DotA is under attack!

[iAmRock]

Basically, an exploit has been discovered that allows a remote user to execute arbitrary bytecode through a wc3 map. There is a possibility to make this map have the same name and look exactly like another map, but it would actually download a virus into your computer and you would never know it.

DotA has been targeted by this attack; there are custom games which have the same preview image as DotA, and when you enter them they are downloaded before you enter the game (very small file size) thus resulting in you not knowing this is a fake map. Once the game starts, the malicious code is executed.

This means a malicious user will be able to grab everyone's cd-keys in a game, plant a keylogger in your computer, any known virus etc.

It is extremely recommended to not play any custom games with people you do not know. You should also refrain from downloading any new maps from a source that you do not completely trust, until a patch is released. Also, if you see too many people downloading a map you know they should already have, it is very possible that this is a hacked map. You should notify them and leave the game immediately.

COMODO is the only known program to prevent warcraft from running the malicious code as of now. Every other AV/firewall/anti-malware program other than that does not currently prevent this exploit from being used.

Blizzard has been notified about the issue.

Bahasa Indonesia :

Jadi, ada exploitasi baru yang membiarkan pemakai nya masuk kedalam map dota tersebut dan meng-edit2 apapun yang dia mau, jadi orang nya bisa buat map yang mirip sama DotA, tetapi itu sama aja lu membiarkan virus ke DotA lu

Nah, DotA kena ini virus nya, jadi kalau lu masuk ke room orang2, nnt lu akan download sesuatu yang sangat kecil dan cepat, jadi lu gak bakal tau ini palsu atau enggak, jadi kalau sudah muali game nya, kode malicius nya akan mulai juga

Orang yang terkena virus ini akan di ambil CD-KEY nya dan menanam keylogger ke komputer mu

Lu harus berhati2 dengan bermain di pub dengan orang yang lu gak tau, dan juga jangan mendownload map2 yang bukan dari original source nya, hati2 ya, kalau udah ada yang ngecheat, leave aja, save replay, dan IMBAPWNAGEHAXX ban orang itu

yang bias mencegah jalan nya virus itu adalah software COMODO, anti virus lain2 nya tak akan bisa

Blizzard udah di kirim kok mail nya.

SOO HATI2 YA, INGET DAH, PERNAH LIAT DOOM DEVOUR UANG NYA LANSUNG 400k? kebiasaan, hacker itu pake hero yang skill nya pake trigger, maksud nya harus di buat dlu, contoh puck,doom,enigma,etc

Source: http://tinyurl.com/crpygu

kalau bagus, +rep dong, hehehehe

[kitaok12]

lha kok mengerikan y?
ini berlaku di map dota doang ato semua map warcraft?
klo kyk gini mending wa main di warnet aja, klo dirumah kna virus bisa ribed 7 keliling

[JasonBlake]

wah , beneran ni?

thanks for the heads up bro ..

kudu ati2 ni klo msk room2 ..

[iAmRock]

lha kok mengerikan y?
ini berlaku di map dota doang ato semua map warcraft?
klo kyk gini mending wa main di warnet aja, klo dirumah kna virus bisa ribed 7 keliling

komputer lu kena keylogger, yang kena virus nya itu map nya, semua map bisa kena asal ada virus nya ditanem di map nya

ati2 aja

[heroindistribute]

zzz...gmana ya?ga bisa DL map sembarangan...
KALO EPICWAR BERSIH GA YA??

[Mello]

duh makin banyak aja virus sekarang nyempil di map dota segala

[fire_god]

zzz...gmana ya?ga bisa DL map sembarangan...
KALO EPICWAR BERSIH GA YA??

map nya kan yang bermasalah? epicwar nggak mungkin nge check mapnya 1 persatu..

yg gw takutin malah dari World Editor itu bisa nge'rekam' setiap yg di ketik melalu keyboard (pake trigger), gw blum coba, tapi kalo bisa, brarti tanpa keylogger pun map warcraft dah bisa jadi keylogger sendiri (mudah2an gak bisa)

[iAmRock]

zzz...gmana ya?ga bisa DL map sembarangan...
KALO EPICWAR BERSIH GA YA??

kayanya epicwar... gak bersih, klo mo dota, ke getdota.com

[-x3-Andi77077]

Katanya ini di Patch 1.23 doang ( brikut COPAS dari www.nyit-nyit.net)
Information About this Virus:-
A New Information has been in my knowledge that, A exploit made into fake Dota-Allstars maps and some new Warcraft 3 maps. The damage cause of these maps are huge for your personal computer by downloading Harmful viruses and trojans into your system. We have some reports about the infected computers and users and they lost their precious data by downloading these maps. This is also reported to Blizzard that Warcraft 1.23 Patch is vulnerable to Viruses.

How these maps looks like:-
These map uses the same file/directory name as the originally map and displays an identical map preview. The small size of the map and nowadays fast connections the trojan and viruses downloading process ends when you enter in the game lobby, So its hard to detect these Harmful and dangerous versions.

How to detect these Viruses:-
There is only a single way to detect these virus/trojan maps is to delete all the maps from the download folder and keep Only Dota map when joining a game if there's a new file written into the foldar it will probably the fake map (containing virus and trojans).

How to avoid these viruses:-
Keep your Antivirus updated and don't close your Antivirus while you are starting War3.exe. Becuase we have seen many of the players shutdown their antiviruses before starting the game. Also do not games with maps that you don't have these maps might be infected. Keep one thing in mind that Precaution is Better then Cure.

credit=dono

Parah banget ini, siap2in Deepfreeze aja.

[doom_xyz_777]

trus dampak ke kompinya apa yah?
sori gaptek gue >0<

[exotic57]

Bah parah, gw jadi ngeri maen dota d hum kalo ada virus ginian

[-BlizzardCrush-]

kalo gini mah cuma berani maen dota di warnet aja / join room bot

[Asquall]

@^
stuju
room bot pasti aman~~

@TS
btw, Doom devour duit langsung 400k itu sih kebangeten -.-"
Hacked map, trigger diutak-atik
Temen gw pernah bikin map, trigger -ms diubah biar kasih 50 gold tiap detik selama 10 detik ... -.-"
Ati2 aja klo map baru kluar, biasanya yang udah DL bisa ngotak-atik -- DL from getdota is the safest way...

[Joy4gus]

Lah minta anti vius "comodo"nya dunk kk

[raidenX]

selama ada antivirus mah aman2 aj

btw, tentang doom devour duidnya banyak...
emang bener lho....masi banyak yang belom tau..
jadi intinya...
kita pake fake map...tapi bisa masuk ke host yang cr8 pake map official tanpa harus download...
asalnya dari ********* tu -.-
fake map ga isa dipake di patch 1.23
di garena malaysia jadi banyak yg pake fake map soalnya masi pake 1.21...
sebenernya kita juga masi isa kena soalnya masi patch 1.22

makanya buru pindah ke 1.23 ^^