Ubisoft Uplay Rootkit

lindy · Jul 30, 2012, 02:20 PM

If your playing a Ubisoft title that has Uplay chances are good that your machine has been rooted! More HERE

FordGT90Concept · Jul 30, 2012, 02:56 PM

Unless this plugin is hidden, I don't see it on IE9. Then again, I'm using 64-bit. uPlay is 32-bit. There's a few EA ones on 32-bit (mostly rlated to Sonar which is a VoIP program used for BF3) but I see nothing about Ubisoft.

Solaris17 · Jul 30, 2012, 03:02 PM

ill go check my ps3 right now.

lindy · Jul 30, 2012, 03:22 PM

Quote:

Originally Posted by FordGT90Concept

Unless this plugin is hidden, I don't see it on IE9. Then again, I'm using 64-bit. uPlay is 32-bit. There's a few EA ones on 32-bit (mostly rlated to Sonar which is a VoIP program used for BF3) but I see nothing about Ubisoft.

I don't know much about IE, but in Firefox I checked tools/Add-ons/Plugins, and sure enough there are two, UPlay PC 1.0.0.0 and UPlay PC Hub Plugin 1.0.0.1 . Uninstalling the game (in my case Silent Hunter5) won't remove the plugins.

newtekie1 · Jul 30, 2012, 03:51 PM

This isn't a rootkit. I'm tired of every single thing that people don't like that has an unintentional security hole being called a rootkit.

Several criteria need to be met before something should be called a rootkit.

1.) It must be malicious.
2.) It must be purposely hidden from user and traditional forms of malicious software detection(AKA virus scanners).
3.) It must enable continued privileged access to the computer.

In this case, only number 3 is met. The backdoor was not malicious, it was unintentional, and the plug-in was not hidden from the user. Therefor this is not a rootkit, the term rootkit is only being used to make the threat seem worse than it really is. This is nothing more than a plug-in with a security hole that was fixed extremely quickly after being found. No need to call the national guard.

lindy · Jul 30, 2012, 03:57 PM

Theres one more thing you can add to malware... Won't (or can't easily) uninstall. Which is true of this particular piece of malware.

newtekie1 · Jul 30, 2012, 04:01 PM

Quote:

Originally Posted by lindy

Theres one more thing you can add to malware... Won't (or can't easily) uninstall. Which is true of this particular piece of malware.

This isn't malware either, the term malware comes directly from Malicious, this isn't malicious so it isn't malware.

And being hard to uninstall actually isn't a requirement for a rootkit.

Also, Uplay is actually very easily uninstalled, a better article about this incident can be read at rockpaperchotgun.com: http://www.rockpapershotgun.com/2012...soft-pc-games/

They tell you how to check if you are affected, how to easily disable the plug-in or that you can simply uninstall uplay just like you would uninstall any other program. It is as easy to uninstall as possible actually.

Widjaja · Jul 30, 2012, 04:03 PM

It looks to me as if they made some kind of blunder when releasing an update.
Sure most of us have come to know Ubisoft as taking anti-piracy to the extremes but I do not believe what happened was intentional.

Crap Daddy · Jul 30, 2012, 04:03 PM

There is already an update to that article. Ubisoft acted.

lindy · Jul 30, 2012, 08:27 PM

Quote:

Originally Posted by Crap Daddy

There is already an update to that article. Ubisoft acted

Thanks Crap Daddy, ya' beat me to it...

TheMailMan78 · Jul 30, 2012, 08:30 PM

OMG you mean it wasnt a root kit!

RejZoR · Jul 31, 2012, 06:55 AM

I'm not buying or playing any Ubisoft games since the introduction of always on protection so i couldn't care any less...

Jul 30, 2012, 02:20 PM	#1
lindy Join Date: Jun 2012 Location: 45° 59' 55.57” N 86° 09' 20.10” W Posts: 72 (0.20/day) Thanks: 10 Thanked 24 Times in 23 Posts System Specs	Ubisoft Uplay Rootkit If your playing a Ubisoft title that has Uplay chances are good that your machine has been rooted! More HERE __________________ Obscurum per obscurius -the obscure (explained) by the more obscure.

System Name:	Infernal Contraption
Processor:	AMD FX 8150
Motherboard:	Gigabyte 990XA-UD3
Cooling:	Antec Kuhler H20 620
Memory:	16 gig. Corsair Vengance DDR3 1600 LP
Video Card:	Galaxy/Nvidia GTX 560 2gb
Hard Disk:	OCZ 60g. SSD/Seagate 2Tb. 7200rpm
Optical Drive:	Samsung
CRT/LCD Model:	Asus
Case:	Lian Li PC-60FN
Sound Card:	Onboard HD
PSU:	Seasonic X750
Software:	Win. 7 Ult. 64/ SUSE 12.1 64

Jul 30, 2012, 02:56 PM	#2
FordGT90Concept "I go fast!1!11!1!" Join Date: Oct 2008 Location: IA, USA Posts: 10,651 (6.23/day) Thanks: 1,787 Thanked 2,632 Times in 1,986 Posts System Specs	Unless this plugin is hidden, I don't see it on IE9. Then again, I'm using 64-bit. uPlay is 32-bit. There's a few EA ones on 32-bit (mostly rlated to Sonar which is a VoIP program used for BF3) but I see nothing about Ubisoft. __________________ Golden Rule of Programming: Never assume. try { SteamDownload(); } catch (Steamception ex) { RageQuit(); }

System Name:	BY-2009
Processor:	Intel Core i7 920 (4 x 2.66 GHz) w/ HT and Turbo on
Motherboard:	DFI LP DK X58
Cooling:	Sythe MUGEN-2 w/ Stock Fan
Memory:	3 x 2 GiB OCZ Gold DDR3-1600 @ DDR-1066
Video Card:	Sapphire Vapor-X HD 5870 1 GiB (reference clocks)
Hard Disk:	2 x Seagate Barracuda 250GB 7200.7 RAID0, Seagate Barracuda 3TB 7200.14
Optical Drive:	Samsung 16x DVD-ROM, Pioneer 16x DVD+/-RW
CRT/LCD Model:	Samsung Syncmaster T240 24" LCD (1920x1200)
Case:	Coolermaster HAF 932
Sound Card:	Realtek Onboard, HT OMEGA Striker 7.1
PSU:	Enermax Platimax
Software:	Microsoft Windows 7 Ultimate x64
Benchmarks:	Faster than the tortoise; slower than the hare.

Jul 30, 2012, 03:02 PM	#3
Solaris17 Creator Solaris Utility DVD Join Date: Aug 2005 Location: Reinacting scenes from platoon with Charlie Sheen Posts: 13,708 (4.79/day) Thanks: 4,366 Thanked 3,295 Times in 2,311 Posts System Specs	ill go check my ps3 right now. __________________ I Made the Millionth post! \| "Please come to WI now so I can beat you over the head with a bratwurst."-Kreij PS3 mod 8500/8600GT Mod Guide Rebuild a Copperhead Heat Ware NF4 Ultra SLI Mod Solaris Utility DVD 4.0 Broken CPU pin guide Vista Mark

System Name:	Prometheus
Processor:	Xeon W 3520 4.5ghz
Motherboard:	DFI Lanparty UT t3eH8
Cooling:	Xigmatek Dark Knight
Memory:	(3x8GB) 24GB Avexir Core series triple channel 1600mhz
Video Card:	MSI GTX470
Hard Disk:	OCZ Agility3 120, SS 1TB, SS 2TB
Optical Drive:	Pioneer DVD Dual layer burner R+RW (Firmware Upgrade)/Philips lightscribe DVD burner Dual layer
CRT/LCD Model:	Dell 2007FP
Case:	Xigmatek Utgard
Sound Card:	ASUS Xonar D2X 7.1 on Logitec X-540/Razer Carcharias
PSU:	Corsair HX1000
Software:	Windows8 x64 \|\|Poser7, Cinema4D, CS5, 3DSM10, Lightwave9, Bryce7
Benchmarks:	I'm such a tease

Jul 30, 2012, 03:51 PM	#5
newtekie1 Semi-Retired Folder Join Date: Nov 2005 Location: Indiana Posts: 17,903 (6.47/day) Thanks: 785 Thanked 5,185 Times in 3,754 Posts System Specs	This isn't a rootkit. I'm tired of every single thing that people don't like that has an unintentional security hole being called a rootkit. Several criteria need to be met before something should be called a rootkit. 1.) It must be malicious. 2.) It must be purposely hidden from user and traditional forms of malicious software detection(AKA virus scanners). 3.) It must enable continued privileged access to the computer. In this case, only number 3 is met. The backdoor was not malicious, it was unintentional, and the plug-in was not hidden from the user. Therefor this is not a rootkit, the term rootkit is only being used to make the threat seem worse than it really is. This is nothing more than a plug-in with a security hole that was fixed extremely quickly after being found. No need to call the national guard. __________________ Rig1: System Specs. Rig2: A8-5600K@4.4GHz / AsRock FM2A75 Pro4 / 8GB Corsair DDR3-1600 9-9-9-24 / HD7560D / Samsung DVD-Burner / 1.5TB WD Green + 3x3TB WD RED in RAID5 Rig3: Athlon X2 4200+ / M4A79 Deluxe / 4GB G.Skill Pi DDR2-800 4-4-4-12 / GT430 / Sony DVD-Burner / 500GB WD Rig4: Phenom II x6 1605T @ 3.6GHz / Asus M5A99X Evo / 8GB PNY DDR3-1600 9-9-9 / GTX470 & GTX470 / Samsung DVD-Burner / 1.5TB Seagate

Processor:	Intel Core i7 875K@4.0GHz(200x20)
Motherboard:	eVGA P55 FTW 200
Cooling:	Thermalright Ultra-120 Extreme w/ Corsair SP120 High Performance Edition
Memory:	8GB Corsair DDR3-1600 7-7-7-20
Video Card:	ASUS GTX 670 4GB DirectCU II @ 1015/3600
Hard Disk:	1TB Seagate 7200.12(OS), 3x 1.5TB Seagate 7200.11 in RAID 5
Optical Drive:	Lite-On Blu-Ray Combo Drive IHES108
CRT/LCD Model:	HP 25" 2509m 1080p LCD
Case:	Lian-Li Lancool Metal Boned K7 w/ Windowed Side Panel
Sound Card:	Onboard is good enough for me
PSU:	Corsair HX850
Software:	Windows 7 x64 Professional

Jul 30, 2012, 03:57 PM	#6
lindy Join Date: Jun 2012 Location: 45° 59' 55.57” N 86° 09' 20.10” W Posts: 72 (0.20/day) Thanks: 10 Thanked 24 Times in 23 Posts System Specs	Theres one more thing you can add to malware... Won't (or can't easily) uninstall. Which is true of this particular piece of malware. __________________ Obscurum per obscurius -the obscure (explained) by the more obscure.

Jul 30, 2012, 04:03 PM	#8
Widjaja Join Date: Jun 2007 Location: Wangas, New Zealand Posts: 4,058 (1.85/day) Thanks: 244 Thanked 632 Times in 547 Posts System Specs	It looks to me as if they made some kind of blunder when releasing an update. Sure most of us have come to know Ubisoft as taking anti-piracy to the extremes but I do not believe what happened was intentional.

System Name:	Darth Obsidious
Processor:	Intel i5 2500K
Motherboard:	ASUS P8Z68-V/Gen3
Cooling:	Cooler Master Hyper 212+ in Push Pull
Memory:	2X4GB Corsair Vengeance DDR3 1600
Video Card:	ASUS HD7870 Direct CU II
Hard Disk:	128GB Samsung 830 SSD, 1TB WD Black, 2TB WD Green
Optical Drive:	ASUS BC-12B1ST 12X Blu-ray Combo
CRT/LCD Model:	LG IPS234V-PN
Case:	Corsair Obsidian 650D
Sound Card:	Infrasonic Quartet
PSU:	Corsair HX650w
Software:	Windows 7 64bit and Windows XP Home
Benchmarks:	2cm mark on bench with a razor blade.

Jul 30, 2012, 04:03 PM	#9
Crap Daddy Join Date: Oct 2010 Posts: 2,314 (2.40/day) Thanks: 966 Thanked 974 Times in 678 Posts System Specs	There is already an update to that article. Ubisoft acted.

System Name:	Dusty/Rusty
Processor:	i5-2500K/E8400
Motherboard:	ASRock P67Extreme4/ASRock 4core1600P35
Cooling:	CM Hyper TX3/Intel stock
Memory:	4x2GB Kingston HyperX/2x2GB DDR2
Video Card:	EVGA GTX570SC/Palit GTX560SE
Hard Disk:	WD BlueCaviar 500GB/Spinpoint F3 1TB/Seagate Barracuda 500 GB
Optical Drive:	LG/Asus
CRT/LCD Model:	Samsung SyncMaster T220/Samsung 32" LCD TV
Case:	Cooler Master CM690 II Advanced/El Cheapo
Sound Card:	Asus Xonar D1/Denon PMA500AE/Senn HD518/Sony SSB1000
PSU:	Corsair TX650/Corsair TX650M
Software:	Windows 7/Windows 8 Pro

Jul 30, 2012, 08:30 PM	#11
TheMailMan78 Banstick Dummy Join Date: Jun 2007 Location: Crystal River, FL Posts: 15,142 (6.86/day) Thanks: 1,337 Thanked 6,861 Times in 3,752 Posts System Specs	OMG you mean it wasnt a root kit!

System Name:	The Mailbox 3.5
Processor:	Intel i7 2600k @ 3.8GHz
Motherboard:	ASUS Maximus IV Gene-Z
Cooling:	Stock
Memory:	G.SKILL Sniper Series 8GB DDR3 1866: 9-9-9-24
Video Card:	EVGA GTX670 "FTW" Edition @ 1006MHz
Hard Disk:	256gb M4 SSD, 500Gb WD (7200)
Optical Drive:	LG - 24x Double-Layer DVD±RW/CD-RW Drive
CRT/LCD Model:	24" ASUS 1920 x 1080
Case:	Cooler Master 922 HAF
Sound Card:	SupremeFX X-Fi 2 with Bose Companion 2 speakers.
PSU:	SeaSonic X Series X650 Gold
Software:	Windows 8 Pro w/Media Center 64bit
Benchmarks:	Benching is for bitches.

Jul 31, 2012, 06:55 AM	#12
RejZoR Join Date: Oct 2004 Location: Europe/Slovenia Posts: 3,979 (1.25/day) Thanks: 39 Thanked 758 Times in 542 Posts System Specs	I'm not buying or playing any Ubisoft games since the introduction of always on protection so i couldn't care any less... __________________ RejZoR's Little Secrets @ rejzor dot tk

System Name:	The BlackBox 3
Processor:	Intel Core i7 920 4,2 GHz
Motherboard:	ASUS Rampage II Gene + 2x Noiseblocker XM2 on chipset/VRM
Cooling:	ANTEC H2O 920 + 2x Noiseblocker M12-S3HS
Memory:	6GB Corsair Dominator 1600MHz
Video Card:	GIGABYTE RADEON HD7950 3GB WindForce 3X (1100/6000)
Hard Disk:	WD Caviar Black 2TB 64MB
Optical Drive:	SAMSUNG SH-S223F
CRT/LCD Model:	SAMSUNG SyncMaster 931c
Case:	Lian Li PC-V354 Black
Sound Card:	Creative Sound Blaster Z + Altec Lansing MX5021
PSU:	Corsair HX750 + Noiseblocker BlackSilent XR2
Software:	Windows 8 Professional x64
Benchmarks:	It can run 3DMark and all...

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Rootkit - 0Access.H virus help!!!!!	DrGreenThumb	General Software	29	May 9, 2012 08:00 AM
Windows affected by rootkit	xfire	General Software	6	Jan 11, 2009 02:25 PM
Sophos Anti-Rootkit 1.3.1	HellasVagabond	General Software	0	Aug 25, 2007 08:20 AM
....Trend Micro Rootkit Buster.... source	y eye	General Software	2	Feb 22, 2007 06:18 AM
Vitriol' Rootkit to Demo at MS BlueHat Hacker Summit	Alec§taar	General Software	2	Oct 19, 2006 01:02 PM