 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| The Java Hack Revealed by Gooroo |
|
|
 |
|
|
| Site in question: ** DO NOT GO HERE ** http://members.xoom.com/whcentral/utopiatips2/ |
|
|
| Background: |
|
|
| I'll say this.. I was *surprised*. Here's what started the hundreds of posts, that, for once, agreed with each other (I don't think I've seen that happen before). |
|
|
| [From Utopia Talk / Bugs & Suggestions / I lost all of my buildings!!] |
|
|
| Eliajh [ User ID: 9063723 - Mar 25th 4:52 PM ] |
|
|
| I got a messege from some guy to go to his website to get some tips on the game, so i went there and read it, came back to the game and all of my buildings were GONE!! all of it said 0, everything else was there... my troops, food, peasants, land, but all my buildings were gone! i don't know what to do... |
|
|
| Of course, I was skeptical, I've been in Utopia from the first age, and never heard of anything like this, and, admittedly, I would have never thought of it.. |
|
|
| What it is: |
|
|
| What this page is, on the outside, is a Utopia Newbie Guide (Halfhearted and half serious, it was copied from the Strategy Forum from a few days prior.. ) It looks totally normal, you wouldn't, and no one did, suspect a thing.. a frame up top, from Xoom's ads, and the guide. The only thing odd, really, is that it seems to load very slowly. |
|
|
| What really happens: |
|
|
| Unfortunately, when you load those two frames, three other frames that you can't see load, and load a snippet of Javascript that sends commands to utopia-one.eesite.com.. Utopia thinks you're playing, and you don't have a clue about it. Each frame loads and sends information to a different section of Utopia.. Growth, Military, and Sciences. Utopia is told to raze 1000 of each building, release 10000 of each military unit, and begin researching 100000 units of sciences. So you end up with no buildings(watch those peasants flee), No military (Whole bunch of soldiers standing around.. yay.), and a whole bunch of science.. too bad all your money is gone. |
|
|
| (as a side note, Snap, for one, has placed a link to this page on his site, with his usual arrogant flair..) |
|
| How to defend against it: |
|
|
| I've heard people say that the script only works if it somehow gets your user name and password for Utopia. Bullsh*t. It uses, or abuses as the case is, features in your web-browser designed to make web browsing easier. When you login to Utopia, your browser will remember the information you used to login until its forced to forget it, which is at the end of a browsing session. (The end of a session is when you close *all* instances of a web browser.) The reason it got so many people, is because provinces owned by this little code junkie were using in-game messaging to advertise it. |
|
|
| If you've been affected: |
|
|
| Echelon posted this morning that they had found a solution, which in anutshell, was to make Utopia ignore any commands that weren't referred by a Echelon site (the exploit sends commands that were referred by xoom.com). At this time, I do not know if this fix has been implemented. They are also looking into pressing charges of some sort, more on that later. |
|
|
| What Echelon is doing: |
|
|
| Echelon has implemented a new option in the Preferences menu of Utopia that allows you to start over from the beginning of time. Your province gets recreated, the same as it was a few days ago, except you're given an extra 100,000gc, to help speed your rebuilding efforts. |
|
|
| "But..but WHY?? What did *I* do to deserve THIS????" |
|
|
| Nothing. This, if rumor is to believed, is the work of a 15 year old looking for revenge for getting beaten last round. There was a post made on this very thing, from someone, who I'm beginning to convince myself was the creator..(Note from Archfiend: at this point Gooroo wanted me to post a message relating to this that was on the general forums. I decided not to because it was incredibly long and I think it was probably just propaganda from the guy who designed the page) This person also distributed a trojan, called utopiacheat.exe, which would allow him to remote control your computer. I've ripped this program to shreds, and 70% of what he said is hype. He said he's put his own strain of virus in. Bullsh*t. He said its totally undetectable. Bullsh*t. It can't be removed. Bullsh*t. How to tell if he got ya: search your computer for the file "hwn32.exe". If you find it, you've been infected, and this moron can control your computer. Breaking free is easy, though. Restart your computer in DOS mode. Then type: del c:\windows\system\hwn32.exe after you punch enter, reboot your computer. Free at last. (Note: Network Associate's Virus scan (http://www.nai.com/) detects the trojan, but incorrectly reports it as Back Orifice) |
|
|
| Overall, I think the worst is over, but until Mehul makes the changes, watch your step. |
|
|
| Gooroo |
|
|
|
|
|
| Back to the Main Page |
|