We’ve released a bug fix edition of NMM, taking us to version 0.44.4. Here’s the change log:
1. New Feature: The ReadMeManager now supports PDF files.
2. Bugfix: ReadMe Manager preventing .txt files from being installed in mod folders. (This fixes the installation of mods like Fores New Idles)
3. Bugfix: Rare crash while deleting a mod in CategoryView.
4. Bugfix: Omod script interpreter.
5. Bugfix: Users were able to set Mods and Install Info as the same folder.
6. Bugfix: NMM crashing with a corrupt ReadMeManager.xml file.
7. Bugfix: NMM using the wrong game path after a game rescan.
8. Bugfix: LoadOrder export using the wrong plugin list.
You can download the update through NMM or by downloading and installing manually through the NMM download page
Unfortunately earlier today we found out that some of our file servers had been hacked, replacing manual (not NMM) downloads with a malicious installer that contained malware. This hack was targeted as the hacker deliberately named the file “Nexus_Downloader.exe” to try and snag as many people as possible. While I haven’t tried to run it myself it seems to be a scam malware that sends the user to a fake FBI page informing the user they must pay must in order to unlock their system. To make it worse only 4 of the 20 main anti-virus programs people use flagged this as a virus. It’s obviously a relatively new one that most haven’t caught up with, and this might have caught a few of you off guard.
As soon as we found out about the breach we had the servers down and patched up within minutes and we’ve been working today further hardening our servers and shutting down the method used by the hacker to gain access. All told, malicious downloads were only being served for an hour early this morning. If you don't know what I'm talking about then you missed it all.
There’s a few things to take away from this. First of all I’m sorry that this has happened to some of you. You clearly trust us to provide you with a safe and secure modding experience and we got caught with our pants on our heads. While this won’t help you now, can I give you some advice? Don’t trust anything, any site, or any person fully on the internet. Be suspicious of everything. If you’ve tried to download a fluffy sheep mod that says it’s 50mb in size for Skyrim and instead been given a file called “Nexus_Downloader.exe” that’s 100kb in size...be suspicious. We’d never do something like that, especially without letting you know first. These sorts of things can happen to any site out there (just look at the past hacking’s of Sony, Valve/Steam...even Bethesda got hacked) and having an anti-virus, firewall and malware protection won’t keep you 100% safe. Nothing will. But try and be perceptive and don’t let your guard down.
We can’t guarantee your safety 100% when browsing and downloading from the Nexus. No other site can offer you that guarantee either. What I can guarantee you is that we work hard to try and make the experience as safe and secure as possible, and we work even harder when we know we’ve been breached, often without sleep.
Never be afraid to report suspicious activity either by others or by the sites themselves on the forums or to the staff.