NIe qw ambil dari dota-allstars-blog.blogspot.com...
Warcraft Custom Map Virus, a Must Read!
There's been a big fuss lately on Battle.net because a new exploit has
been circulated amongst hackers. The exploits allows for a custom map
to execute arbitrary code on a client and
install trojans/viruses/keyloggers outside of the Warcraft III engine. In simple words,
by just join an unknown person who host the Warcraft III virus map, your pc will be infected when the game started.And Dota is now become the largest target of this virus. This is not
hoax or rumor, Dota-Allstars forums (and Battle.net forums) already
stickied this topics. I really recommend that you read this article
until finish for your own good.
Hackers created fake Dota maps that use the same file extension/directory as DotA 6.59d.
Therefore you will see the loading screen displayed in your custom game
list and it is effectively impossible to take precautions against, as
it has no discernible difference from joining a normal DotA game. It is
highly recommend that you stop playing public dota games until blizzard
can patch this exploit. They have already had it brought to their
attention.'For those who doubt how dangerous this is; by mimicing dota, anyone who
has already downloaded the legitimate map will see the game displayed
in the custom game screen with the proper loading image, and it
finishes downloading before you switch to the game lobby screen, as it
is a tiny file size. Once you enter the game, the virus will unpack
itself and infect your computer, allowing malicious code to be executed
at the whim of the hacker. This means a malicious user will be able to
grab everyone's cd-keys in a game, plant a keylogger in your computer,
any known virus etc.
Props go to
Maged@Battle.net forums for bringing this to attention.
http://forums.battle.net/thread.html......58&sid=3000Don't join games of DotA hosted by people you don't know. This applies
to public games, TDA, etc. The best precaution you can take at the
moment if you want to continue to play DotA, is to keep your Warcraft
III maps folder open, and see if any new files are downloaded when you
join a game. If they are, immediately leave the game lobby, before the
host can start the game (and infect you), and delete the new map file.
If your computer has been infected, you should run the best antivirus
software you can find, and Don't log into any accounts on your
computer, Warcraft III, email, etc, as there is a high probability of
getting your password keylogged. If you are certain your computer is
infected, the only surefire way to eliminate it is to reformat your
computer.
COMODO is the only known program at the moment to prevent Warcraft from
running the malicious code as of now. Every other
AV/firewall/anti-malware program other than that does not currently
prevent this exploit from being used.
This is what ChildLikEmperor, Dota-Allstars forums moderator, said on
his thread. But if you have another AntiVirus that can detect it, feel
free to share it here.
Blizzard has been notified about the issue. The safest thing to do at
the moment is to not play DotA or any other custom map until Blizzard
release new patch. OR, you can carefully choose your host when joining
a game even though certain risk is still there. Honestly, i prefer the
second choice, because it will be hard to stop playing Dota ~_~
Update:
Thanks for anonymous who give this information.
Name of virus: HackTool.Win32.Sniffer.WpePro.w
Contaminated sites are here:
C:\WINDOWS\TEMP\omfg_wtf.dllLooks like the virus file is on : \WINDOWS\TEMP\omfg_wtf.dllNote: Warcraft Patch 1.23 is also vulnerable for this virus! Artinya..para hacker bisa menginstall virus seperti trojan dll lewat
map DotA..cuman mengingatkan para teman2 di neo-mgi supaya lebih
berhati-hati..thanx..
Calendar
