Welcome, Guest. Please login or register.
Did you miss your activation email?
October 24, 2017, 08:40:36 am

Login with username, password and session length
Search:     Advanced search
Savage: XR is a new patch for Savage, created by the Newerth.com staff. The XR1.1 Client is out now! Download it now!
188608 Posts in 10883 Topics by 17933 Members
Latest Member: juniorgm
* Home Forum Wiki Help Search Login Register
+  Newerth Forums
|-+  Savage XR
| |-+  Support Forum
| | |-+  A vicious trojan in savage updater\exe file. Warning .
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: A vicious trojan in savage updater\exe file. Warning .  (Read 793 times)
Lov4iy
Newbie
*
Posts: 30


View Profile
« on: May 20, 2017, 09:16:23 am »

 A typical scum program that encrypts your files and asks money . Why nobody talks about it.

*** ALL YOUR WORK AND PERSONAL FILES HAVE BEEN ENCRYPTED ***

To decrypt your files you need to buy the special software. To recover data, follow the instructions!
You can find out the details/ask questions in the chat:
LINK REMOVED (not need Tor)
LINK REMOVED (not need Tor)
LINK REMOVED (not need Tor)

You ID: REMOVED

If the resource is not available for a long time, install and use the Tor-browser:
1. Run your Internet-browser
2. Enter or copy the address LINK REMOVED in the address bar of your browser and press key ENTER
3. On the site will be offered to download the Tor-browser, download and install it. Run.
4. Connect with the button "Connect" (if you use the English version)
5. After connection, the usual Tor-browser window will open
6. Enter or copy the address LINK REMOVED in the address bar of Tor-browser and press key ENTER
7. Wait for the site to load

If you have any problems installing or using, please visit the video tutorial LINK REMOVED
« Last Edit: May 20, 2017, 12:39:14 pm by Trigardon » Logged
Hakugei
XR Coder
Legendary Member
***
Posts: 3743



View Profile
« Reply #1 on: May 20, 2017, 12:47:10 pm »

Probably because it's not true.
Looks like you've infected yourself and are now blaming Savage for it.
Or you're sick of Savage and are trying to scare everyone.
We cannot help you with this.

I've checked the update logs, and the only .exe files have been from me in a LOOOOOOONG time, and the only code (apart from Crashday's Cel Shading) in said .exe files have been from me in an equally LOOOOOOONG time.
No such thing has been added.

Also, posting suspicious and potentially malicious links is forbidden, please refrain from sharing your virus with others.
Logged
Lov4iy
Newbie
*
Posts: 30


View Profile
« Reply #2 on: May 20, 2017, 01:14:47 pm »

 What else can you say when this server was hacked . There wasnt no page informing that server is on maintence.
  I expected some viral aplication but still shit that encripts 100k files in 20 seconds its something special.

 Or tell the reasons why server was down and servers had 0 population for few days? Somebody just fucked up hard thats all to say .
I lost a lot of content but its ok i blame avast for this .
 And only thing i dont understant why all silent about this shame? Nobody says that we were hacked sorry we fuckked up.
This virus wasnt a joke it literaly nukes all content in mere seconds on your station.I would rate it 4.5 out 5 .

 And this fucking your word -" probably "  . Say as it is - i am(Lov4iy) lieing or you just dont know what happened in past few days .

 I infected myself by runnign savage fuckign aplication with rights that it asks to run  - TRUE .
Logged
Hakugei
XR Coder
Legendary Member
***
Posts: 3743



View Profile
« Reply #3 on: May 20, 2017, 02:39:16 pm »

What else can you say when this server was hacked .
Why would it have been hacked? You're being paranoid.
Newerth has hardware failure once in a while, and rarely do we make a main page post about it.
(Sometimes the shoutbox has info on it, if it was a bigger issue like HDD failure.)

There wasnt no page informing that server is on maintence.
We don't do maintenance, ergo we don't post a warning about maintenance as it never happens.
And you can't post about downtime WHILE it is down.
But DJ and Groent fix hardware and ISP issues when they arise, then everything goes back to normal.

I expected some viral aplication but still shit that encripts 100k files in 20 seconds its something special.
If you EXPECTED it, why did you DO it anyway then? Huh

Or tell the reasons why server was down and servers had 0 population for few days? Somebody just fucked up hard thats all to say .
Nobody touches the server unless there is a hardware or software failure.
And that's why it was down temporarily; Groent brought it back up once he found the issue.

And only thing i dont understant why all silent about this shame?
Silent about what? We rarely inform the public about downtimes, as they happen suddenly and unplanned (due to hardware failure, remember?), and after the admins fix it, it continues onwards.

Nobody says that we were hacked sorry we fuckked up.
I don't think you understand how hacking and viruses work.
The intent of malicious hackers adding viruses onto sites is to do this UNNOTICED so that no one NOTICES that they've added malicious software onto the site.
By TAKING DOWN the entire site that is very much the OPPOSITE of going UNNOTICED.

And this fucking your word -" probably "  . Say as it is - i am(Lov4iy) lieing or you just dont know what happened in past few days .
I know that the Newerth server went down, but the Savage servers were still up as they are seperate.
And I said "probably", because it's possible that your PC is full of viruses that infect other files to hide in them so you can't figure out where they came from in the first place. Again, I don't think you actually understand how this works.

I infected myself by runnign savage fuckign aplication with rights that it asks to run  - TRUE .
If you know how this works and understood the things I've told you, you wouldn't be saying things like this.

I understand that you're upset, but you're throwing accusations in all the wrong directions and this is blinding you from being more careful in the future. Since you didn't get it from Savage, you're going to ignorantly get it again in the future from the same place you got it this time - and there won't be Savage for you to blame next time.

Oh, and look, there are 27 players online on PULSE right now.
http://www.newerth.com/?id=serverlist&details=109.237.26.117:11235
How is this possible according to your own theories?
(Incoming conspiracy, they're all not real and I merely placed bots with icons.)


* Savage27OnlinePulseRightnow.JPG (40.43 KB, 543x492 - viewed 37 times.)
Logged
Lov4iy
Newbie
*
Posts: 30


View Profile
« Reply #4 on: May 20, 2017, 07:33:25 pm »

 Next time when it happens i will just save infected files and feed it to all viral databases . And send a big "hi" to you from them if you think it was just a joke. And we will see how such little talk will end .
Logged
Hakugei
XR Coder
Legendary Member
***
Posts: 3743



View Profile
« Reply #5 on: May 20, 2017, 07:56:19 pm »

Ignoring the truth doesn't make it untrue.
You can be childish about this, or you can receive help.

Instead of accepting that you've infected yourself through your own actions, you blame others that have nothing to do with it.
You not only blamed Savage, you then proceeded to blame a non-existing "hacker", and in the end you even blamed Avast.
You've blamed three separate sources within a single thread without even the hint of understanding what's going on.
But the undisputed truth is, you did this to yourself.

If you're just here to whine about things because you're frustrated about messing up yourself, you can leave.
Logged
drk
Newerth Council
Sr. Member
*
Posts: 487



View Profile
« Reply #6 on: May 21, 2017, 10:44:07 am »

Silverback 0/61
https://www.virustotal.com/ru/file/046574600fa4bfa78aff48d327f0b8c56b87c8026169cb1bff800085ecb61cd1/analysis/

Savage 0/55
https://www.virustotal.com/ru/file/868088e4a165cc5ba9880c54293a98cbd0e595aba5ce16aad1fc7b66ac056b2a/analysis/

A-U 0/53
https://www.virustotal.com/ru/file/f5b52a7ae1c4a39495238ffebca5ccec312a7fcaec1d4a6772dae4da8ab94c51/analysis/

GL noob
Logged

Lov4iy
Newbie
*
Posts: 30


View Profile
« Reply #7 on: May 21, 2017, 12:38:10 pm »

 For blind idiot :  Дата анализа:   2014-09-02 20:28:01 UTC (2 лет, 8 месяцев назад)  . As i said before i happened after like 3 days ago.


  For this date: 18.05.2017 :

   Wtf is talk about you cant even prove anythign with those links . Especially when you have your shitty <80 iq drk. Move in your little corner and sit there when you have nothign good to say.

   I said game files were replaced by 3rd party i didnt said that savage itself was a trojan program form the begining . ALl i said that this server was hacked and game updater was infected at that date.

   You dont have any arguments . I have some encripted files from that shit but even that isnt an argument even infected game wouldnt be an argument . But as i said before if it happens again i will try to get you arguments for that.


* vtpng.png (348.9 KB, 1920x1080 - viewed 38 times.)
« Last Edit: May 21, 2017, 12:50:26 pm by Lov4iy » Logged
Hakugei
XR Coder
Legendary Member
***
Posts: 3743



View Profile
« Reply #8 on: May 21, 2017, 01:38:11 pm »

I checked the update logs directly on the server, and there haven't been any changes to the Patcher, the Installer, nor the Updates.

The last change to the Patcher was 2012.
The last change to the Installer was 2010.
The last change to the Game was 09.05.2017.

And even if the patcher had been changed in the source, the patcher does not patch itself.
You're also the only person experiencing this.
And, finally, drk just sent you virus scans for all 3 exes.

What is your point?
That an amateur hacker broke the site while trying to upload a super professional virus just so that you download it and then removed it once you personally were affected?

You're here annoyingly whining, aggressively insulting, and making preposterous threats - all while ignoring the truth and evidence backing it up.



We fix any and all issues that arise with Newerth, Patches, and Savage so that the community can continue playing in peace.
But we can't fix something that doesn't exist.


* XR1.0ClientInstaller.JPG (59.86 KB, 564x436 - viewed 34 times.)

* XRLastPatch.JPG (32.32 KB, 482x138 - viewed 31 times.)

* PatcherLastPatch.JPG (15.62 KB, 570x34 - viewed 27 times.)
Logged
Lov4iy
Newbie
*
Posts: 30


View Profile
« Reply #9 on: May 21, 2017, 03:18:12 pm »

 All i wanted to hear some excuse but ok as i typed before  :

1. You didnt know or understand what happened.
2. Yo know but try to hide it.
3. You just read and try to corespond writing random staff from your side.

You said  that i have 0 expirience in this .Im not a reverse engineer .But i can at least  write a program that do same shit like encript file and change its type.I understand how it works. And i understand that it cant be cured if its done properly .So at least i know what happened on my station . This viral wasnt from net(java script disabled) ,it wasnt backdor. Only shit that that asks me to run with administative rights and that was this games updater can do something like that if i give it some freedom. It dosent even meant that client was replaced it could just upload some file that it usually runs and run it  from server that was at that time corrupted .
 
 At that date: 17-18.05.2017 . I pointed my problem - that all i did and i wanted some excuse from a person who was responsible for that.  I didnt want to lissen from shits that have even less  basic education and talk about my incopetence. It could be any program any game that has autoupdater and ask some freedom to run. But it was this game thats all.

 If you replaced those files now it changes nothing . If you upload a clean cleint on viral databases and its shows that its ok - what dose its means ?- a cheap trick for idiots - you just show how  lame  you are . But stop you cant even do that properly and give me 2 years outdated junk. Enough . I explained what happened and what i wanted i see how incompetent you are in this subject . Just get lost from my topic .
 
  At time when server was down shit happened its just a fact . And its happened when i run this game updater.
 
  Ok then try to prove that i am wrong . Or tell how i was infected and why this happened when i run this updater at that time when server was down .

 All your words just empty space without any of arguments. And as i said im not here for your arguments but if you start do it properly . 

 
Logged
Hakugei
XR Coder
Legendary Member
***
Posts: 3743



View Profile
« Reply #10 on: May 21, 2017, 04:01:32 pm »

If you won't listen, I won't bother with you anymore.
Your ignorance is disturbing.

If you continue, there will be consequences.
Logged
Bullet
Python enthusiast
Newerth Donator
Sr. Member
****
Posts: 335



View Profile
« Reply #11 on: May 21, 2017, 04:06:15 pm »

lock this thread pls, and ignore this guy.

He got friendly advice and support, but seemed to allready have made up his mind.  Idiot
Logged

drk
Newerth Council
Sr. Member
*
Posts: 487



View Profile
« Reply #12 on: May 21, 2017, 05:10:02 pm »

All i wanted to hear some excuse
Excuses us that we started to talk with an idiot.
Logged

Trigardon
Forum Administrator
Legendary Member
****
Posts: 4784


Demonic Monster


View Profile WWW
« Reply #13 on: May 21, 2017, 05:22:27 pm »

lock this thread pls, and ignore this guy.

He got friendly advice and support, but seemed to allready have made up his mind.  Idiot

Sounds pretty legit to me.

Lov4iy, if there's still anything unclear and want this topic to be re-opened please send me a PM.


~ Closed
Logged

Pages: [1] Go Up Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.20 | SMF © 2006-2007, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.06 seconds with 19 queries.