SKYRIM
  • 6 March 2014 21:40:26

    Be careful: Trojans masquerading as popular executables

    posted by Dark0ne Site News
    This is a heads up announcement to please, for the love of all that is good, always keep your wits about you when downloading from here or anywhere on the internet.

    There is currently an individual who is placing trojans within well known pieces of Skyrim software, such as the Skyrim Character Editor and even Skyrim Mod Organizer, and then uploading them as new files here on Skyrim Nexus (note, the original files here and here are NOT compromised, this user is uploading new files to the site masquerading as these files). This trojan has code within it that will retrieve any passwords you have stored in your browser and send them to the script kiddy's email address. The script kiddy is then using the details he has stolen from users "unlucky" enough to be exploited in this way, logging in to their accounts here on the Nexus and then uploading another trojan via the same method.

    If you believe you may have fallen for this exploit then ALL the passwords you have stored in your browser have been compromised. You should change your passwords immediately for any and all sites you use, and change your passwords on any sites where you have used the same password, even if you don't have that site's login stored.

    If you stick to common sense practises while browsing the internet then this will not be a problem for you at all. Things you should always be suspicious of or do:

    • Files with comments disabled that have only been uploaded in the past day
    • Elaborate and complex files uploaded by new users or users who have previously not uploaded a single file or made a single comment on the sites
    • Software that has absolutely no business using your internet connection trying to make a connection to the internet
    • Executable files, or files containing .DLL libraries unless you are absolutely sure it can be trusted.
    • Always, always run a virus scan on any files you download from this or any site you download from
    • If in doubt, don't download or open the file and wait to see what other more experienced users are reporting


    I sympathise with the people who have been caught by this, but you got caught by this because you aren't using your common sense. Please, for your sake, keep your wits about you and don't let your guard down when downloading files on the internet.

    If you don't have a firewall, or if your firewall does not warn you when new, unrecognised and untrusted software is trying to connect to the internet please follow these steps:

    1. Find your router
    2. Rip your router away from any connected cables
    3. Open the nearest window
    4. Throw your router out of it
    5. Close the window


    Honestly, get a firewall, install it, and understand how it works. Without one it's very possible your system is a drone in a botnet and likely a part of the perpetual problem of the internet that is DDoS'ing, something that we're no stranger to here.

Comments (271)