click here to try again.
Also my Panda Cloud says nothing when entering the website.
Thanks for saying tho.
Java drive by download, metasploit spotted here.
parameter id of the Java applet is the payload.
> Decode the id as a base64 binary > Boom, antivirus spot it.
https://www.virustotal.com/en/file/1...a874/analysis/
Anyway, by default Java won't execute self signed applets unless you lower the security parameter. I wonder how many people will get infected and what is this doing except spawning a Notepad and WriteProcessMemory into it?
RunPE a .... DarkComet or Blackshade shit?
Edit : Not a RunPE stricto sensus. it creates a thread in notepad.exe . This thread load wininet.dll, send a request to 93.174.95.82 and it... is stuck. But its coded to retrieve a file (URLDownloadToFile)
Last edited by JustAnoobROTMG; 02-06-2014 at 08:07 AM.
Due to a recent DMCA takedown attempt we had to remove Faintmako brain. Please do not paid attention to what he say or do.
JAppelt shit again?
Dunno why would people run it anyway...
Okay so the message is to not go onto rotmg?
What if you use a swf?
What can people without anti-V/M do?
What can you do even if you have anti-V/M to make sure you are still safe/secure?
Is it safe to still use muledump and why does it still work?
Questions...one golden cookie and a big wet thank you for each solid solution!! XD
[spoiler] VOUCHESI met a traveller from an antique land
Who said: Two vast and trunkless legs of stone
Stand in the desart. Near them, on the sand,
Half sunk, a shattered visage lies, whose frown,
And wrinkled lip, and sneer of cold command,
Tell that its sculptor well those passions read
Which yet survive, stamped on these lifeless things,
The hand that mocked them and the heart that fed:
And on the pedestal these words appear:
"My name is Ozymandias, king of kings:
Look on my works, ye Mighty, and despair!"
Nothing beside remains. Round the decay
Of that colossal wreck, boundless and bare
The lone and level sands stretch far away.
Yes that is the message.
If you use a swf it's safe for now he only has access to the website.
Download one and run a scan or malvarebytes or any antimalware,antivirus program
Not really much just download one and do a scan (AVG or Avast should work).
Using muledump should be safe and the reason that it works is probably because it only logs into the acc (you can login too and see your character in the screen but you can't access any servers /realms).
drsandman (02-06-2014)
i have avast/addblocker/better popupblocker/malwarebytes