Anyone willing to send a clean version of this to me?
Sure!
Where would you like it sent? :)
afghanant@gmail.com
Sent :)
Thanks!
I understand this thread is resolved and I've probably been annoying and newbish in my posts buuuut I downloaded recently ffx 3.3 from what I have assumed the main site...
Just to clarify the site for ffx 3.3 was/is ffx.freedomforceforever right???
indeed.
Well then I'm assuming what you told me about it being unavailable Prev and AA's request, most believe the site/file unavailable??
Cause I checked again and I can still access it, albeit in a work-around way.
I can post the link but don't want to cause any bother if Cat, who I only just found out hosts it, wants it known to be available? That and the whole resources links removed jazz.
I really should do something about that.
Behind the scenes we had a hacker attack of some kind which may have resulted in a virus downloading itself into people's systems. Given the the owner of the first site affected has had his email hijacked and used for spam, that is probably the source of the problem. I did change ftp access passwords, but since ftp accounts are limited and several people had to share, multiple sites were affected. Someone then complained to my provider who then disable all ftp accounts without even notifying me, and apparently diabled some other things, also without telling me, leading to our current situation.
If you have a workaround, I don't mind it being posted, but I can't be held responsible if anything I haven't cleaned up infects your system as a result. I doubt it, but it's possible, so don't cry to me if it happens.
I can probably make ffx 3.3 available at an alternate link in the meantime, if that is desired.
Edit: I've upgraded my account with a new one that costs the same, but offers enough ftp accounts to give everyone their own account. That should prevent multiple sites from being affected by any future attacks. This will require a bit of work on my end to separate everyone, but should be better over all once accomplished.
*whoosh* over my head ^_^
Well I wont say anymore then. I personally havent seen any signs of virus but then my laptop doesn't have net access anymore so any online/email trickeryness wouldnt be noticed I guess. Will have to double check my system.
Was just curious as to the situation. Sorry to hear that happened :( and a personal thank you for hosting all the other FF content. I hope one dayto be able to contribute to the community as others have as FF is the one game that stands the test of time.
I would like a copy too if possible. my email is jamros92@yahoo.com
Sure thing ;)
EDIT: Sent ;)
and one for me, if it's possible, at:
fooljester@libero.it
Thanks!
Thank you
First of all, hi everybody. My last post was three years ago...
I've had the same problem in ffx.freedomforceforever.com. In fact my computer is now probably infected too.
I'm not an internet security expert but I think this has nothing to do with passwords but with code injection. If there's any around please correct if I'm wrong.
Not all the antivirus software block the threat. I have McAfee and it didn't. Avast did it, it reports a js:Iframe-CG [Trj]. i don't think the downloadable .exe file is infected.
Meanwhile I'm scanning my system...
edit:
It seems this trojan affects the text/html files,
http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Iframe-CG/detailed-analysis.aspx
this is the full report:
http://www.virustotal.com/file-scan/report.html?id=67945a6988069494d38e7874e827f7dfa10629dcd3f77c6aebdb6b73d7126295-1324996396
And the .exe is not infected:
http://www.virustotal.com/file-scan/report.html?id=d2048b7b55dd117e1b579857f2106f14313bfc0e83ff600491aa02f3c0d3df3f-1324998335
So if you want a safe download just click on the link, it won't open any infected file (the .hmt):
http://ffx.freedomforceforever.com/downloads/ffx33setup.exe
I've indeed found injection code in some of the page. Deeply sorry for not noticing it any sooner. Thanks for the report, lmalonsof (and welcome back).
As a temporary measure, I've disabled site navigation from the index page while I'm checking every page, but the download page is now safe. Hopefully, the server's security hole in PHP which allowed the exploit in the first place has been patched, but, as Cat mentioned above, the fact that each account is now separate should make us immune, as the FFX site is purely static and in itself should be immune to these attacks.
I've checked and repaired the site. Hopefully, things should be OK from now on. Our apologies to those affected by the issue.
Thanks for your work on this Epi. It's appreciated. The changes I've made on the login side should prevent any of this from happening again, although there are no guarantees. I consider it extremely unlikely however.