Curse

VGJustice · Apr 06, 2006, 07:42 PM // 19:42

Quote:

Originally Posted by Inde

This is unfortunate. Killmur, Maxiemonster all ready said he's reporting it. He's letting the community know.

One thing that confuses me... why would you ever keep your guild's accounts and passwords on a forum? This is either misinformation or something is seriously wrong there.

I'll bet they were using the same e-mail and password for their forum accounts, and that's what he hacked: The forum database.

Sir Skullcrasher · Apr 06, 2006, 07:42 PM // 19:42

They probably got a member page where each users upload their characters name and (i hope not) account information they used in game.

Still, hackers has way to break through the security system to get your information.

Killmur · Apr 06, 2006, 07:43 PM // 19:43

I know Inde, I know. I read the first post. However sometimes I don't like reading about this stuff at all. I use simple passwords since my memory is crappy with numbers. Kinda has me worried that I may have to start using numbers in my passwords but I just am not willing to.

Maxiemonster · Apr 06, 2006, 07:43 PM // 19:43

The guy who messed up this guild told me, so don't take that as evidence

And yes, I'm just letting others know, and warning you that it's not just your items getting hacked.

Inde · Apr 06, 2006, 07:44 PM // 19:44

Most forums are now encrypted. For example, there is no way in vBulletin for me to obtain or hack anyone's passwords. The encryption is that good. I know that older versions of Invision you could. This would also be the reason that I have different passwords for everything. For my GW Account, forum account, emails, admin access, etc.

dansamy · Apr 06, 2006, 07:48 PM // 19:48

Well, truthfully what most likely happened is that when the hacker (allegedly -) hacked the forum, Kava's email that was used to sign up on the forum and his forum password were the same as those he uses for his game account. That allowed the thief very easy access into his GW account. I've had forum accounts to get hacked before.

SnipiousMax · Apr 06, 2006, 07:48 PM // 19:48

Quote:

Originally Posted by Inde

Most forums are now encrypted. For example, there is no way in vBulletin for me to obtain or hack anyone's passwords. The encryption is that good. I know that older versions of Invision you could. This would also be the reason that I have different passwords for everything. For my GW Account, forum account, emails, admin access, etc.

All the same. Common sense says you don't use the same password for different things.

Killmur · Apr 06, 2006, 07:48 PM // 19:48

Yep so true Inde. I know for a fact the worst forum board to use for major communties is phpBB. Infact all free forum boards are not that great for major communities due to security issues. phpBB has infact had to release many updates late last year to fix security flaws and holes. I would rather pay the 80+ dollars for a board like IPB or vB due to the fact that they are way more secured than the free boards.

Inde · Apr 06, 2006, 07:53 PM // 19:53

SnipiousMax, you would think so. I know many who do, just as I know many who download attachments in their emails from people they don't know. Or that some people don't shred credit card offers sent to them, or guard their ATM pin #'s with their life. Some good information in this thread though to educate others.

96TSi · Apr 06, 2006, 07:53 PM // 19:53

my website was once victim to some poor soul hacking our phpbb. since then i have been a proud member of vBulletin. definitly worth the $160

Berlucchi · Apr 06, 2006, 08:11 PM // 20:11

These guys steal accounts ALL the time. This isnt the only time theyve done this. Thier main guild is - and they are quite the jerks. On the factions event they recruited people just so they could farm faction then kicked them all.
I am leaving the guild because i am fed up with them doing this.
Thier IGNS are:

Removed-Sent them to Anet instead

I am sure the thread starter can confirm this.

Ctb · Apr 06, 2006, 08:13 PM // 20:13

I would strongly suggest you delete those names. Even though it may be true, the proprietors don't like the idea of people posting names on this site in retribution.

I fully understand, as it's really ANet's responsibility to look into it and make a call, not ours or GWG's.

Maxiemonster · Apr 06, 2006, 08:16 PM // 20:16

Yep, remove those names please

It doesn't matter who did it.

And again, I'm not trying to solve this by posting this.

xRustyx · Apr 06, 2006, 08:19 PM // 20:19

<3 Kava. Apparently the hacker was - Deleted his PVE Warrior among other things. :< I <3 you - but this shit is gay.

koneko · Apr 06, 2006, 08:27 PM // 20:27

Quote:

Originally Posted by Inde

The encryption is that good. I know that older versions of Invision you could. This would also be the reason that I have different passwords for everything. For my GW Account, forum account, emails, admin access, etc.

Mmmm, MD5/SHA1 hashing + salting.

That's just sad. What were they trying to prove by doing this? Shits and giggles? =\

Count to Potato · Apr 06, 2006, 08:32 PM // 20:32

I was skeptical when - was recruiting before the preview, and it seems i was right they just got alliance standing up, i was right in a way, the reason i got kicked was cuz my friend went afk in a gvg so he got kicked with all his friends which was me and another guy, luckily i got back in becuz i qualified. Woot, Being good FtW

vtrajan · Apr 06, 2006, 09:06 PM // 21:06

You can put all your passwords into a text file and put it on a flash drive, but first I would reccomend downloading PGP for Windows and encrypting the txt file.

just call me jimmy · Apr 06, 2006, 09:27 PM // 21:27

One other thing to be carefull about all!!
DON"T use your primary e-mail address in Forums, and make sure it is not displayed. I know Game Amp is very bad for that, if someone left their e-mail displayed anyone could see what it is. Then a hackers job is Half over already. Also a good idea to change you GW password every few weeks, and use letters and numbers and even slashes,$ signs anything. Pasword cracking programs are designed primarly for letters.

Vanquisher · Apr 06, 2006, 09:36 PM // 21:36

The site the forum was on probably saw a keylogger downloaded to his computer. From there the information was easily accessible.

doskir · Apr 06, 2006, 09:57 PM // 21:57

i have been using this method for safe passwords a long time now and heres how it works:
get a piece of paper and write every letter and the numbers 0-9 on it then randomly assign each letter and nummer a different number or letter. now create a password for each site/game by using it. ie: guildwars = df5onm68z. you can put this anywhere you want because NOBODY will know what this thing does copy it a few times and store it somewhere you wont loose it perfect password aslong you dont tell anybody that has access to it what it does