so i've seen a lot of questions running around lately about the whole scratch costume editor a.c.e thing, and that in itself has been explained time and time again, but I wanted to clear up some common questions regarding the recent attack from the spammers. please do comment any questions if you have them
do note that nothing to my knowledge has been tested on conventional windows/mac machines, only chromeos. q. "does this affect (insert x user's) projects?" a. most likely no. from my experience, the most popular version that went around pretty much only changed your bio, wiwo, and all titles/descs to a copypasta. while it is safe precaution to change your password, it was likely not scripted to much else. q. "did it delete any of my projects?" a. no, if it was the one sent around by spammers. q. "does this infect every project?" a. no, this only infects projects that were specifically created to be malicious. q. "did the attack download malware?" a. not that we know of, but it's best to run a scan on your computer and ensure nothing was downloaded. the most recent attack didn't seem to have malware in it. q. "has scratch patched this yet?" a. doesn't seem like it! q. "how can I prevent this from happening again?" a. just be mindful of what links you click on and who you trust, like I said, the attack was a rather isolated incident, and it wasn't reported that other users were infected with malware or had their accounts stolen.
