Security Vulnerabilities for Neo

Neopets topics not covered by the other forums go here.
Post Reply
thelonetiel
Posts: 1067
Joined: 07 Jan 2006 08:56 pm
Gender: Female
Human Avatar: 15268
Location: Nuevo Mexico, Estados Unidos

Security Vulnerabilities for Neo

Post by thelonetiel »

Security issues of note on Neopets.com:

RESOLVED. 11/15/15: Saw this on the boards and thought I'd share:
Dress To Impress Blog wrote:A malicious Flash file has recently appeared on multiple Neopets-related websites, including Neopets.com itself.

When you visit an infected webpage, it exploits a vulnerability in Flash and Neopets.com to immediately transfer all of your on-hand Neopoints, banked Neopoints, and gallery items to the attacker’s account. Some users report that this attack can even circumvent PIN protection.
For more, including how to disable Flash in your browsers to mitigate this danger, see this DTI blog post.

I typically browse with Flash disabled by default, but I've had Neo on my exception lists since so much of the site is Flash. Luckily that is easy to fix.

Stay safe out there friends. :/

(Any interest in using this thread as an on-going status update for new vulnerabilities as they are reported? May be easier to just reply whenever something pops up than making a new post?)
Last edited by thelonetiel on 17 Nov 2015 02:40 am, edited 1 time in total.
Madge
Posts: 1596
Joined: 19 Jan 2006 05:05 am
Gender: Female
Location: Perth, Western Australia
Contact:

Re: Malicious Flash Vulnerability for Neo

Post by Madge »

I'd be interested in an updating thread; more to the point I'd be interested in knowing when this is no longer a problem.
Jazzy
Devil's Advocate
Posts: 2037
Joined: 04 Jan 2006 06:06 pm
Gender: Female
Location: a g-orbital
Contact:

Re: Malicious Flash Vulnerability for Neo

Post by Jazzy »

According to Matchu's post, this has now been fixed. However, I'd second his advice to make all Flash click-to-play by default.
Post Reply

Who is online

Users browsing this forum: No registered users and 18 guests