Has this entire forum been compromised by hackers and spammers?

UncleSporky
Level 2
9 months ago

I just played through Solasta for the first time and really enjoyed it, and came here to see what people are saying about it.

As I look through various threads I constantly see posts that look like legitimate discussion about the game, something that bots wouldn't easily be able to generate, and yet the posts have been edited with weird links in them.  The intent seems to be that people would click these random links and have their computers compromised, or buy into some shady product.

I don't believe all these posts are spammers or bots who should be banned or deleted, I think some of them are legitimate posts that have been somehow hijacked with bad links.

Examples:

https://forums.solasta-game.com/forum/questions-about-creating-a-mod-which-alter-spells-propertiestags

https://forums.solasta-game.com/forum/new-player-questions

https://forums.solasta-game.com/forum/struggling-with-crashes-at-a-total-loss

https://forums.solasta-game.com/forum/need-difficulty-settings-locked

https://forums.solasta-game.com/forum/story-mode-some-questions (this one definitely reads like a bot completely unrelated to Solasta)

https://forums.solasta-game.com/forum/questions-about-full-version

Post by Danijonn here: https://forums.solasta-game.com/forum/unlit-issue

Posts by ericwilk and NeelYang here: https://forums.solasta-game.com/forum/multiplayer-and-lan-game


These are just a few I found on the first pages of a couple of the forums, I'm sure there are more than that.  I clicked report on the ones that I could.

Berengar
Level 10
9 months ago

Game accounts (like world of warcraft) sell for more than credit cards. For months now there have been huge operations aimed at getting Steam accounts (massive laundering opportunities) and just about every site that relates to games (particularly on steam) are really getting battered.

There have been several bot posts on this forum (it has Captcha for security which has long been simple for bots) some of them manage to get their phish content in but no link, others get the link. The forum can be configured to only allow links from specific domains (e.g. this domain and steam and nexus for example). I would recommend that for this forum as it would cover the majority of links posted, the rest of the legitimate ones would need to be posted in the old "host.domain DOT com" format where you would have to manually go to the address. A bit awkward but would put the risk from mal links close to zero.

But the first thing anyone should think on seeing a bot post here, or anywhere else, is "which of my accounts are they trying to steal, and do I have a strong password + 2 factor authentication enabled?" Especially non-technicals: See a threat? Check your defences. Do it first.

A non-technical user with their OS patched uptodate and strong password + 2 factor is a hard target. For most normal computer users (who don't go looking for trouble by loading anything not in their appstore/equivalent, then follow the osupdate/strong password/2FA, you are in a very secure state.


Find your next Solasta D&D adventure: https://solasta-dungeons.fandom.com

Baraz
Level 14
Steam Link Newsletter Link Kickstarter Backer Weaponsmith (Bronze)
9 months ago (edited)

Hello,

Yes, currently a form of "AI" is composing what seems like proper comments, but are subtle insertion of spam links.

This is massively occurring on Youtube also in various forms (fake comments from fake accounts).

EDIT: I disagree with the idea from Berengar to only allow certain domains (URL).  This is a rather problematic approach.  In my experience, captcha questions of some kind or another work very well.  If not, it was a bad question/captcha and should be changed.

I do not see any captcha when creating a forum account here, but I know there are security measures applied.

Currently, I check the forums about twice a day and remove them. 


Steam profile : https://steamcommunity.com/id/baraz/

Baraz
Level 14
Steam Link Newsletter Link Kickstarter Backer Weaponsmith (Bronze)
9 months ago (edited)

Thank you by the way UncleSporky : I had missed a few evidently.  Some were banned already, but with some posts not deleted. 

In some rare cases, the topic seem very authentic, but links were added later (!).  In those cases, I simply removed the links manually and locked the threads.


Steam profile : https://steamcommunity.com/id/baraz/