Earlier this morning we banned and removed the posts of several users who were posting dangerous links on HabboxForum, making them vulnerable to a security exploit on Habbo.com's website.

As security precautions we have put all these user's IP's on the banned list, filtered the phrase "http://davzy.com/screenshots/Screen_shot_2011-07-01_at_5.27.41_PM-20110701-172751.png" permanently and added a temporary filter of the Tiny URL short URLs service which was being used to trick members into going to these dangerous links.

We will be communicating Habbo's security exploit to Sulake shortly but in the meantime as to assure everyone else is safe we're recommending you abide by the following safety tips:

Safety Tips
1. Make sure when you click a link on the forum, that it's really going to where it says it's going to, for instance:
http://davzy.com/screenshots/Screen_shot_2011-07-01_at_4.42.54_PM-20110701-164349.png

2. If someone's sending a link using a short URLs service such as Tinyurl, add the phrase "preview." in before the domain. For instance, turn this: http://davzy.com/screenshots/Screen_shot_2011-07-01_at_4.50.05_PM-20110701-165017.png into this http://davzy.com/screenshots/Screen_shot_2011-07-01_at_4.49.56_PM-20110701-165042.png and then go to the website, and it will reveal the full URL of the actual website you're visiting.

3. Never follow a link you're not sure of to the Habbo.com website. To prevent people from hacking your Habbo accounts through means of such links, open Habbo up in a different browser than the one you use to browse the internet. This will virtually offer maximum protection from users trying to hack you by sending you dangerous links.

As this problem persists we have done the following:

1. Have and will continue to keep short URL services filtered for the meantime

2. Have instated a policy where new members must have their first five posts approved by a moderator, and cannot send private messages.

The latter is a temporary measure as to ensure the spread of dangerous links is kept under strict control.

Update from Habbo Customer Support:

Recently, starting 30th June we discovered some cases where hackers have been sending safe and official looking Habbo links in Habbo Hotel chat or in Web forums. If links have been clicked, hackers might have been able to get access to the victim's Habbo accounts. This security hole has now been fixed on Monday. In order to prevent additional problems, users whose accounts have been compromised are temporarily under security investigation and not able to log into the hotel at the moment.

Q: I tried to log into Habbo and there's a text saying my account has been temporarily closed. Is that for real?

A: Unfortunately yes. We are investigating few accounts that may have been compromised. Please be patient. We will send you more information as soon as possible.



Q: My account has been closed. When I can play Habbo again?

A: Our security team is working on the case constantly. We hope that we can open your account in 24 hours or latest, in a couple of days.

https://help.habbo.com/entries/20252246-important-safety-information-to-habbo-users

-----

The restrictions that were put on new users on HabboxForum will most likely be lifted soon.