Quantcast Trojan in UI-pack - WoWInterface
Thread Tools Display Modes
01-15-13, 03:16 AM   #1
A Kobold Labourer
Join Date: Sep 2007
Posts: 1
Trojan in UI-pack

Couldn't find anywhere to post this, but I found a trojan in this UI pack here:

  Reply With Quote
01-15-13, 03:29 AM   #2
Dolby's Avatar
WoWInterface Admin
Join Date: Feb 2004
Posts: 2,206
Thanks for the report. On 1/12/13 the addon auctionator had a trojan (since we dont host that addon: http://www.curse.com/addons/wow/auctionator#c4438 and as you can see its now clean). This trojan required that you click on the folder auctionator.lnk which is highly unlikely any one would do. It looks like the author only removed the auctionator.lnk file but not the thumbs.db folder.

I have put it on hold until the offending files are removed and contacted the author. You need the auctionator.lnk file to execute the trojan which the author removed but just forgot the thumbs.db folder, so it is safe.

It looks like virus scanners are finally starting to pick this up.

Last edited by Dolby : 01-15-13 at 01:53 PM.
  Reply With Quote
01-15-13, 01:51 PM   #3
A Pyroguard Emberseer
Petrah's Avatar
AddOn Author - Click to view addons
Join Date: Jan 2008
Posts: 2,988
Kaelten said a hacker got in there and uploaded the infected file. Did that happen here as well?

A hacker got access to two accounts and used one of them to upload the virus laden file. I've tracked down about five ip addressed and blocked them all, and as of right now it appears to be the only file he infected.
♪~ ( ) I My Sonos!
AddOn Authors: If your addon spams the chat box with "Addon v8. now loaded!", please add an option to disable it!
  Reply With Quote

WoWInterface » Site Forums » Site help, bugs, suggestions/questions » Trojan in UI-pack

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off