Mar 24, 2009, 11:28 PM // 23:28
|
#41
|
Desert Nomad
Join Date: Jan 2009
Profession: N/
|
Quote:
Originally Posted by DarkFlame
The items are going to be transferred off onto a GM account and then physically returned to players via another in-game trade, right?
|
Yes, but then the victims will get auto-banned by the anet bots that search for large one-sided trades (we've seen this happen many times)
|
|
|
Mar 24, 2009, 11:40 PM // 23:40
|
#42
|
Wilds Pathfinder
|
Quote:
Originally Posted by miles
... through strict confidentiality with anet the persons who lost items in question were not supposed to talk about anything that has to do with how this happened or why or who, no details.
|
This sounds dubious. I mean, if all these people had visited some site or installed some app, then this should have been IMMEDIATELY communicated to the player base, so that they avoided them. I can understand keeping a hush on it for a few days after the initial incident, but to drag it out for over a month without saying why, sounds unreasonable.
The only thing I can think of to explain these covert activities, is that something happened on their server-side end. In fact, using so many resources in an effort to actually recover and return stolen electrons seems to support this premise (and violate established precedence).
As to a rollback, it seem to me that any 'modern' backup database stores stuff as files, and certain files (e.g. account data) can be loaded over the current files. Perhaps they have a piss-poor implementation that doesn't allow this to occur while the servers are 'live', whatever that means/entails. However, it seems a choice could be made if such a 'simple' backup system existed:
1. Sacrifice past month's account activity and revert to stored account
2. Do nothing (e.g. forget about losses and save month's 'achievements')
And finally, as to item tracking, they'd need some kind of unique 24/32 bit key for each item, and something else similar for 'stacks'. As they only use 8 bits for stack item count, I doubt they have the space for such additional item info. As to text logs for player activity/trade that they 'apparently' maintain, scripts would need to be written to parse them in certain ways (e.g. for some date, for some player/item, find line -> feedback loop to follow trade further). Perhaps it's actually databased (doubtful, prolly rolling text log) - code still needed to query...
|
|
|
Mar 25, 2009, 12:12 PM // 12:12
|
#43
|
Forge Runner
Join Date: Jun 2006
Guild: Hard Mode Legion [HML]
Profession: N/
|
Quote:
This sounds dubious. I mean, if all these people had visited some site or installed some app, then this should have been IMMEDIATELY communicated to the player base, so that they avoided them. I can understand keeping a hush on it for a few days after the initial incident, but to drag it out for over a month without saying why, sounds unreasonable.
The only thing I can think of to explain these covert activities, is that something happened on their server-side end. In fact, using so many resources in an effort to actually recover and return stolen electrons seems to support this premise (and violate established precedence).
|
I disagree.
It could well be that this is a client side incident executed by a single individual. That way only a very limited (relatively) amount of accounts is affected and there is no need to inform the community at large.
That would also make it possible to track some items back, those items that would be on that account or on accounts traced back to the same IP address (assuming no dynamic IP).
How this attack was executed doesn't really matter.
Everyone will tell you that they did fine, no-one who gets hacked has a key-logger or trojan on his/her computer and they never reused a password anywere. It's easier to blame the company providing the hacked account, in this case A-net while all research on security shows that there is a 99.9999% chance that an attack is client side and only a 0.0001% chance that it's server side.
Let's assume it's server side. First of all, if I were a hacker I would brag on what I did in the hacking community. I didn't catch any of that.
Second, I would loot as many accounts as possible. And since I'm a knowledgeable hacker I would inform my friends (there are very few hackers who operate completely alone) so they also can make some profit.
This would result in a far greater number of hacked accounts than we are aware of now.
The only reason why this didn't happen on that scale was when the known hacks were a test-run. But I doubt that, it's easier to do that with 'safe' accounts, like a primary and secondary or a friend's account.
I really doubt that this is a server side related issue, all signs point the other way so far.
|
|
|
Mar 25, 2009, 02:38 PM // 14:38
|
#44
|
Academy Page
Join Date: May 2006
Guild: The Best Guild In The Game [Best]
Profession: N/
|
Quote:
Originally Posted by Coney
This sounds dubious. I mean, if all these people had visited some site or installed some app, then this should have been IMMEDIATELY communicated to the player base, so that they avoided them. I can understand keeping a hush on it for a few days after the initial incident, but to drag it out for over a month without saying why, sounds unreasonable.
The only thing I can think of to explain these covert activities, is that something happened on their server-side end. In fact, using so many resources in an effort to actually recover and return stolen electrons seems to support this premise (and violate established precedence).
As to a rollback, it seem to me that any 'modern' backup database stores stuff as files, and certain files (e.g. account data) can be loaded over the current files. Perhaps they have a piss-poor implementation that doesn't allow this to occur while the servers are 'live', whatever that means/entails. However, it seems a choice could be made if such a 'simple' backup system existed:
1. Sacrifice past month's account activity and revert to stored account
2. Do nothing (e.g. forget about losses and save month's 'achievements')
And finally, as to item tracking, they'd need some kind of unique 24/32 bit key for each item, and something else similar for 'stacks'. As they only use 8 bits for stack item count, I doubt they have the space for such additional item info. As to text logs for player activity/trade that they 'apparently' maintain, scripts would need to be written to parse them in certain ways (e.g. for some date, for some player/item, find line -> feedback loop to follow trade further). Perhaps it's actually databased (doubtful, prolly rolling text log) - code still needed to query...
|
i have no 3rd party programs running related to guildwars, visit no gold buying sites, never sold items online etc etc. after my account was "hacked" both norton and avg detected 0 viruses/keyloggers etc.
They wont roll back the servers, they are just going to give the items back that they were able to track. Yesterday i was the first to recieve the items that were stolen, and im assuming anyone else she talked to will soon be getting a similar email =]
|
|
|
Mar 25, 2009, 04:19 PM // 16:19
|
#45
|
Krytan Explorer
Join Date: Apr 2006
Location: On a boat!
Guild: Homeless.
Profession: Mo/
|
If they really did go through the trouble of retrieving items and giving them back to their owners, I hope that's their way of saying that the security problem was on their side. It's a little scary to think that they would be willing to go through that much trouble for people that buy gold and/or download software from shady websites.
For the past 4 years, we have been told that nothing could be done if our items were lost, so this sudden change of tune is a bit weird. Knowing why the most recent incident is being handled differently would be nice.
|
|
|
Mar 25, 2009, 05:20 PM // 17:20
|
#46
|
Desert Nomad
Join Date: Apr 2006
Profession: W/
|
Quote:
Is that the fault of the victim or PlayNC/ArenaNet?
|
Since it's a hypothetical situation with no evidence to actual peruse, who knows? Did the hypothetical attacker break into the PlayNC site, or did they just brute force a weak password. The former would be a breach against PlayNC, and thus their responsibility. The latter is the player's problem as it's their responsibility to use strong passwords.
Quote:
Now if they can tell that someone from Germany accessed my account, Im sure they can see trades that person made.
|
Those are two entirely different things. A person will generally only use a very small number of different IP addresses to access Guild Wars, even over periods of years, unless they move or switch ISPs. Even then, most of the IPs will all be on the same subnet even if they're different. Spotting one wildly different IP address all of a sudden is not difficult, especially since an IP address is an inherent part of any bilateral communication on the internet involving any software or hardware it touches, making it easy to record. Trades, on the other hand, could easily number into the thousands. Recording and then combing through them for each person who has a problem would be much more time-intensive and difficult, and would also require an explicit effort by the company to devise a system for doing just that. Not a good way to spend resources, in my opinon, since the majority of stolen goods are not ANET's fault.
|
|
|
Mar 25, 2009, 06:39 PM // 18:39
|
#47
|
Grotto Attendant
Join Date: May 2005
Location: The Netherlands
Guild: Limburgse Jagers [LJ]
Profession: R/
|
Quote:
Originally Posted by Deviant Angel
If they really did go through the trouble of retrieving items and giving them back to their owners, I hope that's their way of saying that the security problem was on their side. It's a little scary to think that they would be willing to go through that much trouble for people that buy gold and/or download software from shady websites.
For the past 4 years, we have been told that nothing could be done if our items were lost, so this sudden change of tune is a bit weird. Knowing why the most recent incident is being handled differently would be nice.
|
Hear, hear!
|
|
|
Mar 25, 2009, 08:24 PM // 20:24
|
#48
|
ArenaNet
Join Date: Apr 2008
Profession: Me/
|
The reason this incident has been handled differently is because we would like to provide our customers with better service. If we are able to retrieve stolen items, which again I stress is usually impossible, then we would like to be able to retrieve them and return them.
We extensively investigated this incident, tracked down, and closed the accounts that were involved in this. I have been given clearance to let you know that it appears that this hacker logged into the compromised accounts by using account credentials that he or she had already stolen from somewhere else. Our advice to Guild Wars players is to use a unique password for Guild Wars that has no relation to passwords that you use on other sites.
__________________
Regina Buenaobra
Community Manager
ArenaNet, Inc.
Last edited by Regina Buenaobra; Mar 25, 2009 at 08:25 PM // 20:25..
Reason: Spelling error
|
|
|
Mar 26, 2009, 01:08 AM // 01:08
|
#50
|
Older Than God (1)
Join Date: Aug 2006
Guild: Clan Dethryche [dth]
|
Regina just stated in another thread that it appears that the hacker got into these accounts by hacking a different database, retrieving account names and passwords, and using them. She did not state which database.
Long story short: if the password for your GW account uses the same password as the corresponding e-mail account, or if you use the same e-mail account and password for any internet site, forum, or what have you: go change your GW password right now.
|
|
|
Mar 26, 2009, 01:19 AM // 01:19
|
#51
|
Hall Hero
Join Date: Aug 2005
Profession: E/
|
Hackers are always present. Some tips...
a) don't use your guild wars e-mail to register an account in a Guild Wars fansite/guild site.
b) have a good password, http://www.whatsmypass.com/?p=415 instead of one of these
|
|
|
Mar 26, 2009, 01:22 AM // 01:22
|
#52
|
Forge Runner
Join Date: Feb 2007
Location: Las Vegas
Guild: Enraged Whiny Carebears [oR]
Profession: W/E
|
Hackers are never a threat in the first place, if you're smart.
|
|
|
Mar 26, 2009, 01:26 AM // 01:26
|
#53
|
Frost Gate Guardian
Join Date: Apr 2008
Location: England
Profession: A/
|
Quote:
Originally Posted by Gift3d
Hackers are never a threat in the first place, if you're smart.
|
Well, if they have comprimised a database containing Usernames and Passwords then being hacked wouldn't entirely be the persons fault.
Personally, none of my passwords are the same and I use different emails for everything just to make sure things are safe.
Although at the moment, if someone hacked the email my GW Account is linked with, I'd be very suprised, considering it doesn't seem to exist anymore =/.
|
|
|
Mar 26, 2009, 01:51 AM // 01:51
|
#54
|
Forge Runner
Join Date: Mar 2006
Location: Mableton, Georgia
Guild: Guild Ancestors Reunited [ギルド]
|
do what i do-- use a completely random and non-associated email as your GW log-in and never use that email outside of GW. simple.
|
|
|
Mar 26, 2009, 06:57 AM // 06:57
|
#55
|
Desert Nomad
Join Date: Jul 2005
Guild: Glob of Ectospasm [GoE]
|
Quote:
Originally Posted by Ctb
Since it's a hypothetical situation with no evidence to actual peruse, who knows? Did the hypothetical attacker break into the PlayNC site, or did they just brute force a weak password. The former would be a breach against PlayNC, and thus their responsibility. The latter is the player's problem as it's their responsibility to use strong passwords.
|
Not that hypothetical as it happened as written to me last year.
|
|
|
Mar 26, 2009, 07:14 AM // 07:14
|
#56
|
Academy Page
|
In regards to getting stuff back to hacked players the way we helped was as a guild pretty much gave anything we could to the few affected players and while a toon or two was deleted the majority of stuff was replaced by guild generosity.
I know how paranoid some of the people in my guild are about passwords and the fact that they got hacked has left me wondering just hoe it could have happened. Must be related to a keylogger being sent to the same email address used to log into GW.
Anyway guild generosity ftw!
|
|
|
Mar 26, 2009, 01:39 PM // 13:39
|
#57
|
Desert Nomad
Join Date: Nov 2005
Profession: N/
|
There is another possibility, there is a really good looking website that is guildwar.com. It looks real but isn't.
|
|
|
Mar 26, 2009, 04:04 PM // 16:04
|
#58
|
Wilds Pathfinder
Join Date: Aug 2007
Location: ★☆٭Ńēŵ~ŶờЯК٭☆★
Guild: The Benecia Renovatio [RenO]
Profession: Mo/Me
|
~fake~fake~fake~
Hey guy and gals, just cleaning up the rumors started in this thread. A GuildWars GM can't spawn items or create new ones... ever. There is one exception however, using a Master GM account (one of Izzy's account is one) the GM can use a command similar to /bonus to recieve an item that was coded to be released to that GM (However they may only use this command once, hence they cant spawn 500 Vizu's, only 1. Like Kuunavang.). When Gaile was given her Frog mini's, Izzy was given them, and he then traded Gaile the mini's.
So, basically to summon it up, their is no way to give back items unless their going to find what was deleted and give everyone who lost their stuff a special /bonus like code. Hence they people who are scammed cant get back their items and so forth.
Hope that cleared it up, thanks
|
|
|
Mar 26, 2009, 04:05 PM // 16:05
|
#59
|
Site Contributor
|
Markaedw, guildwars.com and guildwar.com are both ArenaNet. It's a legit guildwars.com website. Just strange the way they went about it.
|
|
|
Mar 26, 2009, 07:34 PM // 19:34
|
#60
|
ArenaNet
Join Date: Apr 2008
Profession: Me/
|
Quote:
Originally Posted by HawkofStorms
Hackers are always present. Some tips...
a) don't use your guild wars e-mail to register an account in a Guild Wars fansite/guild site.
b) have a good password, http://www.whatsmypass.com/?p=415 instead of one of these
|
I would like to emphasize what HawkofStorms has said here. Please don't use your Guild Wars game account information on other websites. It leaves your game account vulnerable to thieves, like what happened in this recent incident.
__________________
Regina Buenaobra
Community Manager
ArenaNet, Inc.
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 01:30 AM // 01:30.
|