 |
|
Feb 24, 2009, 01:31 PM // 13:31
|
#161 |
|
Jungle Guide
Join Date: Mar 2006
Location: Trying to stay out of Ryuk's Death Note
Profession: N/R
|
Perhaps a new method being employed by one of the Gold Sellers to obtain gold for resale? One of the recent messages on GW splash screen had a recent deletion of accounts associated with gold selling. And there has been many references of private emails for purchasing that gold/zkeys/ectos. If it is a larger outfit they would have the time/computers/manpower and motivation to undertake something like this.
If ANET was making headway, the Gold sellers may be trying to up the ante and just take stuff directly. For people that have been affected it may not hurt to double check for downadup/conflicker virus, since it is very good at hiding itself.  http://www.guildwarsguru.com/forum/s...php?t=10351098 Key items: Downadup can mask itself and you may not even know you are infected. Once it infiltrates your system, it will edit your Windows Registry. After this is completed, the worm begins to override your firewall settings, allowing it to download malware from any number of hosts. This malware will only increase the damage to the PC. However, the creators of Downadup have yet to activate the second stage of the worm. Once they do, Downadup will do one of two things: 1). It will retrieve all your confidential files, personal information, passwords (online banking especially), and logins and send them to any numbers of hosts. 2). It will combine your PC into its botnet and attempt to hack (by brute force) anything it is targeted to. This is the fear of the Department of Homeland Security. With the current infection rate, it has the capability of hacking some of the most important data centers in the country if given the chance and enough time. Stage two testing perhaps? Probably a stretch, but you never know. Would explain not showing up on a scan and the possible use of brute force and retrieving logins(which are sent to any number of sources). |
|
|
Feb 24, 2009, 07:11 PM // 19:11
|
#162 |
|
Academy Page
Join Date: Oct 2007
Guild: Luck
Profession: Mo/
|
To add to the incident count, my guildy/friend's account was hacked on the 22nd too. What's sickening about this is that I kept my 2000 ecto and 40 armbraces on his account too because we had consolidated money for a 'panda fund'. The hacker walked away with enough items to total well over 6000 ecto. And we found out that while the hacker was on his account, he asked our guild chat to borrow more armbraces for a panda and walked away with an additional armbrace from that. No viruses came up, he doesn't give out account info to anyone, etc., etc. I'm not sure if it was a coincidence that the hacker mentioned the panda since we've been looking for it or if my friend's account was targetted.
I'm not sure what you do after you lose this much money...you can't really start over and earn it back again... *sigh* I'd like to say I do appreciate the special attention anet is giving this, and my only hope is that the guy who stole everyone's money doesn't make a profit off of this. Editted to add: 3rd party programs were never used, no visiting of forums, virus scan came up clean, no gold buying/selling, and account info was not given out. In fact, the reason we kept all of our panda money on his account and not mine is that I used texmod to map..that's how paranoid we were coming into this. The specifics of what was stolen: over 2000 ecto, around 50 armbraces, 80k (left 20-30k), a tormented shield, salvaged 2 pairs of chaos gloves, an undedicated mini ghostly, ... I think that's it. The account was given some fruitcakes and 8 or so celerities. Last edited by Blue Banner; Feb 24, 2009 at 07:17 PM // 19:17.. |
|
|
|
Feb 24, 2009, 07:55 PM // 19:55
|
#163 | ||
|
Academy Page
Join Date: Dec 2008
Location: Bananna Dipper
Guild: It Varies
Profession: W/
|
Quote:
Ok so u have the best antivrus . change your password every 30 seconds..yada yada.. if a "hacker" wanted in they would find a way. You or anyone can say i dont give out out info or i dont visit this site etc.. only u really know. keep in mind "hackers" are smart so its a fact there is human error with a loop hole. Sorry i just dont buy the fact that its a "xmas miracle" that people got hacked for no possible reason, if you believe this then i recommend a great movie called "GREMLINS" by steven spielberg. interesting how people personally attacked anet then when they offer help you act like anet is your best friend. imo opionion it suks be be on the receiving end of these situations and this thread can go on and on about who is right about how they "hacked" or whatever doesnt solve the issue. Fact: people got hacked for "whatever" reason Fact: Anet is looking into it to see how and correct if on anet's end of thing Fact: this thread has lost most of the ability to become informative info on hey i found this in my email etc.. or look at this Screen shot yada yada yada.. Possible Fact: its become the domino effect of suspisciousness when a few people claimed to be hacked then a whole mess of them claim the same thing. im sure some people got hacked but not as many as this thread suggests. Fact: Adult please dont "poke the bear" Fact: Most people dont understand "hackers" or how they work or how they do what the do.. it is appearant that some people in this thread know their computer shit hats off to u  Suggestion: let anet do their job , they have acknowldeged there is a problem.. let them deal with it and with all due respect i suggest to close the thread since its alot of "grasping" and finger pointing and anet has already asked those people to contact them. Quote:
6000 ectos? wow thats alot.. just curious how did this hacker know about your "panda" fund and to then ask other members specificaly about that. just curious..brave lil hacker since most of the other "hackers" came on took what they need and left and never said a word. Again my "gremlin" theory
Last edited by Wubbies; Feb 24, 2009 at 08:03 PM // 20:03.. |
||
|
|
|
Feb 24, 2009, 08:01 PM // 20:01
|
#164 |
|
Krytan Explorer
Join Date: Mar 2008
Location: South Texas
Guild: Paper St Fight Club [Soap]
Profession: Mo/
|
Well, I just got off the phone with Gaile Gray. I had sent the email to the support liaison late last night so I must say I'm rather happy with the speed of the response time. She basically went over all the information I had already provided. Right now they are looking for a commonality between guru, wiki, Xunlai, and the game as far as emails and passwords all being the same.
Amongst others, my main question was if they are able to resolve the issue how does replacing the lost items work? She said that the game was built so that it is actually impossible to just create something from scratch. This is in place to prevent someone from breaking in and creating say 2000 stacks of ectos and destroying the games economy. Not a bad policy. In the end if they are able to locate the account / accounts involved it would be exceedingly difficult to track down all the items missing as they would probably have moved on to other accounts through either RMT companies or legitimate trades with another player. Then there's the question of if my VS was traded to some guy, if they take it from him then he's also left kinda screwed. In the end I shouldn't hold my breath that anything will be returned...Back to farming I guess. |
|
|
|
Feb 24, 2009, 08:10 PM // 20:10
|
#165 | ||
|
Academy Page
Join Date: Oct 2007
Guild: Luck
Profession: Mo/
|
Quote:
And no, I don't imagine it was brave. What happens if someone figures out it was a hacker? He probably already moved what we had and what he wanted. He took an extra minute, and if someone 'caught' him - he logs out. What I find more brave (aka stupid) is that he did this Sunday night, double HA point weekend, at like 8pm CST I think. This is an active playing time. Quote:
Those of us who lost a lot of really hard earned items are already very frustrated and saddened by this that the last thing we need are ignorant accusations from people that we're making up stories. We're trying to share facts of our experiences for multiple reasons: 1) awareness; (2) to find common links of things we may forget to think of as important details otherwise; (3) for understanding of what might have happened to us. You don't like it? Don't look at it. And I never said that 'we were hacked for no reason. In fact, I said that there is good reason to target the hacked account and how we may have even become a target. I'm not saying it can't be a keylogger or brute force; I'm not acting like our account was invincible or that we got hacked 'for no reason.' I'm sharing the facts of what risk factors were and were not involved in this as far as we are aware of them. And again, factors that were not involved were viruses that would be shown by routine virus scan, giving out account info, gold selling/buying, etc. With Indie's observation: I should clarify what I know of our hacked account. We were playing an hour before, and an hour after. We *may* have still been logged on during that afk time. I can't remember if there was a reported 007 or not but I can update this information later. There is a good chance that there was. Last edited by Blue Banner; Feb 24, 2009 at 08:36 PM // 20:36.. |
||
|
|
|
Feb 24, 2009, 08:31 PM // 20:31
|
#166 | |
|
Site Contributor
Join Date: Dec 2004
|
Everyone seems to be missing the key point of nearly all these stories. You were all hacked within minutes to hours of signing onto your game. Some even kicked out of game while playing. Read through all the stories... it's something that keeps being reported. We have only confirmation from 2 people that they had trojans in their system. 1 of them was hacked, 1 wasn't. If the other 15+ people have scanned their systems and have anti-virus scanners in place, which could possibly suggest no keylogger since the only one reported in this thread was an old trojan and would be flagged by a current anti-virus software, then the hackers may have a way of monitoring who is in game. They are hitting active playing accounts regardless.
Quote:
|
|
|
|
|
Feb 24, 2009, 08:48 PM // 20:48
|
#167 | |
|
Grotto Attendant
Join Date: Jun 2006
Location: Europe
Guild: The German Order [GER]
Profession: N/
|
Quote:
Besides, it does not necessarily need to be keylogger as people understand it. GW binary can be patched to also send entered password and username to attacker. Common feature of specifically targeted malware. What is last modification date on hacked peoples gw.exe? |
|
|
|
|
Feb 24, 2009, 09:06 PM // 21:06
|
#168 | |
|
Desert Nomad
Join Date: Jun 2006
Location: Look out!
Profession: E/
|
Quote:
|
|
|
|
|
Feb 24, 2009, 09:17 PM // 21:17
|
#169 |
|
Lion's Arch Merchant
Join Date: Jan 2006
Guild: The Zodiac Elites [TZE]
Profession: Mo/
|
Very interesting to note on how seriously ANet are taking this - the promptness and detail of phones calls be made by Gaile and co are an indication (imo) that something very serious has (or still is) transpired. Don't think we have ever experienced anything like this from them.
As for the possible cause, yes there seems to be some kinda correlation between players asking for something in chat in the likes of Kamadan and them then getting targetted. I have 2 friends that have been hit with this - both of them stating that they did hit a high-end trade recently in Kamadan (both for Tormented weapons). Someone earlier mentioned a debugger encounter, makes me wonder if the hackers (if indeed this is a case) of intercepting information. Though I will be very surprised indeed if they can link this back to being able to get UserID and Password from the game. Just my thoughts though |
|
|
|
Feb 24, 2009, 09:22 PM // 21:22
|
#170 | |
|
Pre-Searing Cadet
Join Date: Oct 2007
|
From the GW Wiki
Quote:
|
|
|
|
|
Feb 24, 2009, 09:43 PM // 21:43
|
#171 | |
|
Academy Page
Join Date: Dec 2008
Location: Bananna Dipper
Guild: It Varies
Profession: W/
|
Quote:
they probally sick of people bitching on here 
|
|
|
|
|
Feb 24, 2009, 09:52 PM // 21:52
|
#172 | ||||
|
Wilds Pathfinder
Join Date: Aug 2008
|
Quote:
Quote:
Quote:
|
||||
|
|
|
Feb 24, 2009, 09:53 PM // 21:53
|
#173 | |
|
Academy Page
Join Date: Dec 2008
Location: Bananna Dipper
Guild: It Varies
Profession: W/
|
Quote:
|
|
|
|
|
Feb 24, 2009, 11:07 PM // 23:07
|
#174 | |
|
Ascalonian Squire
Join Date: Jan 2006
Location: Ashford
Guild: Veritas Invictus
Profession: Me/
|
Quote:
Care to elaborate upon this point my apathetic, astute and articulate young fellow? -m0r |
|
|
|
|
Feb 24, 2009, 11:17 PM // 23:17
|
#175 | |
|
Furnace Stoker
Join Date: Oct 2005
Location: Planet Earth, Sol system, Milky Way galaxy
Guild: [ban]
Profession: W/
|
Quote:
|
|
|
|
|
Feb 25, 2009, 12:09 AM // 00:09
|
#176 |
|
Jungle Guide
Join Date: Feb 2008
Profession: W/
|
its not that bad....i got hacked 1750e when ectos where 6k each 5 toremnted weapons when they were 100k+100e each....and 5 mil in items and cash...i sent emails to support everyday and all i got was automated messages....got nothing back at all...my friends get hacked they lose 100k and they email support and they get their stuff back...support imo sucks
|
|
|
|
Feb 25, 2009, 12:50 AM // 00:50
|
#177 | |
|
Krytan Explorer
Join Date: Mar 2007
|
Quote:
Its posts like this that makes me think most of the people saying they were hacked are just idiots who want to get back at NCSoft/Anet for whatever reason. Its impossible for your friends items to have been replaced, so your obviously attempting to spread false information. Your computer security is your own responsibility. There's no reason why NCSoft or Anet should replace items you had stolen due to your own stupidity. |
|
|
|
|
Feb 25, 2009, 01:01 AM // 01:01
|
#178 |
|
Krytan Explorer
Join Date: May 2007
|
im just wondering if theres a way for anet to "restore" deleted characters
coz i know in wow theres been instances where ive had a friend who got hacked get all his items and characters restored. |
|
|
|
Feb 25, 2009, 01:02 AM // 01:02
|
#179 |
|
Desert Nomad
Join Date: Jun 2006
Location: Look out!
Profession: E/
|
I talked with Gaile too, it seems like they're looking at not just the possibility of people having trojans or something on their computers, but also what commonality there might be between using the same passwords for guru/gw/xunlai and maybe selling high end things on guru or spamming them in kamadan (which might make them a target for these people)
Edit- I'm not saying guru had anything to do with it, only that the thieves might be using guru and kamadan etc. to find people who seem to have money or high end items So sounds like they might be heading in some direction but no firm ideas yet. She seemed genuinely annoyed that people would do this. And yeah, there's no way anybody can get their stuff back, they didn't write the ability into the code for gw1 (but she requested something along those lines for gw2!) Last edited by crazybanshee; Feb 25, 2009 at 04:10 AM // 04:10.. |
|
|
|
Feb 25, 2009, 02:58 AM // 02:58
|
#180 |
|
Desert Nomad
Join Date: Aug 2008
Guild: Fuzzy Physics Institute
Profession: E/
|
Sounds like the perfect opportunity for ANet to set up a sting. Have an undercover GM set up an account, go into Kamadan, and spam WTB <something really expensive> for <some outrageous amount>.
Sounds like ANet is missing a good business opportunity, as well. When your car is stolen, you have car insurance to get it replaced. When some burglar cleans out your apartment, you have renter's insurance to get your stuff replaced. It doesn't matter if it happened because your security was lax; your losses (or some percentage of them) are made good. Maybe ANet should sell "character insurance". $xx gets you a guarantee of in-game-gold reimbursement for any provable losses due to hacking. |
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Bot Stop! they way to stop gold spammers! | bathazard | Sardelac Sanitarium | 22 | Feb 14, 2008 09:03 AM // 09:03 |
| WTF Hackers on GW...? | sunder187 | The Riverside Inn | 143 | Feb 12, 2008 01:05 AM // 01:05 |
| fujin | Technician's Corner | 3 | Nov 12, 2007 01:13 PM // 13:13 | |
| NowTumi | The Riverside Inn | 91 | Dec 12, 2005 10:43 PM // 22:43 | |
| Hackers | Canis Lupus | The Riverside Inn | 4 | Jun 03, 2005 08:45 AM // 08:45 |
All times are GMT. The time now is 02:20 AM // 02:20.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("