Jump to content

  • Curse Sites
Help
* * * * * 1 votes

Security Notice from Curse


  • Please log in to reply
5 replies to this topic

#1 Khalija

Khalija

    Leaf on the Wind

  • Administrators
  • Curse Premium
  • 4152 posts
  • Profession:Mesmer
  • Server:Jade Quarry

Posted 02 November 2012 - 12:58 AM

Posted Image


Earlier today Curse was notified by Google that there was a script known to be malicious being served though some of our sites. Upon further inspection Curse has determined the script was being served through ad placements from a 3rd party.  These ads were being served as they normally would; however, due to a security breach at the 3rd party, a malicious Javascript was being served that was put in their passback system.

We have managed to identify the 3rd party, who is well known to be trusted, as the source of the script. They have been contacted about the compromise and have removed the malicious script being served to not only Curse, but possibly everyone with whom they work.  They are still investigating the breech.

Curse takes security extremely seriously and has removed all 3rd party ad partners until the investigation is complete.  We will keep you informed of the outcome of this investigation.  In the meantime, we recommend you run a malware scan on your computer.  You can run a free scan at http://www.malwarebytes.org/. We sincerely apologize for this inconvenience.

At no time was any information in our databases compromised - your logins, user info, and all other personal information is safe and sound. We will continue to monitor the situation, just to be on the safe side.

#2 M1k3l

M1k3l

    Sylvari Specialist

  • Members
  • 891 posts
  • Location:Sinister corners of the Web where conspiracy theories thrive
  • Guild Tag:[SR]
  • Server:Jade Quarry

Posted 02 November 2012 - 02:11 AM

Thanks for the open feedback.

#3 MoonlitDNC

MoonlitDNC

    Fahrar Cub

  • Members
  • 22 posts
  • Location:Pittsburgh, PA
  • Server:Tarnished Coast

Posted 02 November 2012 - 02:37 AM

I'd already seen on Reddit that it was probably an ad thing, but an official update is nice - thank you.

So long as passwords were not intercepted, ~smart people~ should probably have had ads/scripts blocked to the nether & back anyways.

Edited by MoonlitDNC, 02 November 2012 - 02:38 AM.


#4 Aevlom

Aevlom

    Pale Tree Seedling

  • New Members
  • 8 posts

Posted 02 November 2012 - 06:15 AM

Who is this third party who is "well known to be trusted"?
And doesn't this incident prove the opposite?
If it doesn't, I don't know what does.

#5 Voison

Voison

    Team Legacy

  • Curse Premium
  • Curse Premium
  • 560 posts
  • Profession:Warrior
  • Guild Tag:[TL]
  • Server:Kaineng

Posted 02 November 2012 - 09:27 AM

Thank you for the heads up!
[TL] Voison ~ 내 원수,에 대한 경례
Voison ~ Asura ~ 80 ~ Warrior ~
picture

#6 Piteous

Piteous

    Asuran Acolyte

  • Curse Premium
  • Curse Premium
  • 98 posts
  • Location:Tennessee
  • Server:Blackgate

Posted 15 November 2012 - 07:36 PM

I have been stopped from coming here by Firefox when I am at work. It says it is an unsafe sight, not now though because i'm at work right now.

Edited by Piteous, 15 November 2012 - 07:37 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users