Likely. The standard content management systems used to host websites (Wordpress, Drupal ... and especially plugins for these systems) are constantly being hacked and subverted. I would suspect that was the vector here. Even if you outsource your hosting to a "professional" there is no guarantee they will get it any more right.Teksonik wrote: ↑Sun Feb 23, 2020 4:31 pm Possibly a Supply Chain Exploit:
https://www.dni.gov/index.php/ncsc-what ... in-threats
Announcing new way of Analog Obsession
- KVRian
- 1318 posts since 26 Aug, 2019
-
thecontrolcentre thecontrolcentre https://www.kvraudio.com/forum/memberlist.php?mode=viewprofile&u=76240
- KVRAF
- 35159 posts since 27 Jul, 2005 from the wilds of wanny
FYI I did a complete system scan and Defender found and removed these files:
Program:Win32/Unwasson.Alml
Items:
<file:C:\Users\Dave\Downloads\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
<file:E:\Temp\Analog Obsession\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
<file:I:\BACKUPS\VST Plugins\Free VST\64 bit VST Plugins\Analog Obsession\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
Items:
containerfile:C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\fey95g4e.default\cache2\entries\0C350065219505450D958784F344B8103A0565C7
file:C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\fey95g4e.default\cache2\entries\0C350065219505450D958784F344B8103A0565C7->SSQ.dll.32.zip->SSQ.dll
Trojan:Win32/Spursint.Flcl
Items:
containerfile:C:\Users\Dave\AppData\Local\Temp\Temp1_Harqules_2.0_VST_WIN.zip\Harqules.dll.64.zip
file:C:\Users\Dave\AppData\Local\Temp\Temp1_Harqules_2.0_VST_WIN.zip\Harqules.dll.64.zip->Harqules.dll
As you can see they are all related to AO files, both 32bit and 64bit ...
Program:Win32/Unwasson.Alml
Items:
<file:C:\Users\Dave\Downloads\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
<file:E:\Temp\Analog Obsession\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
<file:I:\BACKUPS\VST Plugins\Free VST\64 bit VST Plugins\Analog Obsession\AO Equalizers\SSQ 3.0\SSQ_3.0_VST_WIN\SSQ.dll.32\SSQ.dll>
Items:
containerfile:C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\fey95g4e.default\cache2\entries\0C350065219505450D958784F344B8103A0565C7
file:C:\Users\Dave\AppData\Local\Mozilla\Firefox\Profiles\fey95g4e.default\cache2\entries\0C350065219505450D958784F344B8103A0565C7->SSQ.dll.32.zip->SSQ.dll
Trojan:Win32/Spursint.Flcl
Items:
containerfile:C:\Users\Dave\AppData\Local\Temp\Temp1_Harqules_2.0_VST_WIN.zip\Harqules.dll.64.zip
file:C:\Users\Dave\AppData\Local\Temp\Temp1_Harqules_2.0_VST_WIN.zip\Harqules.dll.64.zip->Harqules.dll
As you can see they are all related to AO files, both 32bit and 64bit ...
- KVRAF
- 5677 posts since 25 Dec, 2004
Hey, you took me out of context to even GET here.
Then tell me to chill out? Head case.
Then tell me to chill out? Head case.
thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:59 pmI don't know why you think you are the enemy, and I for one have not torn strip of "the guy" ... I think you need to chill out.sqigls wrote: ↑Sun Feb 23, 2020 3:48 pmit's a shit situation, but we don't KNOW for a fact what's happened.thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:17 pmNo jumping to conclusions going on here. I had 4 Trojans identified and quarenteened. I double checked and got the same result so reported it here. It looks like its not just me .sqigls wrote: ↑Sun Feb 23, 2020 3:06 pmWTF, firstly anti-virus programs are known to report false positives for certain code.thecontrolcentre wrote: ↑Sun Feb 23, 2020 2:25 pmWTF? He's distributing infected files, whether he knows it or not, and asking for funds via Patreon. He should listen to what's being said here and either fix or remove the downloads. I was planning to do some music today, but instead I'm running a full system scan looking for malware.
but, more to the point, I'm talking about the general situation he's in. Already suffering and then this happens. Poor dude.
anyways, this IS the internet, so no surprise... i'm unrolling the jump to conclusions mat now, anyone up for a game?
I've had plugins quarantined on Windows before too, a few times, but every time it's turned out to be false positive.
would be perfectly acceptable for me to join the pack and take strips off the guy, but i post a few words of sympathy and I'M the enemy ?
sketches... http://soundcloud.com/onesnzeros
some artists i support... https://bandcamp.com/spectraselecta
some artists i support... https://bandcamp.com/spectraselecta
-
thecontrolcentre thecontrolcentre https://www.kvraudio.com/forum/memberlist.php?mode=viewprofile&u=76240
- KVRAF
- 35159 posts since 27 Jul, 2005 from the wilds of wanny
I have no clue what you're so upset about. There is no need to be insulting. Please stop it.sqigls wrote: ↑Sun Feb 23, 2020 6:42 pm Hey, you took me out of context to even GET here.
Then tell me to chill out? Head case.thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:59 pmI don't know why you think you are the enemy, and I for one have not torn strip of "the guy" ... I think you need to chill out.sqigls wrote: ↑Sun Feb 23, 2020 3:48 pmit's a shit situation, but we don't KNOW for a fact what's happened.thecontrolcentre wrote: ↑Sun Feb 23, 2020 3:17 pmNo jumping to conclusions going on here. I had 4 Trojans identified and quarenteened. I double checked and got the same result so reported it here. It looks like its not just me .sqigls wrote: ↑Sun Feb 23, 2020 3:06 pmWTF, firstly anti-virus programs are known to report false positives for certain code.thecontrolcentre wrote: ↑Sun Feb 23, 2020 2:25 pm
WTF? He's distributing infected files, whether he knows it or not, and asking for funds via Patreon. He should listen to what's being said here and either fix or remove the downloads. I was planning to do some music today, but instead I'm running a full system scan looking for malware.
but, more to the point, I'm talking about the general situation he's in. Already suffering and then this happens. Poor dude.
anyways, this IS the internet, so no surprise... i'm unrolling the jump to conclusions mat now, anyone up for a game?
I've had plugins quarantined on Windows before too, a few times, but every time it's turned out to be false positive.
would be perfectly acceptable for me to join the pack and take strips off the guy, but i post a few words of sympathy and I'M the enemy ?
- Banned
- 7624 posts since 13 Nov, 2015 from Norway
Make love, not war
EDIT: Just scanned my entire Analog Obsession plugin folder and nothing found.
EDIT: Just scanned my entire Analog Obsession plugin folder and nothing found.
EnergyXT3 - LMMS - FL Studio | Roland SH201 - Waldorf Rocket | SoundCloud - Bandcamp
-
thecontrolcentre thecontrolcentre https://www.kvraudio.com/forum/memberlist.php?mode=viewprofile&u=76240
- KVRAF
- 35159 posts since 27 Jul, 2005 from the wilds of wanny
+1
FYI the Trojans weren't in my plugin folder (see above). Somehow they got into my AppData folder, and I didn't put them there
- KVRian
- 985 posts since 10 Sep, 2014
You'd better scan all your pc.Halonmusic wrote: ↑Sun Feb 23, 2020 6:54 pm Just scanned my entire Analog Obsession plugin folder and nothing found.
- Banned
- 7624 posts since 13 Nov, 2015 from Norway
Oh. Sorry i must have missed your post. Then i should do a rescanthecontrolcentre wrote: ↑Sun Feb 23, 2020 6:59 pm+1
FYI the Trojans weren't in my plugin folder (see above). Somehow they got into my AppData folder, and I didn't put them there
EnergyXT3 - LMMS - FL Studio | Roland SH201 - Waldorf Rocket | SoundCloud - Bandcamp
- Banned
- 7624 posts since 13 Nov, 2015 from Norway
Yes i should do that.stamp wrote: ↑Sun Feb 23, 2020 7:06 pmYou'd better scan all your pc.Halonmusic wrote: ↑Sun Feb 23, 2020 6:54 pm Just scanned my entire Analog Obsession plugin folder and nothing found.
EnergyXT3 - LMMS - FL Studio | Roland SH201 - Waldorf Rocket | SoundCloud - Bandcamp
- KVRAF
- 18546 posts since 16 Sep, 2001 from Las Vegas,USA
I'm 35% through a full system scan with Bitdefender Total Security. I had uninstalled it because although it's one of the top rated security suites it is a bit of a system pig. Guess I'll keep it installed now since Windows Defender detected nothing during download.
Luckily I only downloaded one AO plugin.....
Luckily I only downloaded one AO plugin.....
None are so hopelessly enslaved as those who falsely believe they are free. Johann Wolfgang von Goethe
-
thecontrolcentre thecontrolcentre https://www.kvraudio.com/forum/memberlist.php?mode=viewprofile&u=76240
- KVRAF
- 35159 posts since 27 Jul, 2005 from the wilds of wanny
I wish I'd done that
Just spent 4 hours finding and deleting erroneous files. Hopefully got them all ...
Last edited by thecontrolcentre on Sun Feb 23, 2020 7:44 pm, edited 1 time in total.
- KVRian
- 1421 posts since 14 Apr, 2016 from Germany
Still not working, think the whole site is down because of the hack?.AnalogObsession wrote: ↑Sat Feb 22, 2020 9:01 am Thanks for your ideas and words!
Now, fixed SweetDrums download links.
Please, try now.
Thanks anyway & all the best to your business!
Intel® Core™ i9-9900K•Cubase 11•Presonus Eris E8 XT•Focusrite Scarlett 18i20 & Octopre•NI Kontrol S61 MK2•Steinberg CC121•Synthesizers: Arturia Casio Korg Roland Yamaha
-
AnalogObsession AnalogObsession https://www.kvraudio.com/forum/memberlist.php?mode=viewprofile&u=427177
- KVRian
- Topic Starter
- 557 posts since 3 Oct, 2018
I'm so sorry about that.
Website under maintenance. Provider checking whole site and files.
Luckly, i have clean files... Maybe, i will have to re-design whole website but no problem. I will find the way to solve this issue and re-offer free plugins to you...
Thanks.
Website under maintenance. Provider checking whole site and files.
Luckly, i have clean files... Maybe, i will have to re-design whole website but no problem. I will find the way to solve this issue and re-offer free plugins to you...
Thanks.
https://www.patreon.com/analogobsession Support for free VST3, AU, AAX for WIN & MAC