Skip to main content

Notice

Please note that most of the software linked on this forum is likely to be safe to use. If you are unsure, feel free to ask in the relevant topics, or send a private message to an administrator or moderator. To help curb the problems of false positives, or in the event that you do find actual malware, you can contribute through the article linked here.
Topic: Foobar2000 constantly hacked in video chat room (Read 1210 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Foobar2000 constantly hacked in video chat room

Hello,

While I am new, I have used Foobar2000 for many years.  Just never registered.  Many times I have searched for answers about this but never found anything.  Therefore I am registering hoping I can get some help.

I frequent a video chat room that uses abode flash player.  Many times over the years my foobar player is taken over, such as earlier this wk.  I always run the most current stable version.  There is no doubt in this flash player chat room that  someone is changing my setting on foobar player.  This was on  a previous window7 desktop and still on a new  windows10 desktop.  Even with security in place some one in this flash player video chat room can change almost every  setting to my  player.  This calls for a reinstall  but no long term damage is done.  They can change the UI, playlist, meta data as to the song title, and crash foobar.  It only happens in this p2p chat room and I see no evidence of any other program or any files being affected.  Sometimes mp3 files go missing/deleted.  I never find any virus or malware when I run a scan.  Firewall is up.  There is no doubt I am getting hit by someone who doesn't like me in this flash player chat room which is a https site now.  It wasn't always but I thought https would stop this.

For example this week when I booted up my pc from sleep after being in that chat room the night before there was a new play list added with every song (hard drive) I have on it and some bogus name for the playlist.  Sometimes I get a white UI and nothing will load and I must uninstall and reload the player as well as reset everything.  The most common attack is changing the names of songs to duplicates, these are MP3, APE, or FLACC files.  They are intact but the name or artist is changed. I have had my musical spectrum removed, and other vu's.

 I know its happening in this chat room because I never have a problem if I don't go there.  Any information on this security flaw and how I could correct it  would be appreciated.

Re: Foobar2000 constantly hacked in video chat room

Reply #1
Unless you connect to the chatroom with foobar2000, download files from the chatroom and load them in foobar2000 or stream music from their servers using foobar2000 they cannot hack the player.

Also there are no known security issues in foobar2000 and the bundled decoders are heavily fuzzed to detect their robustness against corrupted files and exploit attempts. Every time issues have been found they have been fixed promptly.

Do you shut down foobar2000 before you put the machine to sleep mode? If that's not done and your computer for example loses power, all unsaved changes in the player can disappear. Some people have even had configuration corruption resetting settings to defaults.

You could make a backup of %appdata%\foobar2000 directory for easily restoring the player settings in the future.

Re: Foobar2000 constantly hacked in video chat room

Reply #2
Flash has a lot of security problems.  You sure it isn't some asshole just messing with your player because he has gained access to your computer through Flash?

Is your version of Flash up to date?  Is Windows up to date with all its patches?  Have you tried a browser that's more sandboxed and harder to mess with?  Also is your browser fully up to date and you're not using out of date or questionable extensions?

Maybe and this is a suggestion, stop visiting such places before they do something way worse to you like take your personal information from you.  Your computer is being hacked and tampered with.