To all users of HB and DB, Our releases server, update.buddyauth.com was attacked around 24 hours ago and latest Release builds of HB and DB where infected with a trojan directly targeting us. If you have ran a AV, it has detected the Trojan and eliminated it. If you have not ran an AV, please do so now, and please never turn that off! What happened: The Release Server was targeted and infected, only DB and HB where the target. The trojan targets game accounts, like D3, WOW, GW, Runescape We were exposed for around or less than 24 hours. All the users that downloaded HB / DB out of updates.buddyauth.com since then should now check their systems and especially the HB / DB folder for an infection. Please excuse this failure from our side, we took countermeasures and hope that this will never happen again. Download the latest builds from The Buddywing Update Server and extract them in a new folder. Again we are very sorry for that attack on our systems, if you have any Anti-virus running, you would have been completely fine, if not make sure and change your Games passwords and scan your compute for trojans and or malware.
Malwarebytes is the AV I use. AVs such as comodo and avast will work as well. The releases have been cleaned and both update servers should be good to go for download. Sorry about the inconvenience.
well now i see why my comp freaked out when it found the trojan -_- but glad my comp didnt get screwed lol
Code: Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.05.09.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 AARON :: AARONPC [administrator] Protection: Enabled 5/9/2013 1:25:27 AM mbam-log-2013-05-09 (01-25-27).txt Scan type: Custom scan (C:\Users\AARON\Desktop\Demonbuddy 1.0.1399.306|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P Objects scanned: 264 Time elapsed: 5 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) guess it is elsewhere?
unfortunately we're a big target, thats not going to change anytime soon. all we can do is take care of things as they happen, and it sucks it had to happen, but it did. as far as the releases go, they are all clean at this point. if you want to double check yourself you can upload it to www.virustotal.com and check it for your self, if you think you've been infected then download Comodo or Avast (unfortunately MSE and AVG are not detecting it) and run a scan, both are free.
or you didn't get infected. if you feel paranoid you can run a scan with Avast or Comodo but malware bytes should of caught it, at least acording to www.virustotal.com
I've deleted all the files and changed my pws am I safe or is the virus imbeded into my computer somewhere running full scan with kaspersky atm havn't found anything
