Saturday, 12 October 2013

Frogatto & Friends looking to be "greenlit" on Steam

We have mentioned in the past a few times that it is a common misconception that FOSS games need to be also "freeware", and in fact the opposite can be quite beneficial to the overall development of a game or the engine it is build on.

The 2D jump & run  Frogatto & Friends has been for sale on mobile platforms for a while now, and its really high quality game-play and graphics are definitely a notch above most other open-source games:



All of it is possible through the use of their awesome open-source engine Anura.

Now they are looking to sell their game also on desktop computers through the very popular Steam digital distribution platform. You can vote for inclusion here.

As far as I am aware this is the first open-source game that actually aims to be sold through this channel, but recently another one, Warsow, was actually approved for inclusion as a freeware title.

As a launch of their "greenlight" campaign, the creators of Frogatto & Friends have started a Q&A session on reddit, where you can learn more about them and their awesome game(s).

Unrelated to that: please also check out our own "sub-reddit" about open-source gaming :)

Friday, 11 October 2013

Funny Facebook files deliver malware


I've recently got notified on an interesting malware campaign. I'll start with some screenshots:


Save the file and run! It is funny :)

DivX plug-in Required!


























 
Download and execute the facebook app, please!














Some examples of files that can be downloaded:
IamFunnyPNG-facebook.com
IamFunnyPNG-fb.com
IamNakedBMP-facebook.com
IamNiceTIFF-fb.com
IamSexyPIC-fb.com
IamSexyPNG-fb.com
MeBitchTIFF-fb.com
MeFunnyJPG-facebook.com
MeNakedJPEG-fb.com
MeNakedPIC-facebook.com
MeNiceGIF-fb.com;
MeNicePNG-fb.com
MeSexyJPEG-facebook.com
MeSexyPNG-fb.com
YouNakedJPG-fb.com
YouNiceBMP-facebook.com
YouSexyJPEG-fb.com
YouSexyPIC-facebook.com
YouWhoreJPEG-facebook.com


I think you get the point here. Users are being socially engineered to download a file that seems to originate from Facebook. The file is supposed to be an image file (PNG, TIFF, BMP, JPEG and even "PIC") but is in fact an executable. The initial landing page also ends in names of females, for example "laura.html" or "birgitta.html" .


Let's take a look at one of the downloaded files:
IamWhoreJPG-facebook.com
MD5: 1273f3ea6ae76340270bab57b073b0b5
Anubis Result
Malwr Result
VirusTotal Result


Unfortunately I was unable to execute the malware, as I currently don't have a physical machine to test it. According to VirusTotal results, it may be a Trojan called Yakes or Tobfy:
Trojan:Win32/Tobfy is a family of ransomware trojans that targets people from certain countries. It locks your PC and displays a localized webpage that covers your desktop. This webpage demands the payment of a fine for the supposed possession of illicit material.

Some variants might also take webcam screenshots, play an audio message pretending to be from the FBI, closes or stops processes or programs, and prevents certain drivers from loading in safe mode - possibly to stop you from attempting to disable the trojan.
See: https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FTobfy

According to Ydklijnsma, this specific campaign drops bitcoin miner malware. See:
There's a good blogpost by Brian Krebs on the subject of bitcoin mining malware:
http://krebsonsecurity.com/2013/07/botcoin-bitcoin-mining-by-botnet/



Most of the malware seems to be hosted via the domain registrar "Hong Kong Sun Network":
Hong Kong Sun Network - hosting multiple malicious websites
























Some IPs that are involved - next to it their abuse contacts:









I'm betting it's safe to assume the worst and block these IPs (more investigation is needed though):
91.218.38.0/24
103.9.150.0/24
109.73.166.0/24
112.213.106.0/24
121.127.226.0/24
188.190.120.0/24

Most of the sites use the pattern described here:
If you're interested in some of the websites that are serving this malware, visit the following Pastebin:
http://pastebin.com/raw.php?i=8BqGPvhX
Note that links may still be live! 




Conclusion


  • Don't be fooled by websites that seem to resemble Facebook, always check the URL you are currently on before downloading or executing files
  • Install an antivirus and antimalware product and keep it up-to-date & running
  • Use a linkscanner to verify the integrity of a link on either http://www.urlvoid.com or https://www.virustotal.com/
  • Use NoScript in Firefox or NotScripts in Chrome to block malicious attempts on unknown sites
  • Running "funny Facebook files" will usually provide you with everything but fun


Thursday, 10 October 2013

The "follow by email" gadget: an easy way to add an email subscription to your blog

Blogger have made it very simple to offer an email-subscription to your blog, with the "Follow by Email" gadget.  This article describes adding it to your blog, and how it works for your readers.


Previously, I've explained why RSS is important for your blog, and how to give your blog a subscribe by email option using Feedburner.

The Follow by Email gadget that Blogger provide makes this even easier:  you can add an email subscription option to your blog by following these steps:

How to add the Follow by Email Gadget

  1. Log in to Blogger
    Use a Google account with admin rights to the blog, and which you want to use to get statistics about your email subscribers.
  2. Go to the Design tab
  3. Select Add a Gadget in the area where you want to put the email subscription option
  4. Choose Follow by Email (it's current at the top of the list)
  5. Enter the title that you want displayed on your blog (initially it's "Follow by email")
  6. Press Save.
This puts the gadget onto your blog.  But there are two more things that you should do:
  • Check that your blog's RSS feed is enabled: it should be either "Full" or "Until Jump Break", not "None".  You need to do this because the Follow-by-email tool will only send out emails if your feed is turned on.   
  • Subscribe to it yourself- by entering your own email. 
    This isn't absolutely essential - the tool works even if you're not signed up to it.   But it's a good idea to try to see your blog from the reader's perspective.  
    And some items in your posts (eg slideshows or PowerPoint presentations) may not work as expected in the emailed version - and you won't know about it unless you're getting the emails.

What your readers see:

On Your Blog:

The Follow by Email gadget looks like this:

The title was set when you were adding the gadget:  you can change it by editing the gadget in the usual way.

The background colour, button colour, title underline and font are based on the settings for your theme:  you can only control them by editing the gadget colours in your theme.

You cannot put text immediately before our after the place where people can enter an email address:   though you could put a text-gadget before or after the Follow-by-email gadget.


When they enter an email address:

When your visitor enters an email address and presses Submit, a new window opens:


This window:
  • Welcomes them to Feedburner
  • Acknowledges their Google account, if they are logged in at the time - remember, not all your visitors will be Google users
  • Tells them about the feed that they are asking to subscribe to
  • Warns them that a confirmation message will be sent to the email address they entered 
    "will receive a verification message once you submit this form" and that "FeedBurner activates your subscription to ... once you respond to this verification message"
  • Asks them to solve a text-catpcha puzzle, to prove it's a real person (not a computer) setting up the subscription.
The colours, design and content of this window are totally controlled by Feedburner.  You can't influence them in any way.

After the anti-spam-test is successfully completed, a second screen opens.   This tells the reader that
Your request has been accepted! Please check your inbox for a verification message from “FeedBurner Email Subscriptions”, the service that delivers email subscriptions for <<your-blog-name>>. You will need to click a link listed in this message to activate your subscription. If you dont see a confirmation e-mail in a reasonable amount of time please check your bulk/spam folder.
Again, you have no control over the color, format or placement of this window, it is totally up to Feedburner.    You also don't control the message text, which many people are likely to ignore.


In their email in-box, today:

Your potential subscriber gets an email from Feedburner, usually within 2-10 minutes, asking them to click a link to complete the subscription process.
  • If they click the link, they become a verified subscriber.
  • If they don't click the link, then they stay on the subscribers list as unverified.
You can customize the "click the link to subscribe" message, using some fairly simply settings in Feedburner.  


In their email in-box, when you post:

On days when you have posted to your blog, every verified subscriber is sent one email message, with all your posts during the day.

The message may include the full post or just a summary, depending on what settings you have for your blog's RSS feed  (Settings > Site Feed > Blog Posts feed).

Feedburner provides a number of options for controling how this email looks, and when it is sent:  see the Publicize > Email Subscriptions > Email branding tab in Feedburner for these.    (full article coming soon).


More information about the gadget:

This new gadget has been widely requested, and is an exciting addition to Blogger.  But there are some challenges with it, which are discussed in Understanding the Follow-by-Email gadget.

You can get a list of the people who have signed up to receive your blog-posts by email - be aware that this is all people who have subscribed, not just ones who used the widget.


What happens if you delete the widget

Even if the follow-by-email gadget is deleted from your blog (by accident or deliberately), the Feedburner subscription that it created, and the list of people who have subscribed, is still kept in Feedburner.

However to add the gadget to your blog again, you need to use Feedburner's gadget tool to make sure that you access the feed that you created when you added the gadget the first time around.

(Thanks to reader +Mary Bostow whose question got me thinking about this.)




Related Articles:


Why RSS is important for your blog,

How to get a list of people who are subscribed to your blog by email

An alternative to "Follow-by-email":  giving your blog a subscribe by email option using Feedburner.

Customizing Feedburners verification message

Tuesday, 8 October 2013

Breaking news: The Dark Mod 2.0 stand alone version out now!

I guess quite a few people were waiting for this to finally happen :)

Have a look at the release announcement here and the full change-log here.

They also did a nice introduction video a few months ago:



Haven't got the chance to try it myself yet, but this is high on my list of open-source games to play!

Monday, 7 October 2013

Blender Game Making Challenge starts on the 20th of this month

While not necessary only for FOSS games, all will be done with the Blender3D included game engine (BGE). Check out their website here and/watch the video below:



The overall theme will be announce on the 20th when the contest starts.