Jump to page
Back in March you might remember a news post written by myself titled Be Careful: Trojans masquerading as popular executables. To cut a long story short, a user was uploading a malicious file to the site that, when installed, would enable the user to find out your Nexus username and password, which was then in turn used to log in to other user's accounts with the stolen login information and continue to upload the same virus to the sites.
Today we were alerted to a malicious change to SkyUI, one of the most popular files on the Nexus network, at around about 12.30pm GMT. Within 20 minutes the file was removed and we got to work investigating how the file was added and who removed the original SkyUI file and replaced it with a malicious executable (thank you to those people who reported the file and were clever enough not to install it!).
Following on from that we noticed some strange actions coming from one of the staff member accounts here and, while I have not been able to get in contact with the staff member yet, we can conclude that the staff member's account has been compromised and this was how the "hacker" was able to remove files and upload new ones in their place. As part of their job the moderation team need to be able to access and edit the file pages on the site. If an unsavoury miscreant gains access to one of those accounts they can, potentially, do quite a bit of damage. Unfortunately that was the case today.
We were able to quickly identify and remove access to the account, however, a few more files were changed by the "hacker" before we could trace things. These files, on top of SkyUI for Skyrim, were:
ApacheiSkyHair for Skyrim
Fallout 3 Redesigned - Formerly Project Beauty for Fallout 3
Project Nevada for Fallout New Vegas
Oblivion Character Overhaul version 2 for Oblivion
It's clear the "hacker" was going for some of the most popular files for each of the main games the Nexus supports to gain maximum exposure.
It's important to note that staff members do not have access to any personal details (they can't even see your email address) including any Premium Member details and we do not store any credit card information so that's not an issue at all. This was not a traditional "hacking". Our server's themselves weren't compromised (indeed, we think we've got things locked up pretty damn tight right now to the point where you need to be on a specific IP address before you can even gain access to the server terminals and think about user accounts and passwords). Unfortunately the computer's of one of the staff members was compromised and this is the result.
Things have been tidied up and the threat has been removed. If you downloaded one of the compromised files listed above and ran it between the hours of 12pm and 2.30pm today then please run a full virus sweep of your system. If you did not download any of those files in that time then this breach will not have affected you. We've contacted each of the owners of the files listed above. For them, unfortunately, because their main files were removed they will need to be reuploaded and the stats will have been reset for those specific files. It's important to note that deleting an uploaded file does not reset or clear the main file's stats. It's just unfortunate that the stats for those specifically uploaded files will be lost. I'll have a word with the main database admin to see if we can't get the majority of stats for those files restored, with a bit of loss due to having to roll-back a day or two. If you're the owner of one of those files please send me a PM so we can look into that with you.
I apologise personally for what has happened because, at the end of the day, the buck stops with me. I am highly protective of the staff here who have individually volunteered thousands of hours of their time, some of them for many years, to keep this network of sites clean and tidy. Unfortunately these things happen and I will obviously have a word with all the staff here to remind them all of best internet practises to maintain account security.
On an unrelated note I've had a few reports from German users saying that one of the ads on the rotation is sending them to a fake java updater page. This seems to be localised to only German locations, which makes it tough for me to diagnose, but I have been in contact with the advertising supply chain to try and get to the bottom of this and hopefully the issue will be resolved shortly.
We've been a bit short in the news department recently. This isn't because there's been no news to report on but simply because I've been extremely busy. I'll be reporting on all the updates we've made recently in due time but in the mean-time, today we released a new version of NMM along with a new "Legacy" version of NMM. Let me explain what's going on.
The NMM programmers are finding that more and more of their time is being taken up by trying to support old and outdated versions of the .NET framework which is not only limiting the functionality NMM can provide but, simply put, taking an inordinate amount of time for the less than 5% of people this helps to support. The inherent issue is that Windows XP no longer supports the latest versions of .NET, specifically, version 4.5 of .NET. Statistics show that less than 5% of users who use NMM are on Windows XP. We have therefore taken the decision to branch NMM from this point on in to two releases: the normal Nexus Mod Manager and the Nexus Mod Manager - Legacy Edition.
The Legacy Edition of NMM will be for those users who either want NMM to simply stay as it is right now or who cannot use the main version of NMM due to it now requiring the latest version of .NET in order to work. It's the fall-back to support those users who can't, won't or don't want to kept up to date with their operating systems. For us, NMM is now for Vista, Windows 7 and Windows 8, the Legacy Edition is for users of Windows XP.
We will update the Legacy Edition with any bug fixes that can be applied but, unless a new feature doesn't make use of any .NET 4.5 features, the Legacy Edition is now feature frozen: it will not be getting any new functionality.
In other news, a lot of people have noticed that the "Download With Manager" button is not working for them on the site. Firstly, let me say that this is nothing to do with us, in that we haven't caused this problem. The problem arises with the combination of Windows 8.1 and the Google Chrome browser, and only this combination. NMM works fine in IE and FireFox with Windows 8.1. For a slightly technical explanation of what's happening: a recent silent update to Chrome has forced the browser to no longer recognise third-party URL protocols, like the "nxm" URL the Nexus sites use to start your download in NMM. Instead, Chrome will now only accept URL protocols that are classed as "safe" by Windows 8/Microsoft, which at this time is basically just the Windows Store. Great update, Google. The fix for this issue involves editing a Google Chrome config file to tell Chrome that the Nexus Mod Manager is a safe program to accept URL requests from. Google haven't coded any sort of system (like FireFox has) to ask if you want to trust the Nexus Mod Manager protocol, it just refuses to work. That's just plain laziness on Google's part.
Version 0.50.0 of NMM has added a button to the settings menu that will attempt to edit this Google Chrome config file so your download button will work again. It's experimental, and while it won't break anything, the worst it will do is just continue to not make the button work for you. We won't know until people use it. However, we can completely understand why you might not want NMM editing any config files unrelated to NMM, so for you guys I'm afraid the only option is to manually download then add files to NMM (very, very easy to do) or simply use a different browser. Once again, this problem hasn't been caused by us, and we're slightly miffed Google have taken this lazy approach.
We're obviously interested to know if this button fixes it for people who've experienced this issue, so please let us know.
Version 0.50.0 of NMM requires an uninstall of your current version of NMM before you can apply it. The process is extremely simple and NOTHING will change in your NMM so long as you reinstall NMM to the same directory. Your mods, load orders, settings and everything else won't change. If they do change then you have NOT installed NMM to the same folder, or you've changed your game folder location either physically, on your hard-drive, or within your NMM settings so they no longer point to the right location. NMM does not delete mods off your hard-drive when it is uninstalled. We needed to force an uninstall due to some of the .DLL packages changing or being removed and we didn't want people filing bug reports because they couldn't be bothered to uninstall the software like they were asked to do.
We've released a dummy 0.49.8 release of NMM which has a tweaked update mechanism for those people updating through NMM itself from version 0.49.7. If you do it this way, you'll first have to download 0.49.8, which will then direct you to the correct version of 0.50.0 to download based off the operating system you're using. If you are using Windows XP, 0.49.8 will direct you to download the Legacy Edition of NMM. If you are using Vista or higher, 0.49.8 will direct you to download version 0.50.0 of NMM. You can skip this step (going from 0.49.7 to 0.49.8 to 0.50.0) simply by downloading the latest version from the NMM download page. This process might seem a little convoluted but you'll be all done within the space of a minute (depending on your download speed).
Fingers crossed now we've got this task behind us the long awaited Profiling system will not be far behind.
If you are a fan of the Fallout Nuka Break series there is good news for 2014.
Today we have launched our new Video Share functionality across the Nexus sites. The concept of the Video Share section is much like the Image Share section; it's an area where you can showcase the videos that you have made that relate to the games we support in some way. Interviews with modders, reviews of mods you like, story-driven machinima and so on and so forth. It's something we've had on our to-do list for two and a half years now so I'm pleased to finally get this out the door.
First and perhaps most importantly, the Video Share section will only work with YouTube videos. We made a conscious decision to forego hosting videos ourselves for a variety of reasons:
- Most prolific video creators are already using YouTube and a lot are entwined with their commission scheme so it seemed pointless to force them to upload their videos again, here, when a ready made and proven service is already available.
- YouTube have a great and powerful API we can easily hook in to.
- It's unlikely a lot of people already using YouTube would want to upload their videos here anyway as it may result in a loss of subscribers. By linking in with YouTube's API our relationship with YouTube is symbiotic, advantageous to YouTuber's and non-detrimental to prolific YouTuber's.
- Hosting videos, that are often large files that require resource intensive encoding, is a costly investment (it can easily run in to the hundreds of thousands of dollars). It seemed more prudent to continue to direct funds towards the ongoing stability of these sites rather than on a new feature.
- Coding a video player seemed pointless, and a waste of what would likely have been months of programmer time, when YouTube works fine.
- More liability falls on YouTube than us if someone uploads something they shouldn't.
While I understand some of you will not be fans of YouTube it is the most convenient service for us to hook in to. We do not have any plans to support other video services at this time.
As a result the Video Share system becomes an indexing service for videos users upload to YouTube. You might ask, "What's the point, I might as well just go to YouTube". Well, not really. If you go to YouTube and type in "Skyrim mods" you'll get a crap-ton of results with very little filtering options past that. The idea of the Nexus Video Share is to provide a better indexing service than what YouTube can offer, specialised to what users of this site are going to be more interested in and allows authors to showcase their videos, and especially the mods showcased within those videos, more easily to users who are interested in such content.
We've added a new feature to our video share system that I'd like to have implemented into the Image Share section at some point soon. When adding videos to our database you can specify which Nexus mods are being showcased in the video. Something I see time and time again in YouTube comments are users asking the video author what mods they're using. The idea of this system is to allow authors to quickly and easily add these mods to their video pages, providing exposure for those mods while similarly relieving the burden of continually answering the same questions for the author.
If you're looking to add your videos to our Video Share database then we've made it easy for you. We've plugged an importer in to YouTube's API that will connect to your account (via YouTube's API servers, and not ours, for obvious security reasons!), find all your videos and provide you with an easy to use interface to choose the videos you'd like to add to our Video Share. If you're a weekly mod reviewer and you've been releasing a video every week for the past 3 years then you'll probably find it a lot quicker to use our importer than you would manually adding each new video in to our database. Alternatively you can easily add your videos to our database manually using our video adding wizard.
The Video Share guidelines will follow the same rules as the Image Share guidelines which most importantly includes a no nudity/sex rule. I don't currently have any plans to offer a Supporter Video Share that has more liberal rules. We'll just see how it goes.
A Video Share section has always seemed like a logical extension of our Image Share section. I've no idea how much it will be used but considering the two and a half year wait to get around to doing this work I'm just pleased we could finally release it.
An ambitious project known as Beyond Skyrim aims to bring all the provinces of Tamriel to the game of Skyrim. The team has released an official trailer announcing that we will be able to play in Bruma as early as Summer 2014.
Visit the Beyond Skyrim Forums if you want more details, or if you want to help out in any way.
We've released version 0.49.0 of NMM today which includes support for both Starbound and State of Decay. Both are compliments of modders within the community, KrazyTheFox for Starbound and MrxknownJG for State of Decay. Their help in getting support for these games in to NMM has enabled our dedicated NMM programmers to carry on with other projects in NMM (profiling, mainly) so they have my thanks.
Here's the full change log:
- New Feature: Added support for State of Decay.
- New Feature: Added support for Starbound.
- New Feature: Improved the “The Elder Scrolls Online” game detection.
- Bugfix: Fixes the installation of ESO addons on the EU version of the game.
- Bugfix: Some instances of visual category duplication while in category view.
- Bugfix: Clicking on add new category while in plain view was adding the category to the mod list.
In other news the last beta weekend before the game launches has just begun for The Elder Scrolls Online. If you're stuck for things to do this weekend there's no harm in giving it a go if you haven't already.
Jump to page