last night my antivirus started to detect this javascript/vbscript automatically downloaded from cabalrider ph launcher. (instead of the proper cabalrider guide that pops up on the window of cabalrider....a blank page is displayed.)
This script instantly creates a KPY folder and attaches to your windows processes (worm/rootkit) once it has downloaded its main .exe file. So far updating my antivirus and rescanning it does not contain it. Im trying to remove my other Harddrive now and rescan it on other pc.
I dont know whether cabalrider's site has been compromised or they themselves created it (in preparation for their pay-to-use service) but it definitely is a password stealer.
U can still continue to bot safely but the trick is *AFTER LOGGING INTO THE GAME....HEAD TO E-GAMES SITE AND REPLACE UR PASSWORD INSTANTLY* do this everytime you try to login to the game using cabalrider.
NOTE: I aint forcing anyone to believe me...i seldomly post on this site though im an oldie on epvp. This just pisses me that cabalrider aint doing anything for this worm after 24hrs. Be wary guys.
minime signing off...
This script instantly creates a KPY folder and attaches to your windows processes (worm/rootkit) once it has downloaded its main .exe file. So far updating my antivirus and rescanning it does not contain it. Im trying to remove my other Harddrive now and rescan it on other pc.
I dont know whether cabalrider's site has been compromised or they themselves created it (in preparation for their pay-to-use service) but it definitely is a password stealer.
U can still continue to bot safely but the trick is *AFTER LOGGING INTO THE GAME....HEAD TO E-GAMES SITE AND REPLACE UR PASSWORD INSTANTLY* do this everytime you try to login to the game using cabalrider.
NOTE: I aint forcing anyone to believe me...i seldomly post on this site though im an oldie on epvp. This just pisses me that cabalrider aint doing anything for this worm after 24hrs. Be wary guys.
minime signing off...