Login | Signup

Community

 
Jump Menu:
Switch to Forum Live View WARNING- BOT MALWARE ALERT
5 years ago  ::  Oct 16, 2008 - 5:34PM #1
WotC_Xan
WotC_Xan
  • Wizards Customer Service
Date Joined: Mar 26, 2008
Posts: 50
We have been able to verify that the CBSbot does contain pieces of malicious code and has the ability to compromise Magic Online accounts.  If you are running this bot on your computer or have ever run it on your computer, we recommend that you remove it from your system and change ALL of your passwords, including any similar password you may use with any other company (such as E-bay, Paypal, Credit Card, etc)



The seller of this bot has admitted to using a “backdoor” function in the bot which would open to his account allowing him to freely trade cards from accounts running the bot. We have verified at least one victim who had all of the cards removed from their account via this function. If you believe you have been a victim of this, please submit all relevant information, including screenshots, receipts, etc to our “report suspicious activities” link at: http://wizards.custhelp.com/cgi-bin/wiz … faqid=1236 .  In addition to the backdoor function, this bot had the ability to transmit Magic Online usernames and passwords to the bot seller.



Please be aware that whenever you allow a third party access to your computer you are putting your information at risk. This can include seemingly harmless programs such as Bots, Addons, and “helper” type programs. Unless you have coded these programs yourself, you have no control over what information they are accessing, including your passwords or other private information. We strongly caution that you avoid all third party programs.



Pursuant to the Terms of Service, Wizards of the Coast is not responsible for any losses or damages you may incur as a result of running third party applications in conjunction with Magic Online.
Quick Reply
Cancel
5 years ago  ::  Oct 17, 2008 - 4:41PM #2
WotC_Xan
WotC_Xan
  • Wizards Customer Service
Date Joined: Mar 26, 2008
Posts: 50
I realize this situation has brought up a number of questions for people, we would like to clarify some things:

Just to be absolutely clear…

WOTC conducted a full, independent investigation into several versions of this bot. The backdoor referred to is NOT a function used to retrieve commission going to the engine_82 account as the bot programmer is now claiming-- it was an “autotransfer” feature intended to set all cards in a collection as tradable to specific accounts all owned by the bot creator. The bot owner admitted to us that he used this feature to empty accounts without permission. Additionally, the bot has code that will capture and send password data to the bot owner. There are several different versions of the bot, some of which may not contain the malicious code.

I use the CBSbot and it’s never hurt me, how do I know it’s bad?

This is a judgment you will have to make on your own. Some things to consider in this decision are: the code in this bot can obtain your passwords. These passwords could be used to attempt to compromise non-Magic Online related accounts. In addition, should you choose to run a bot, and incur losses because of it there is no way to recover your lost items.

Is my bot safe?

We cannot comment on the security of bot programs. Whenever you use a third party application programmed by someone else, you are taking a risk. We strongly caution against using applications coded by third parties, as they may contain malicious code.

Why should I change my Paypal/Ebay/etc passwords?

Many people use similar usernames passwords in different accounts. If you are a user of the CBSbot and have done this, we recommend that you change all of your passwords to avoid having other accounts compromised.

I have the CBS bot on my system, what should I do?

Delete it from your system. If you feel you have been compromised, use our “report suspicious activity link” at http://wizards.custhelp.com/cgi-bin/wiz … faqid=1236

I want to continue to run the CBSbot

As with any third party program, you run this at your own risk. We are not responsible for any lost or damage incurred as a result of third party applications run in conjunction with Magic Online.

I traded with the CBSbot, am I at risk?

We do not believe so at this time. It appears this malware only impacted people running the CBSbot on their accounts.
Quick Reply
Cancel
Jump Menu:
 
    Viewing this thread :: 0 registered and 1 guest
    No registered users viewing