SERVER CONNECTION SECURITY (MUST READ)

Rules and Regulations, Custom Content, and Server Information

Moderator: Moderator

Post Reply
User avatar
Endelyon
Global Admin
Posts: 2933
Joined: Sun Jul 06, 2014 4:24 am

SERVER CONNECTION SECURITY (MUST READ)

Unread post by Endelyon » Tue Feb 26, 2019 12:01 am

Right now you will notice that there are evidently two entries on nwnlist for Baldur's Gate and two entries for Baldur's Gate on the server selection page in the Client Extension.

DO NOT CONNECT TO THE ONE MARKED WITH THE IP 34.73.39.115:5121.

ALWAYS CONNECT TO THE FOLLOWING ADDRESS:

game.bgtscc.net

OR

158.69.123.65:5121

We believe this to be some kind of phishing scam to get people to connect erroneously and send information about their CD keys.

PLEASE LET AS MANY PEOPLE KNOW ABOUT THIS AS YOU CAN, as this is a very serious issue.

User avatar
Maecius
Global Admin
Posts: 10838
Joined: Sat May 16, 2009 4:24 pm

Re: SERVER CONNECTION SECURITY (MUST READ)

Unread post by Maecius » Tue Feb 26, 2019 1:10 am

After investigating this matter, we discovered that another user had mirrored the BG:TSCC server through a virtual machine and published it to the NWNlist. Because we had and have no control over this "mirrored" server, we cannot guarantee that your data (IP addresses, CD keys, et cetera) were not compromised if you connected to this proxy server. If you downloaded any files through the Auto-Downloader via the spoofed server, there is also an outside possibility that you could have had malware or spyware attached to your computer system.

You would have appeared, from your end, to have logged into the server with no problems. But your traffic would have been sent through this third party. The only way you can be sure you did not connect through the spoofed server is to know for certain that you've only been using "direct connect" and "game.bgtscc.net" as your connection point for the past several weeks. If you've been clicking on the game through the client extender list via the "multiplayer" button, there is a chance you may have clicked the wrong server.

We highly encourage you to complete a full virus, spyware, and malware scan on your computer if you are not sure whether you connected to the legitimate server or the spoofed server.

The spoofed server has been up for at least one week, possibly a little longer.

If you have any questions about this, please do not hesitate to ask them. The person who owned the virtual machine is known to the server, but he is not server staff. He is not presumed to be malicious, but as we have literally no control over what he did or did not do, we feel we have to let you know your data could have been breached, and that you should consider scanning your systems for your own protection, particularly if you downloaded anything through what appeared to be the BG:TSCC auto-downloader.

We will continue to investigate this matter, and this is not meant to scare anyone. But if you are not sure whether you connected to the legitimate server or the copycat server, we definitely do encourage you to take steps to protect your data.

User avatar
Endelyon
Global Admin
Posts: 2933
Joined: Sun Jul 06, 2014 4:24 am

Re: SERVER CONNECTION SECURITY (MUST READ)

Unread post by Endelyon » Tue Feb 26, 2019 5:35 pm

We have updated the Privacy Policy, Connection Information, and Client Extension pages.

Post Reply