Hi guys, as I posted on curseforge the file was very short lived. It is also the only virus we've had since curseforge launched.
As far as the curse client, it may have downloaded it but it wouldn't have ran it at all.
Not to mention that many groups that steal passwords will sit on them for weeks or months before using them.
I'd still contend that unless he manually and voluntarily ran the executable I'd say it is more likely something that he did several weeks or even months ago.
Again my apologies to the community for this oversight. We've also stepped up our security checks significantly to make things like this harder. However, I fully expect people to continue to try.
|