Explanation and Fallout From the Exploit

Day 692, 20:18 Published in USA USA by system0101

Earlier today a rather vicious exploit hit full steam. Some were able to embed Java and/or JS into newspaper comments, and possibly citizen ads. The code forced donations to one of many accounts. I lost 59 gold in (I believe) the first wave of the attack. The forced people to donate the highest even amount of gold they had in their possession, and nothing else.

One of the first instances of framing was when one of the hackers donated 300 gold to Gaius Julius. This seemingly was done manually. Most of the rest of the gold was liquidated on the Monetary Market in an effort to destabilize the RUB.

The first ones were sloppy and caused glitching on eRep pages. They quickly got better and appeared as blank comments on newspaper articles. Since I had already lost all my gold, and there were no reports of any item thefts, I was not worried about investigating some of the links. EDIT: Nagyzee has said he may be missing some Q5 gifts.

The one that got me was a comment on an article describing the benefits of emigration to eIsrael. The page would take too long to load, and immediately force me back to the homepage. As I said earlier, the exploits quickly were streamlined into blank article comments. The one that got me apparently redirected to a sharethis.com url, but again later ones seemingly did not.

Within an hour of my loss, there were many many people shouting and posting about the exploiters. Many were screaming that the next exploiter was MoredanKantose, though it is widely believed that he was just another victim.

Soon the evolving exploit only stole one gold piece at a time from victims, even though some were still drained completely. Also, Emerick fell victim to a similar framing attack that the eRussian president endured.

It was about this time where the administrators visibly began to crack down on the madness. They suspended all the accounts involved. They hid or removed the JS code in article comments. They temporarily killed the ads. Some scamming accounts were banned before they even swiped a dime.

At this time I believe that no gold has been returned, but it seems as if the exploit has been closed. Some have said the admin team are going to remedy the situation tomorrow, but again I could not find that in an official article or post anywhere.

This is an unofficial, incomplete list of accounts who received these golds. The total range of the attacks is in the low five figures.
http://www.erepublik.com/en/citizen/donate/list/77851 (victim)
http://www.erepublik.com/en/citizen/donate/list/1230646 (victim, returned funds manually)
http://www.erepublik.com/en/citizen/donate/list/1231360
http://www.erepublik.com/en/citizen/donate/list/1425001 (victim, maybe?)
http://www.erepublik.com/en/citizen/donate/list/1507822 (victim)
http://www.erepublik.com/en/citizen/donate/list/1625508
http://www.erepublik.com/en/citizen/donate/list/1705760
http://www.erepublik.com/en/citizen/donate/list/1718173
http://www.erepublik.com/en/citizen/donate/list/1789367
http://www.erepublik.com/en/citizen/donate/list/2026143
http://www.erepublik.com/en/citizen/donate/list/2025781
http://www.erepublik.com/en/citizen/donate/list/2027034
http://www.erepublik.com/en/citizen/donate/list/2027270
http://www.erepublik.com/en/citizen/donate/list/2027292
http://www.erepublik.com/en/citizen/donate/list/2027317
http://www.erepublik.com/en/citizen/donate/list/2027476

If you have any information to add, please post it in comments. Also, if you know of any other accounts that received funds in this manner, post them here. I am (vaguely) considering going through the donations of some of these accounts and totaling the donations from this morning.