Recent Malicious Activity
It’s recently come to our attention that a handful of servers have unfortunately been targeted in a string of malicious attacks. As a result of this, user details have been compromised and users may still be infected.
The servers that we know have had user data compromised are:
If you have downloaded any files from the above three servers, we recommend doing a comprehensive malware scan to ensure you’re not infected. You should also change your passwords immediately.
In the case of OS-Scape, you should search for a file called ‘ScapeFiles.jar’, particularly in the following directories:
In the case of Luminite & Solak, you should search for a file called ‘XLSTART.jar’, particularly in the following directory:
Please note that in the above examples, you should scan your entire PC for these files, they may be hidden elsewhere. You can use a tool such as https://www.voidtools.com/ to search your entire PC for a particular file.
As a reminder, you should, where possible, be taking full advantage of two factor authentication as well as performing regular scans and sandboxing any files that come from providers you do not completely trust.
All of the servers above have informed their existing user bases about the breach and we believe that, whilst there was a level of negligence here, the management behind these servers weren’t acting maliciously. As such we won’t be taking action against these servers. We will be continuing to observe the response time of servers notifying users about breaches, and if we feel they’re intentionally misleading or delaying users of these breaches, we will likely take action.
If you’re a server owner, you have a responsibility to keep your systems secure. You’re operating in a scene where people will jump onto any exploit they can and the onus is absolutely on you to keep these exploits to a minimum. There are lots of documented ways to do this and below are some guides that may help with this: