Nuclear Nezz 2063 Posted October 12, 2021 As users may have noticed, Babble is no longer accessible on the site. It was brought to our attention that Babble has an exploit where users were receiving uninitiated download requests that claimed to be our DBLauncher. If you received these, you may have downloaded a virus, I strongly encourage all users to run antivirus software and to run virus scans. Regardless of if you've downloaded the uninitiated download or not, it's always good practice to regularly scan your computers. Also a general reminder, do NOT ever *EVER* accept a download that you have not initiated yourself. If we can resolve the exploit or find an alternative chat option we may implement the chatbox back to the site. We will be discussing this internally and will update all of you when we have a decision. Thanks, The Dream Team
Pandemic 2818 Posted October 12, 2021 Update: If you have any "DBLauncher.jar" files downloaded that don't match the latest version's hash (https://dreambot.org/guides/download/) to be on the safe side you should delete them, restart your computer, then run a virus scan and download the DBLauncher from our site. Please note that the fake DBLauncher.jar did not actually act as our real launcher (it wouldn't look the same or actually launch the clients), so if your version actually functions it's most likely safe. If you accepted the uninitiated download popup then actually ran the fake DBLauncher.jar, please delete it immediately and follow the steps above to protect your computer. You can only find the official DreamBot launcher / client from our site (https://dreambot.org), NEVER download it from a third party file hosting site (like gofile / mega)!
Pandemic 2818 Posted October 13, 2021 3 hours ago, bandopancake said: whats a time frame when and how long this was happening? We believe the messages sent via the Babble chat started around 5 days ago, although it's possible they started a couple days before and were just unnoticed. Again the underlying exploit allowed someone to try and start a download of a file, and a rogue user was sending a file called "DBLauncher.jar" to make people think it was our actual launcher. This exploit did not automatically download this file (or any other file), it just popped up the prompt in your browser acting like you clicked a link to download it. Our actual download links were fine, and none of our systems were affected at all, this was just a person to person exploit through the Babble chat messages.
Falcon 0 Posted October 13, 2021 Was the download link from another domain or was it from dreambot's server, I see I got one from https://dreambot.org/DBLauncher.jar and the rest is from https://downloads.dreambot.org/DBLauncher.jar ?
brave 29 Posted October 13, 2021 3 hours ago, DarkFalcon said: Was the download link from another domain or was it from dreambot's server, I see I got one from https://dreambot.org/DBLauncher.jar and the rest is from https://downloads.dreambot.org/DBLauncher.jar ? Both of those links are fine, the malicious file was stored as a blob
Falcon 0 Posted October 13, 2021 2 hours ago, braveheart said: Both of those links are fine, the malicious file was stored as a blob Thanks, that information was very useful.
Stoned 52 Posted April 9, 2022 Was there any update to this @Nuclear Nezz@Pandemic? I miss the chat box after checking back here
Recommended Posts
Archived
This topic is now archived and is closed to further replies.