EMC Site being hacked?

Discussion in 'Empire Help & Support' started by AlexC__, Aug 10, 2012.

Thread Status:
Not open for further replies.
  1. Getting a .exe thing trying to download whenever I go to the empire.us. I suggest all users stop the download until a staff member can confirm what this is - page should still load after being stopped.

    Snap 2012-08-10 at 21.17.34.png
  2. Get off of the website, stay ingame and turn your alt accounts chat on I'll pm you when its safe.
  3. Nothing here.
  4. Alex, this is a virus. Do not download this, and stay ingame. The game servers will not be effected.
  5. Guys, Don't fret, Don't run it and it wont damage your system.
  6. Yeah I'm fine now - I just stopped the download whenever it tried. Thanks Max.
  7. NO thanks to me? I replied before Maxi! :(
  8. Not really ;)
  9. *Sniffle Sniffle*
  10. Just got the same thing, Avast! was on the Ball XDBest Minecraft Servers
    FrankieC likes this.
  11. Avast should be blocking it before it prompts a download box.

    But yes, I just updated the original thread about this one too... I suggest taking a break from the site

    The virus drops a file: %SystemRoot%\system32\360SP2.dll

    Check for that.
  12. %systemroot% is hidden by default for users for protection

    To get to it you need to go to

    C: > Windows > System32 > and then search System32 in the top right for 360SP2.dll
  13. Hmm, Chrome downloaded it automatic. But AVG deleted it right away, I think i'm going go get AVAST instead of AVG..
    marknaaijer likes this.
  14. Looking into the problem all, you are safe as long as you don't run any exe file that is downloaded. I have verified with a linux security expert that our web servers have not been compromised in any way, the attack has happened somewhere else and we are tracking that now. More than likely it is happening at our DDoS routing protection. Thanks.
  15. Should I turn my DDOS off for now? Maybe that'll fix the problem

    Not really :.)
  16. Justin why is this happening lol?
    IamSaj and BobTheTomato9798 like this.
  17. I have verified the problem is that out DDoS protection provider has been compromised. I am working on stopping the routing through them and using a different company, however it could take several hours for DNS changes to propagate. Thanks everyone, no data was compromised and I appreciate the patience.
    IamSaj, xI_LIKE_A_PIGx, zulu9 and 3 others like this.
  18. Who are are DDOSSing???
    nerone94 likes this.
  19. My mobile chrome browser is telling me its attempting to download several files. Could it be that there's more than 1 file?

    That escalated quickly.
  20. So far to my knowledge there is server123.exe and the other one you shouldn't be on this via mobile atm I suggest getting off due to poor security protection on mobile phones.
Thread Status:
Not open for further replies.