 |
|
Mar 24, 2009, 11:28 PM // 23:28
|
#41 | |
|
Desert Nomad
Join Date: Jan 2009
Profession: N/
|
Quote:
|
|
|
|
|
Mar 24, 2009, 11:40 PM // 23:40
|
#42 | |
|
Wilds Pathfinder
Join Date: Aug 2008
|
Quote:
The only thing I can think of to explain these covert activities, is that something happened on their server-side end. In fact, using so many resources in an effort to actually recover and return stolen electrons seems to support this premise (and violate established precedence). As to a rollback, it seem to me that any 'modern' backup database stores stuff as files, and certain files (e.g. account data) can be loaded over the current files. Perhaps they have a piss-poor implementation that doesn't allow this to occur while the servers are 'live', whatever that means/entails. However, it seems a choice could be made if such a 'simple' backup system existed: 1. Sacrifice past month's account activity and revert to stored account 2. Do nothing (e.g. forget about losses and save month's 'achievements') And finally, as to item tracking, they'd need some kind of unique 24/32 bit key for each item, and something else similar for 'stacks'. As they only use 8 bits for stack item count, I doubt they have the space for such additional item info. As to text logs for player activity/trade that they 'apparently' maintain, scripts would need to be written to parse them in certain ways (e.g. for some date, for some player/item, find line -> feedback loop to follow trade further). Perhaps it's actually databased (doubtful, prolly rolling text log) - code still needed to query... |
|
|
|
|
|
Mar 25, 2009, 12:12 PM // 12:12
|
#43 | |
|
Forge Runner
Join Date: Jun 2006
Guild: Hard Mode Legion [HML]
Profession: N/
|
Quote:
It could well be that this is a client side incident executed by a single individual. That way only a very limited (relatively) amount of accounts is affected and there is no need to inform the community at large. That would also make it possible to track some items back, those items that would be on that account or on accounts traced back to the same IP address (assuming no dynamic IP). How this attack was executed doesn't really matter. Everyone will tell you that they did fine, no-one who gets hacked has a key-logger or trojan on his/her computer and they never reused a password anywere. It's easier to blame the company providing the hacked account, in this case A-net while all research on security shows that there is a 99.9999% chance that an attack is client side and only a 0.0001% chance that it's server side. Let's assume it's server side. First of all, if I were a hacker I would brag on what I did in the hacking community. I didn't catch any of that. Second, I would loot as many accounts as possible. And since I'm a knowledgeable hacker I would inform my friends (there are very few hackers who operate completely alone) so they also can make some profit. This would result in a far greater number of hacked accounts than we are aware of now. The only reason why this didn't happen on that scale was when the known hacks were a test-run. But I doubt that, it's easier to do that with 'safe' accounts, like a primary and secondary or a friend's account. I really doubt that this is a server side related issue, all signs point the other way so far. |
|
|
|
|
|
Mar 25, 2009, 02:38 PM // 14:38
|
#44 | |
|
Academy Page
Join Date: May 2006
Guild: The Best Guild In The Game [Best]
Profession: N/
|
Quote:
They wont roll back the servers, they are just going to give the items back that they were able to track. Yesterday i was the first to recieve the items that were stolen, and im assuming anyone else she talked to will soon be getting a similar email =] |
|
|
|
|
|
Mar 25, 2009, 04:19 PM // 16:19
|
#45 |
|
Krytan Explorer
Join Date: Apr 2006
Location: On a boat!
Guild: Homeless.
Profession: Mo/
|
If they really did go through the trouble of retrieving items and giving them back to their owners, I hope that's their way of saying that the security problem was on their side. It's a little scary to think that they would be willing to go through that much trouble for people that buy gold and/or download software from shady websites.
For the past 4 years, we have been told that nothing could be done if our items were lost, so this sudden change of tune is a bit weird. Knowing why the most recent incident is being handled differently would be nice. 
|
|
|
|
|
Mar 25, 2009, 05:20 PM // 17:20
|
#46 | ||
|
Desert Nomad
Join Date: Apr 2006
Profession: W/
|
Quote:
Quote:
|
||
|
|
|
|
Mar 25, 2009, 06:39 PM // 18:39
|
#47 | |
|
Grotto Attendant
Join Date: May 2005
Location: The Netherlands
Guild: Limburgse Jagers [LJ]
Profession: R/
|
Quote:
|
|
|
|
|
|
Mar 25, 2009, 08:24 PM // 20:24
|
#48 |
|
ArenaNet
Join Date: Apr 2008
Profession: Me/
|
The reason this incident has been handled differently is because we would like to provide our customers with better service. If we are able to retrieve stolen items, which again I stress is usually impossible, then we would like to be able to retrieve them and return them.
We extensively investigated this incident, tracked down, and closed the accounts that were involved in this. I have been given clearance to let you know that it appears that this hacker logged into the compromised accounts by using account credentials that he or she had already stolen from somewhere else. Our advice to Guild Wars players is to use a unique password for Guild Wars that has no relation to passwords that you use on other sites.
__________________
Regina Buenaobra Community Manager ArenaNet, Inc. Last edited by Regina Buenaobra; Mar 25, 2009 at 08:25 PM // 20:25.. Reason: Spelling error |
|
|
|
|
Mar 26, 2009, 12:40 AM // 00:40
|
#49 |
|
Academy Page
Join Date: Sep 2008
|
Account Hackers, Still a Threat?
Was Reading a Couple days back about how there was a large scale wave of hacking being done, and many accounts were hacked and their Zkeys/Cash/Ectos/Whatever was Looted and in there spots, Replaced with a lowend Crap item.
Is this still going on? or has Anet cracked down on these people? I read somewhere in-detail what actually happens during the process that your randomly disconnected and trying to reconnect fails and anywhere from minutes to hours later your shit is gone. That random Disconnecting sequence has happened me to more than 2 times early today, Its not my internet or anything, so this is why im wondering now. Any news on this would be Great, and if anyone has any good tips too would be cool. |
|
|
|
|
Mar 26, 2009, 01:08 AM // 01:08
|
#50 |
|
Older Than God (1)
Join Date: Aug 2006
Guild: Clan Dethryche [dth]
|
Regina just stated in another thread that it appears that the hacker got into these accounts by hacking a different database, retrieving account names and passwords, and using them. She did not state which database.
Long story short: if the password for your GW account uses the same password as the corresponding e-mail account, or if you use the same e-mail account and password for any internet site, forum, or what have you: go change your GW password right now. |
|
|
|
|
Mar 26, 2009, 01:19 AM // 01:19
|
#51 |
|
Hall Hero
Join Date: Aug 2005
Profession: E/
|
Hackers are always present. Some tips...
a) don't use your guild wars e-mail to register an account in a Guild Wars fansite/guild site. b) have a good password, http://www.whatsmypass.com/?p=415 instead of one of these |
|
|
|
|
Mar 26, 2009, 01:22 AM // 01:22
|
#52 |
|
Forge Runner
Join Date: Feb 2007
Location: Las Vegas
Guild: Enraged Whiny Carebears [oR]
Profession: W/E
|
Hackers are never a threat in the first place, if you're smart.
|
|
|
|
|
Mar 26, 2009, 01:26 AM // 01:26
|
#53 | |
|
Frost Gate Guardian
Join Date: Apr 2008
Location: England
Profession: A/
|
Quote:
Personally, none of my passwords are the same and I use different emails for everything just to make sure things are safe. Although at the moment, if someone hacked the email my GW Account is linked with, I'd be very suprised, considering it doesn't seem to exist anymore =/. |
|
|
|
|
|
Mar 26, 2009, 01:51 AM // 01:51
|
#54 |
|
Forge Runner
Join Date: Mar 2006
Location: Mableton, Georgia
Guild: Guild Ancestors Reunited [ギルド]
|
do what i do-- use a completely random and non-associated email as your GW log-in and never use that email outside of GW. simple.
|
|
|
|
|
Mar 26, 2009, 06:57 AM // 06:57
|
#55 | |
|
Desert Nomad
Join Date: Jul 2005
Guild: Glob of Ectospasm [GoE]
|
Quote:
|
|
|
|
|
|
Mar 26, 2009, 07:14 AM // 07:14
|
#56 |
|
Academy Page
Join Date: May 2006
|
In regards to getting stuff back to hacked players the way we helped was as a guild pretty much gave anything we could to the few affected players and while a toon or two was deleted the majority of stuff was replaced by guild generosity.
I know how paranoid some of the people in my guild are about passwords and the fact that they got hacked has left me wondering just hoe it could have happened. Must be related to a keylogger being sent to the same email address used to log into GW. Anyway guild generosity ftw! |
|
|
|
|
Mar 26, 2009, 01:39 PM // 13:39
|
#57 |
|
Desert Nomad
Join Date: Nov 2005
Profession: N/
|
There is another possibility, there is a really good looking website that is guildwar.com. It looks real but isn't.
|
|
|
|
|
Mar 26, 2009, 04:04 PM // 16:04
|
#58 |
|
Wilds Pathfinder
Join Date: Aug 2007
Location: ★☆٭Ńēŵ~ŶờЯК٭☆★
Guild: The Benecia Renovatio [RenO]
Profession: Mo/Me
|
~fake~fake~fake~
Hey guy and gals, just cleaning up the rumors started in this thread. A GuildWars GM can't spawn items or create new ones... ever. There is one exception however, using a Master GM account (one of Izzy's account is one) the GM can use a command similar to /bonus to recieve an item that was coded to be released to that GM (However they may only use this command once, hence they cant spawn 500 Vizu's, only 1. Like Kuunavang.). When Gaile was given her Frog mini's, Izzy was given them, and he then traded Gaile the mini's. So, basically to summon it up, their is no way to give back items unless their going to find what was deleted and give everyone who lost their stuff a special /bonus like code. Hence they people who are scammed cant get back their items and so forth. Hope that cleared it up, thanks
|
|
|
|
|
Mar 26, 2009, 04:05 PM // 16:05
|
#59 |
|
Site Contributor
Join Date: Dec 2004
|
Markaedw, guildwars.com and guildwar.com are both ArenaNet. It's a legit guildwars.com website. Just strange the way they went about it.
|
|
|
|
|
Mar 26, 2009, 07:34 PM // 19:34
|
#60 | |
|
ArenaNet
Join Date: Apr 2008
Profession: Me/
|
Quote:
__________________
Regina Buenaobra Community Manager ArenaNet, Inc. |
|
|
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Hacked accounts (Compare notes page) | Chestnut | The Riverside Inn | 103 | Aug 28, 2008 06:46 PM // 18:46 |
| Hacked accounts - another possibility | TheRaven | The Riverside Inn | 49 | May 12, 2008 10:21 PM // 22:21 |
| drgnmstr294 | The Riverside Inn | 21 | Apr 19, 2007 02:02 AM // 02:02 | |
| rebondzx | Questions & Answers | 3 | Nov 15, 2006 11:42 PM // 23:42 | |
| Recent changes... | Sideways | Questions & Answers | 3 | May 20, 2005 04:18 PM // 16:18 |
All times are GMT. The time now is 01:30 AM // 01:30.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("