Jump to content

TDN Security Updates

Ian

By Ian
in Announcements

 Share

Recommended Posts

Ian Rookie

Ian

Posted
Posted

Hello,

 

Over the past couple of days, a number of users have been receiving malware warnings for visiting The Daily Neopets and TDN Forums. On Monday, March 7, our data center's web-based support center was compromised. Our data center's support center contained a number of unencrypted root passwords to servers that they manage. TDN was one of them. The hacker proceeded to log in to TDN's server and modify some system files that dynamically injected malicious javascript tags into some of our pages. This code, at random times (not to be too suspicious), initiated malware downloads on users' computers.

 

Since this discovery, our data center has erased their entire support center's database (including the root passwords to servers) and released patches to all of their servers, fixing the affected system files. TDN and TDN Forums have been cleared of all "malware blacklists" at Google, Firefox, Opera, and many others. TDN and TDN Forums are malware free.

 

If you have visited TDN or TDN Forums between March 7 through March 10, it is strongly recommended that you change your myTDN, TDN Forums, and Neopets password immediately.

 

If you visited TDN or TDN Forums between March 7 through March 10, do not assume that your computer has been infected with malware. You know that your computer has been infected if you physically saw a download window pop up on your computer and you couldn't stop it. If you received browser warnings or antivirus warnings from visiting TDN, there is a high chance that these programs caught the malware before it was ever able to download or install. In general, you can't get malware from simply loading a page; the program has to download and execute, which you would be able to see.

 

Lastly: based on the evidence we have, the hacker was not a Neopets player or interested in Neopets accounts. Multiple servers in our data center were affected by this; each server hosted diverse types of web sites.

 

yurble_baby_clap.gif

TDN is safe and here to stay!

We sincerely apologize for any inconvenience caused. Our server is now stable and we have taken extra steps to apply even stricter security settings to our server and to TDN and TDN Forums. We are happy to answer any questions you might have.

Link to comment
Share on other sites
Masaryk Newbie

Masaryk

Posted
Posted

I really have to headdesk at hearing about the datacentre keeping unencrypted user data in their database. It boggles my mind that they could be so irresponsible with their clients' sensitive information. I hope they have implemented better security measures to keep TDN and other sites safe. I didn't have any problems come from continuing to visit TDN during this mess, and I hope there were not many other users affected (well, aside from maybe the spammers that never stopped visiting TDNF :P)

 

Anyway, I'm happy to see that everything is back to normal here at TDN. It was a boring couple of days with no one visiting the forum.

Link to comment
Share on other sites
Alice ☮ Newbie

Alice ☮

Posted
Posted

I'm kind of worried about the malware thing. I visited the site during the time that it was compromised, and Chrome stopped me from visiting the page, but I clicked "proceed anyway." I didn't see anything download, but as soon as I got on TDN forums, Chrome crashed and all the windows closed and I had to restart my computer... :/

And I don't know how to run a scan or if I even have anti-virus protection >_<

Link to comment
Share on other sites
Cornflakes Newbie

Cornflakes

Posted
Posted

Well, I am not terribly concerned. Throughout this whole thing I don't believe I got any viruses, spyware, malware, meepits, nor the like.

However I did change all my passwords just to be on the safe side.

 

And I don't know how to run a scan or if I even have anti-virus protection >_<

 

Dear, dear Alice. lol! Please visit these links very soon:

 

avira.com

malwarebytes.org

 

Download the free versions of these, install them, and run them. Happy Computering! :)

Link to comment
Share on other sites
sjoudrey Newbie

sjoudrey

Posted
Posted

Well that explains the weirdness. Sorry this happened to such a fine site. Hope it all works out. I'll reset my passwords now. Thanks for the update.

Link to comment
Share on other sites
brandongamer Newbie

brandongamer

Posted
Posted

So glad that everything is back to normal....I was starting to into TDN withdrawl lol. Nothing downloaded to my computer, my system caught it everytime it tried.

Ya, I missed browsing this place. Glad to see everything back up and running smoothly!

Link to comment
Share on other sites
Masaryk Newbie

Masaryk

Posted
Posted

Hooray for slowness being fixed! I can actually properly browse the forum now.

Link to comment
Share on other sites
StarryEyed502 Newbie

StarryEyed502

Posted
Posted

Just a small query - why do I need to change my Neopets password? It isn't stored anywhere on TDN, is it? If I have to change that, do I need to change all my other passwords too (Hotmail, other Forums, etc)?

 

I am glad it's all ok now though. Didn't like the 'trojan' popups from my Antivirus!

Link to comment
Share on other sites
devilhunterkai109 Newbie

devilhunterkai109

Posted
Posted

Just a small query - why do I need to change my Neopets password? It isn't stored anywhere on TDN, is it? If I have to change that, do I need to change all my other passwords too (Hotmail, other Forums, etc)?

 

I am glad it's all ok now though. Didn't like the 'trojan' popups from my Antivirus!

 

Some people use the same password, or similar ones for the forums and Neopets. Always better to be safe than sorry y'know?

 

Glad TDN is back. I assumed it had something to do with the provider's servers, didn't realize it was a hacking though. At least I have game guides again! ;)

Link to comment
Share on other sites
Xepha Newbie

Xepha

Posted
Posted

Just a small query - why do I need to change my Neopets password? It isn't stored anywhere on TDN, is it? If I have to change that, do I need to change all my other passwords too (Hotmail, other Forums, etc)?

 

I am glad it's all ok now though. Didn't like the 'trojan' popups from my Antivirus!

 

 

No we don't store your Neopets password over here.

Changing your password is an optional safety, but we encourage you to do it since it's a good practice to change (all) your passwords often. I'd say that changing them every 3 months or every holiday is a good habit to get into.

Link to comment
Share on other sites
StarryEyed502 Newbie

StarryEyed502

Posted
Posted

Some people use the same password, or similar ones for the forums and Neopets. Always better to be safe than sorry y'know?

 

Glad TDN is back. I assumed it had something to do with the provider's servers, didn't realize it was a hacking though. At least I have game guides again! ;)

 

 

No we don't store your Neopets password over here.

Changing your password is an optional safety, but we encourage you to do it since it's a good practice to change (all) your passwords often. I'd say that changing them every 3 months or every holiday is a good habit to get into.

 

Ahh, that's ok. I only just change them all so didn't want to have to do it again so soon lol

Link to comment
Share on other sites
Akifukail Newbie

Akifukail

Posted
Posted

I'm kind of worried about the malware thing. I visited the site during the time that it was compromised, and Chrome stopped me from visiting the page, but I clicked "proceed anyway." I didn't see anything download, but as soon as I got on TDN forums, Chrome crashed and all the windows closed and I had to restart my computer... :/

And I don't know how to run a scan or if I even have anti-virus protection >_<

 

Me too! I did the same thing.. Brr. I didn't see anything download either. But there's been some unusual things that happened. First, it's regarding my hotmail. Suddenly I got couple of messages apparently from post delivery status notifying that my email could not be delivered to all recipients when I didn't send anything in the first place. I checked my sent items, there was no such email too. It occurred for 3-4 days during the same period. I just deleted and marked then as scam. Then recently, while i was using windows messenger, it suddenly 'downgraded' to an older version, (laggy and my color theme was changed too) for about 5-10 minutes before it changed back to normal. But it hanged in the process and I had to restart the comp. This happened once.

 

I'm not sure if it might be a coincident but before this I never had any problems with my computer. Does anyone know if this could be related to the issue?

 

Both of the problems don't occur anymore so I'm not bothered much. But something strange is happening on neopets. When I click on certain links on neopets, it will show that I'm logged in to another user. It's different user for different links but the same user if go back to the same link on the same day/period of time. To be specific, out of the main navigation menu, only customise, games, board and nc mall will show my real user for the first time (this is consistent for 3 periods that i've checked). For the rest, it would show different user. I would need to refresh to EVERYTIME to go back to my real user. I'm not actually logged in to another user; I'm not allowed to do anything on it. For example when visit Fruit Machine (shows as different user) and I click on "Spin the Wheel", the following page will bring me back to my account. But why does this happen? It's the same whether I clicked from TDN dailies or from neopets itself. I tried logging out and logging in, changing my password, clearing cookies etc but it's still happening. I'm using Chrome but when I tried on Opera, it's still the same.

 

What worries me most now is, I can't access my bank! It will show a different user but when I refreshed it still won't budge! On that different user when I tried to collect interest, it will show an error but I have no idea how I can go back to my account ): it's the same for lab. I have yet to explore all links but so far these are the two that won't budge even after refreshing. Please help..!

(all my belongings remain intact though, my inventories, sdb and pets; if this info helps)

Link to comment
Share on other sites
Spritzie Newbie

Spritzie

Posted
Posted

Me too! I did the same thing.. Brr. I didn't see anything download either. But there's been some unusual things that happened. First, it's regarding my hotmail. Suddenly I got couple of messages apparently from post delivery status notifying that my email could not be delivered to all recipients when I didn't send anything in the first place. I checked my sent items, there was no such email too. It occurred for 3-4 days during the same period. I just deleted and marked then as scam. Then recently, while i was using windows messenger, it suddenly 'downgraded' to an older version, (laggy and my color theme was changed too) for about 5-10 minutes before it changed back to normal. But it hanged in the process and I had to restart the comp. This happened once.

 

I'm not sure if it might be a coincident but before this I never had any problems with my computer. Does anyone know if this could be related to the issue?

 

Both of the problems don't occur anymore so I'm not bothered much. But something strange is happening on neopets. When I click on certain links on neopets, it will show that I'm logged in to another user. It's different user for different links but the same user if go back to the same link on the same day/period of time. To be specific, out of the main navigation menu, only customise, games, board and nc mall will show my real user for the first time (this is consistent for 3 periods that i've checked). For the rest, it would show different user. I would need to refresh to EVERYTIME to go back to my real user. I'm not actually logged in to another user; I'm not allowed to do anything on it. For example when visit Fruit Machine (shows as different user) and I click on "Spin the Wheel", the following page will bring me back to my account. But why does this happen? It's the same whether I clicked from TDN dailies or from neopets itself. I tried logging out and logging in, changing my password, clearing cookies etc but it's still happening. I'm using Chrome but when I tried on Opera, it's still the same.

 

What worries me most now is, I can't access my bank! It will show a different user but when I refreshed it still won't budge! On that different user when I tried to collect interest, it will show an error but I have no idea how I can go back to my account ): it's the same for lab. I have yet to explore all links but so far these are the two that won't budge even after refreshing. Please help..!

(all my belongings remain intact though, my inventories, sdb and pets; if this info helps)

 

I don't know about the first part of your post, perhaps Ian or AA could answer that better.

 

But as for the second part, that is a known issue. I've seen it mentioned by quite a few users, and it seems most of those experiencing the issue are in someway connected to Singapore. I guess it's a ISP issue, so Neopets will have to sort that out.

Link to comment
Share on other sites
Ian Rookie

Ian

Posted
  • Author
Posted

Me too! I did the same thing.. Brr. I didn't see anything download either. But there's been some unusual things that happened. First, it's regarding my hotmail. Suddenly I got couple of messages apparently from post delivery status notifying that my email could not be delivered to all recipients when I didn't send anything in the first place. I checked my sent items, there was no such email too. It occurred for 3-4 days during the same period. I just deleted and marked then as scam. Then recently, while i was using windows messenger, it suddenly 'downgraded' to an older version, (laggy and my color theme was changed too) for about 5-10 minutes before it changed back to normal. But it hanged in the process and I had to restart the comp. This happened once.

 

I'm not sure if it might be a coincident but before this I never had any problems with my computer. Does anyone know if this could be related to the issue?

 

Both of the problems don't occur anymore so I'm not bothered much. But something strange is happening on neopets. When I click on certain links on neopets, it will show that I'm logged in to another user. It's different user for different links but the same user if go back to the same link on the same day/period of time. To be specific, out of the main navigation menu, only customise, games, board and nc mall will show my real user for the first time (this is consistent for 3 periods that i've checked). For the rest, it would show different user. I would need to refresh to EVERYTIME to go back to my real user. I'm not actually logged in to another user; I'm not allowed to do anything on it. For example when visit Fruit Machine (shows as different user) and I click on "Spin the Wheel", the following page will bring me back to my account. But why does this happen? It's the same whether I clicked from TDN dailies or from neopets itself. I tried logging out and logging in, changing my password, clearing cookies etc but it's still happening. I'm using Chrome but when I tried on Opera, it's still the same.

 

What worries me most now is, I can't access my bank! It will show a different user but when I refreshed it still won't budge! On that different user when I tried to collect interest, it will show an error but I have no idea how I can go back to my account ): it's the same for lab. I have yet to explore all links but so far these are the two that won't budge even after refreshing. Please help..!

(all my belongings remain intact though, my inventories, sdb and pets; if this info helps)

 

We do not have any information about the actual functions and operations of the malware that was injected into TDN. It could be anything.

 

If I saw this type of activity on my computer, I would run a full-scale virus scan immediately. I've never heard of anything like this before in my experience. Your biggest concern should be your accounts, especially if your bank account is acting funky.

 

If this type of activity on your computer continues, even after a virus scan, I would personally re-install the operating system on my computer (in other words: wipe your computer). But I'm a security freak (paranoid). That's just me.

 

Let me know what else you find... this is valuable information to our users.

Link to comment
Share on other sites
snarkie Newbie

snarkie

Posted
Posted

But as for the second part, that is a known issue. I've seen it mentioned by quite a few users, and it seems most of those experiencing the issue are in someway connected to Singapore. I guess it's a ISP issue, so Neopets will have to sort that out.

 

Yup. We're fairly certain the "mystery user" thing is an issue with a particular ISP in Singapore. The bank problem is related. Essentially, it thinks you're someone else and freaks out when you try to collect interest. It has nothing to do with malware and your account wasn't compromised. Our guys are looking into it.

 

Just wanted to clear that up!

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...