Curse

IrishCB · May 13, 2008, 06:10 PM // 18:10

The reason why an anti-virus might pick up texmod is because its a 3rd party program that changes files. Try this with another game and get a trainer, your av might act the same way.

Painbringer · May 13, 2008, 06:34 PM // 18:34

Quote:

Originally Posted by Jetdoc

Yeah, I found it odd as well that he took the time to open the chest 47 times instead of just opening a trade with his other account. Maybe he didn't realize that the keys were worth a ton at the moment, and was just hoping for an everlasting tonic.

I would assume the hacker probably knows that if he starts taking items like z-keys, ectos, gold, or collector material etc... It is easier to trace by A-net rather then a random spawned gold from the z chest that the hacked account would have no record of in the first place. Just a guess

JET... the PM i sent you (I run NORTON as well) took three days to catch the trojan on my system. I ran numerous scans 2 full and at least 4 quick, I update daily my definitions

britnie31 · May 13, 2008, 06:39 PM // 18:39

Quote:

Originally Posted by nitetime

you have this on your account and someone just wanted to use your keys!?

http://www.guildwarsguru.com/forum/s...57&postcount=7

certainly someone is just messin with you.

Yeah it really does just sound like some one messed with ya here ... i mean if some one was to take the time to hack and have time to pop a chest 50 times they would just as quickly have moved cash / ectos instead ..

Chthon · May 13, 2008, 07:06 PM // 19:06

Jet, you did well by PMing Regina. I hope they can figure out what happened and prevent it from happening again.

Quote:

Originally Posted by Hissy

Why no lockout/delay after x failed attempts?

Because it allows me to be a jerk by entering "123456" X times each day to keep your account locked out indefinitely. (Note: This wouldn't be a problem if accounts tied to PlayNC could change their username. Just one more reason to NEVER tie your account to PlayNC if you can avoid it.)

Quote:

Why does a player gets kicked out when a second person gains access? I'd like to see an ingame message telling me that someone else just tried to log on, their IP address, and the option to /report instantly.

Half the time it's going to be the hacker displacing the legitimate user, and half the time it's going to be the legitimate user displacing a hacker who logged in while the use was out.
But, what should be happening is that anet's system should be automatically logging whenever one user bumps another off an account and sending a notification to support to investigate it.

Quote:

Why can't we set a character to "undeletable" or delayed deletion, so that even if we lose cash/items we don't also potentially lose our characters/titles?

That's a good idea, and I have no idea why it still hasn't been implemented.

Quote:

Why does PlayNC password changer only allow numbers and letters, and not the extra characters from a regular keyboard?

There is no excuse for this. There is also no excuse for permanently binding your username when you link to PlayNC.

Quote:

Originally Posted by cataphract

Man-in-the-middle attack?

But that would mean the login process of GW isn't encrypted! OMG!

It's encrypted, but pretty weakly. The GWLP team had no trouble breaking it. However, man-in-the-middle doesn't fit Jet's scenario, because he was already logged in for some time when his account was accessed. Unless the hacker had been waiting for Jet to log in, then just sat on the password for awhile instead of using it.

Quote:

Originally Posted by Malice Black

Name a GW player thats always going on about hacks ingame and on the PlayNC site etc and you have your answer....got it yet?

bingo!

I very much doubt that. Moreover, your comments are defamatory. Unless you can back them up, you shouldn't go around saying things like that.

---

@ Haskell: I see you've crawled out from whatever rock you were hiding under to troll these forums again. I've got an idea: Instead of trolling this thread, why don't you head over to the technical forum and post that method of connecting GW to a VPN that you once claimed you had? I've seen at least two people ask for it since you crawled under that rock, and I'm sure they'd appreciate it a lot more than Jet appreciates you calling him an idiot.

Dylananimus · May 13, 2008, 07:14 PM // 19:14

Quote:

Originally Posted by britnie31

Yeah it really does just sound like some one messed with ya here ... i mean if some one was to take the time to hack and have time to pop a chest 50 times they would just as quickly have moved cash / ectos instead ..

I doubt a 'hacker' wants to stand around and sell keys in Temple of Balth, as they're not worth anything at the merchant as I recall. Easier to sell the crap that comes out of the chest to the merchant

Which probably left no time for him to move the ectos. Doesn't sound like a very bright 'hacker' whichever way you look at it.

**cosyfiep** · May 13, 2008, 07:17 PM // 19:17

Quote:

Originally Posted by shru

The only connections I've seen between all hackies (by all their stories) is that they're GWGuru members.
I don't browse other fansites, but are there people on other sites getting hacked aswell? Additionally, any info on alt GW sites regularly visited could be quite helpful.

gee we seem to think that everyone who has been having problems WILL get visit a fansite and post about it....
LOTS of players have no idea what guru (or other fansites) is, and since this one is in english I bet there are tons of non-english players who have never heard of it and since they may not read/write english wont visit this site....

AND

who says that others were not hacked???? Only a few people have come forward, I am sure they are others who have no clue what do to if they get hacked or just give up and stop playing altogether.....

(and usually these threads have been deleted in the past---so why would you post if you know your thread is just going to get deleted?)

Dante the Warlord · May 13, 2008, 07:25 PM // 19:25

Hmm im a bit afraid, how do I prevent this notorious hack from hacking me?

Malice Black · May 13, 2008, 07:32 PM // 19:32

Quote:

Originally Posted by Chthon

I very much doubt that. Moreover, your comments are defamatory. Unless you can back them up, you shouldn't go around saying things like that.

Maybe so, but:

#1 It needed to be said. I wasn't the only one thinking it, just the one who isn't bothered by the forum kiddies, the self righteous and the general forum idiots.

#2 There is a very good chance it is this person, or someone associated with this person.

To get to the bottom of this, every angle has to be covered. If someone e-feelings get hurt, tough shit.

lordheinous · May 13, 2008, 07:35 PM // 19:35

This just in on the official gw site:

Update - Tuesday May 13
Bug Fixes

* Fixed an exploit.

Kind of lacking in detail, don't you think? I'm thinking it perhaps has something to do with the problems discussed in this thread.

Nightmares Hammer · May 13, 2008, 07:40 PM // 19:40

Quote:

Originally Posted by Malice Black

Maybe so, but:

#1 It needed to be said. I wasn't the only one thinking it, just the one who isn't bothered by the forum kiddies, the self righteous and the general forum idiots.

#2 There is a very good chance it is this person, or someone associated with this person.

To get to the bottom of this, every angle has to be covered. If someone e-feelings get hurt, tough shit.

So... Who do you suspect?

TheRaven · May 13, 2008, 07:47 PM // 19:47

Quote:

Originally Posted by Nightmares Hammer

So... Who do you suspect?

¿¿

LOL, even I know the respuesta to that one, Señor and I don't know most of the regulars all that well.

Ruby Lightheart · May 13, 2008, 07:56 PM // 19:56

Quote:

Originally Posted by Angelica

Well I was told, by the supports people,that if you changed your email it was impossible to change your PW because the email for the change would be sent to the old email address. So no you cannot change your PW.

ok whomever told you that from support needs to be fired or they misunderstood your question.

Everytime you change your password, you get an email telling you that your password has been changed AND the ip address from which the change was made. So the hacker has to change your email addres to something you dont know in order to change your password without you knowing.

What really should be done to upgrade security is something like these:

1) require ALL email address changes to be verified and the verification email sent to both the old and the new address...this would help notify you if someone sneaks into your plaync account and changes the email firrst. The REquired verification would be limited to a 5 minute experation..after the 5 minutes, the account would be locked and you would be required to contact support to get your account back

2) require that all password and email changes be made only AFTER a secret security question is answered

3) limit the number of times someone can enter an invalid password. After 3 attempts, the account cannot be accessed again till you verfiy your idenity via security question.

I have noticed that the majority of hte hacks reported seem to be after someone has been in PVP or AB. Sounds alot like a smart hacker group is lingering in the pvp areas and targeting those whom have elite armor or whom they notice frequent the pvp arenas. This would flag that player as someonen whom possibly has alot of goodies and keys. Now I am not sure how they would get your user name, but perhaps they have hacked into a fan site database or are just that good at snooping into someones computer ip.
a

anyhow just my 2 cents on what could help improve security

Jetdoc · May 13, 2008, 08:06 PM // 20:06

Okay guys, here's the response I got from Support when I filed my ticket (at Regina's request).

Quote:

Thank you for contacting us regarding this matter. Dealing with a hacked account is terribly frustrating, and can leave a victim with a feeling of sincere vulnerability and loss. We have constructed this document to help players get through this situation, as well as to empower you to take action on the individual(s) responsible.

Please understand that NCsoft only considers a "hacked" account to be the unauthorized access of an account resulting from the criminal act of distributing and propagating a keylogger, Trojan, or other computer virus. We do not recognize a "hacked" account to be the theft of items resulting from any sort of account sharing, trading, or selling. Please remember that the integrity, security and interactions of characters on an account are the sole responsibility of the account owner, and not NCsoft's. Additionally, we do not return any items that are missing as a result of hacked/stolen accounts or having been accessed by another person. Owners are responsible for maintaining the confidentiality of their password and security of their account at all times.

The act of writing and distributing malicious code is a criminal act, one that the police will often investigate. A victim will need to contact their local authorities in order to report this activity. Because the actual crime was committed on the user's system, and not a system owned by NCsoft, we cannot file such the report on behalf of the user.

During the investigation, police will likely need to contact us with a subpoena request to identify and track down the perpetrators.

Once we receive this information, we will then proceed to review the account history and pursue the individuals responsible. If there are any additional questions or concerns, or if there is anything else that we may be able to assist with, please let us know and we will help as soon as possible.

So, in short, it sounds like A-Net and NCSoft's offical stance on hackers is that they won't do an "official" investigation unless we file a police report and the police issue a subpoena. I'm not sure if the police would issue such a subpoena unless it can demonstrated that the individual was "distributing and propagating a keylogger, Trojan, or other computer virus."

In my situation, I'm not sure if I can do that, unless (as Painbringer suggested above) my antivirus program subsequently detects a keylogger, Trojan or some other sort of virus (which it hasn't thus far)...and I'm not sure if that was even the cause of this hacking attempt.

Interesting official response, to say the least.

Malice Black · May 13, 2008, 08:09 PM // 20:09

Basically they said screw you, come back with evidence.

Earth · May 13, 2008, 08:13 PM // 20:13

"Hi guys, our security sucks so you get hacked, but ofcourse, it's YOUR problem!"

PS: HI ANDREW

fusa · May 13, 2008, 08:23 PM // 20:23

Quote:

Originally Posted by Jetdoc

Okay guys, here's the response I got from Support when I filed my ticket (at Regina's request).

So, in short, it sounds like A-Net and NCSoft's offical stance on hackers is that they won't do an "official" investigation unless we file a police report and the police issue a subpoena. I'm not sure if the police would issue such a subpoena unless it can demonstrated that the individual was "distributing and propagating a keylogger, Trojan, or other computer virus."

In my situation, I'm not sure if I can do that, unless (as Painbringer suggested above) my antivirus program subsequently detects a keylogger, Trojan or some other sort of virus (which it hasn't thus far)...and I'm not sure if that was even the cause of this hacking attempt.

Interesting official response, to say the least.

This has got to be the most idiotic response I've seen from a company. Any company that cares about its customers aren't going to tell them basically too bad you were hacked but don't ask us to waste our time with it. Their response was complete bullshit also since you don't need to contact the police they can themselves. My Ebay account was hacked, luckily I caught it it quickly and talked to customer support person. She said I didn't need to contact the police since they were doing this for me. She also refered me to a page that listed people who were convicted all over the globe hacking ebay accounts.

Cebe · May 13, 2008, 08:27 PM // 20:27

We should place bets on how umm...'quick' the police will act when one person reports having been hacked.

Malice Black · May 13, 2008, 08:30 PM // 20:30

Police wouldn't do shit. It would be passed to the cyber division, who would in turn sweep it under the carpet.

gone · May 13, 2008, 08:32 PM // 20:32

it's gonna be hard for them to really do anything considering that the individual(s) is/are underage...mommy and daddy might catch hell, but junior will walk.

Jetdoc · May 13, 2008, 08:32 PM // 20:32

Quote:

Originally Posted by Hajimesaitou

So I just learned what happened. I had made a post saying that all my gold was stolen, I saw that everyone said they had a toon in balthazars temple and so when i saw my necro there i checked it out. turns out that the hacker went on and didnt steal my gold, he just used it all for z keys and then opened a grip load of chests. I find firewaters and brules in my inventory but no golds (he prolly took all the expensive crap) and I am now rank 1 in the zaishen stupid thing. Then only way my acct could have been hacked is through my plaync account or here on guru as I was stupid enough to use same e-mail n password (which have since been changed on both guru and the game). any thoughts would be nice, but why would hacker just buy keys instead of take straight cash which was probably worth more than the crap he got (350k).

Looks like the hacker just pulled the same stunt on someone else, but took it a step further (i.e. actually bought keys with the guy's gold before using them).