Curse

~ Star Maiden ~ · Mar 03, 2006, 08:15 PM // 20:15

Quote:

Originally Posted by Pevil Lihatuh

there have been reports of people being kicked out of their account because the hacker tried to log in while they were logged in. You can do the same back to the hacker though

Pevil, you're starting to scare me again!

j/k

Diablo™ · Mar 03, 2006, 08:25 PM // 20:25

crap now i'm gonna be paranoid as hell...

Loviatar · Mar 03, 2006, 09:09 PM // 21:09

Quote:

Originally Posted by Diablo™

crap now i'm gonna be paranoid as hell...

i am already paranoid as hell.

the question is..................

*AM I PARANOID ENOUGH*?

Arduin · Mar 03, 2006, 09:20 PM // 21:20

Something strange happened to me too (and in a matter of fact to one of my guildies too). Twice during gameplay I was kicked out of the game, with the error "someone else has logged in to your account". After I got kicked out I wasn't able to log-in for a few minutes, so I was well on my way to freak-out. Gladly after many fruitless attempts I could acces the game again, nothing was deleted/stolen luckily. I am absolutely positive I never shared my password with anyone, and after those incidents changed it to a harder-to-guess password. (So i hope

) So I'm just wondering if someone actually hacked into my account, or some bad connection made this message display...

tripplesix · Mar 03, 2006, 09:58 PM // 21:58

i was already paranoid when i started playing gw, i was so afraid of getting hacked that i made an email account just for the guild wars. now i know not everyone does this but its kinda a good idead. i recently started using the guruauction site and when leaving feedback for an item you can see the other persons email, now i dont use the same email for guruauction as for my guildwars login but thats one easy people can atleast get a hold of your email adress.

another thing that has made me kinda scared besides all the threads about people getting hacked is that my antivirus has found 2 trojans in 2 days when im afk from the computer and its not running anything.

what to dew, what to dew.....

Pevil Lihatuh · Mar 03, 2006, 09:59 PM // 21:59

ouch nasty tripplesix, and i didnt realise that about the auction... i did used to use the same email here as on my main account and have sold one thing on there... :S

lord_shar · Mar 03, 2006, 10:11 PM // 22:11

I already use a separate e-mail account for GW. I also have a hardware router/firewall w/ SPI. Most software firewalls are vunerable to buffer overrun attacks and can be disabled by malware payloads, so if all you are using is ZoneAlarm, Windows Firewall, or anything similar, don't be lulled into a false sense of security.

Another problem: see the add-banner at the top of this page? Add sites do occasionally get hacked to upload spyware unto unsuspecting users. This is why I set IE to prompt me before accepting any cookie (I always block anything I don't want). In a nutshell, never drop your anti-virus/anti- spyware just to get better PC performance.

Lastly, learn how to use "netstat -a" from the command prompt to examine all open ports on your PC. You might find something that shouldn't be there.

Awareness goes a long way...

EDIT: If your GW account has been compromised, then you can still fix it by creating a new e-mail account, moving the GW account registration to that new e-mail, then delete all transfer-confirmation e-mails. You can repeat this several times if you really want to be certain... just make sure your PC is clear of any spyware before doing so.

Teklord · Mar 03, 2006, 10:22 PM // 22:22

Thank you thank you! I was beginning to think I was alone. Everyone keeps saying how they use free firewall this, free antivirus that. Hardware firewalls are far more secure than the software one residing on one's computer. And free 'anything' I always question, not just with computers either.

And yes! Never, ever, under any circumstance disable any real-time protection provided by anti-virus / spyware / software firewall (if you feel you must have this).

It's nice to not be alone.

Pevil Lihatuh · Mar 03, 2006, 10:37 PM // 22:37

and to add to that, have more than one firewall and av if you can. coz i know for a fact i've had things that one av didn't find and another did. not good.

Alias_X · Mar 04, 2006, 02:46 AM // 02:46

Thanks for a thread with all the details we need to understand what happened, and a kind, fair, warning.

I think there are possible ways to hack into accounts other than getting a program on your computer, although that is the most obvious.

If you aren't picking up anything in your scans, I doubt you are infected with anything. I am not sure if I can say this here, but I don't even know how to do it, so I guess I can't be giving any ideas to others. I guess there is a way for people to randomly enter an email, and try tons of passwords at it, until the right one gets in. I am not sure if your attacker did that, but given the information you have provided, I don't think it could have anything to do with a program on your computer.

Thanks for the warning though, and good luck in the future.

Klmpee · Mar 04, 2006, 03:31 AM // 03:31

i got something similar. i logged on and then shortly after, got logged with a message of someone else is logged on to your account form another location or something like that..
at first i was worried.. for like 2 mins..
idk if i should be worried.. if my pve chars get deleted i wouldnt really care.. soooo......

Mavrik · Mar 04, 2006, 03:37 AM // 03:37

well I got no free character spots available for someone to leave me a "I was here" message...

damn I hope I don't get this. I don't believe I have done anything that could indicate anything about any information about my account. Keeping fingers crossed.

apocalypse_xx · Mar 04, 2006, 03:59 AM // 03:59

I am sorry to hear this happened to you, but everyone should know this too, by defintion, I do not believe any accounts are actually "hacked", to do this they would need access to either your PC or the GW server(s), and this is actually highly unlikely---barring keyloggers and such that you may or may not knowing DL. More than likely, these are cases of people acquiring your email address, they get this from IM services and by people using the same address in everything they register to, and using simple and very COMMON password forcing/guessing apps---honestly, real "hackers", the ones who write hacks would create far greater turmoil than simply leaving you a message of "I was here"---In short, relax everyone and as already mentioned, just be very cautious with your email address and the simplicity of your password

stone433 · Mar 04, 2006, 06:15 AM // 06:15

Quote:

Originally Posted by Arduinna

Something strange happened to me too (and in a matter of fact to one of my guildies too). Twice during gameplay I was kicked out of the game, with the error "someone else has logged in to your account". After I got kicked out I wasn't able to log-in for a few minutes, so I was well on my way to freak-out. Gladly after many fruitless attempts I could acces the game again, nothing was deleted/stolen luckily. I am absolutely positive I never shared my password with anyone, and after those incidents changed it to a harder-to-guess password. (So i hope

) So I'm just wondering if someone actually hacked into my account, or some bad connection made this message display...

same kind of thing happend to me a few weeks ago. while i was warping back to tumbs after a failed run I got kicked by the same error. now the interesting thing is another guildie who was doing the same thing got the same error at the same time. we were on TS at the time so i can tell you it was near instant. about an hour later another guildie reported the same error.i chocked it up to a bug in the system.

Juicey Shake · Mar 04, 2006, 07:11 AM // 07:11

Quote:

Originally Posted by lord_shar

Another problem: see the add-banner at the top of this page? Add sites do occasionally get hacked to upload spyware unto unsuspecting users. This is why I set IE to prompt me before accepting any cookie (I always block anything I don't want). In a nutshell, never drop your anti-virus/anti- spyware just to get better PC performance.

I do this in firefox, and I sit and click 'deny all' for 2-8 cookies from random sites per site I go to ~_~.... very tedious, but it makes me feel all warm inside!

&@ [someone else has logged in bug]: if you create a pvp char & you're in isle of the nameless-- if you try to go to a full district of HA you get that error.]

brett_2213 · Mar 04, 2006, 07:39 AM // 07:39

yer mate thanks for the waring

Numa Pompilius · Mar 04, 2006, 09:09 AM // 09:09

Just a couple of points.

First: adaware, antivirus etc only recognize KNOWN keyloggers. As keyloggers are so easy to write, there's a real risk of getting a keylogger your antivirus/antispyware don't know about. In other words, just because they find nothing doesn't guarantee you dont have a keylogger.

Secondly: many use easily guessable passwords. For instance, if I was going ty try to hack lihatuhs account, I'd first try variations of the name 'pevil lihatuh', then do a google search for that name and see if it turned up any associations which might be used for password. Like, say, 'lahuta', 'ascaron', 'capricorn' etc.

Thirdly, perhaps the most common way of getting a password is to steal it. People have a tendency to use the same password everywhere, simply because it's hard to remember 25 passwords, so if a hacker gets access to, say, the password cache here at guildwarsguru, he'd try to use the same password to hack a users account elsewhere. The hacker may also own password protected sites, thereby getting access to peoples passwords.

So... Software firewalls helps a bit, as they'll tell you when a keylogger tries to phone home. Of course, that means you need to realize that an unknown process called something like 'MShelper' or 'SYS32x4A' may be a keylogger, even though your antivirus and adaware doesn't recognize it, and block its access. Sometimes searching the web for the name of the process will tell you what it is.

Blocking cookies is pretty pointless. The cookies can tell someone where you've been surfing, and that's pretty much it.

Finally, try to use unique and not easily guessable passwords on sites which matter to you, e.g. your online bank or anywhere you give out your credit card number. Or guild wars.

Pevil Lihatuh · Mar 04, 2006, 04:04 PM // 16:04

good points there numa. And also apocalypse. I agree it wasn't 'hacked' but it was illegal access to my account, hence the use of the term. Most hackers that you'll find do nothing more than use downloadable item editors for games, or run scripts they found on sites to disable forums; they're not really hacking but it kinda fits it.

and yeah, numa, totally agree on that not everything gets picked up. Trouble with well known firewalls/av's is that hacker-types can get the code more easily and work it into their virus/keylogger/whatever to sneak past that program. I've cleared all cookies, scanned with 3 spyware scanners and virus scanned twice, found nothing at all. Doesn't mean it isn't there of course.

anyway good thing is that anet have replied, asked for my access key and are investigating activity over the last week. hopefully they will manage to find an ip or something that can help them sort this out, but I definately think this was a case of getting my email address from somewhere and then making guesses. Either that or, as suggested, they got a hold of a password cache from somewhere.

FalconDance · Mar 04, 2006, 04:19 PM // 16:19

The firewall recommended (on page one of this thread) includes a spyware scanner that works only with IE, not Netscape or any others. That is problematic for me as I use only Netscape. As for their "you have to have Active X", well, I do have it.

Luckily, we use a broadband router which should give us increased protection as well as built-in firewalls.

LifeInfusion · Mar 04, 2006, 04:26 PM // 16:26

+paranoid.

Makes me rethink giving out my email :P.