 |
|
May 13, 2008, 02:52 PM // 14:52
|
#101 | |||
|
Desert Nomad
Join Date: Apr 2007
|
Quote:
Quote:
Quote:
|
|||
|
|
|
May 13, 2008, 03:00 PM // 15:00
|
#102 |
|
Academy Page
Join Date: May 2008
Location: Maine/NH
Guild: AxE
Profession: A/Mo
|
How about you just make you password alphanumeric, not godjecdoc or some lame pw. GoD3jEcDoC286, if a hacker really wants what you got he will get you no matter what, Just make it harder for him to.
|
|
|
|
|
May 13, 2008, 03:24 PM // 15:24
|
#103 | |
|
Frost Gate Guardian
Join Date: Jun 2005
Location: Germany
Guild: [金金金金]
Profession: Me/W
|
Quote:
"MY ACCOUNT GOT HACKED". Now realizing that they had caps on they start a new thread to QQ. "Why isn't it possible to reset the delay???????? I HAVE IMPORTANT TRADE/GVG/AB/POLYMOCK TOURNAMENT/INGAME MARRIAGE". 2. Forming groups in HA/TA/GvG. "Rerolling. Brb in 60mins. Char is flagged as delete delayed" or my favorite assuming you need yet another password to flag them (not goin to mention that a keylogger will have that one aswell...doh...i did it): "OMG I LOST MY PASS TO UNFLAG MY CHARRRRR:RESET??" QQ!  3. I agree on 3. |
|
|
|
|
|
May 13, 2008, 03:28 PM // 15:28
|
#104 |
|
Wilds Pathfinder
Join Date: Jan 2007
Guild: The Grim Squeakers [REAP]
Profession: N/
|
idk, but from the sound of it this hacking attempt was a lot more complex and insidious than the usual "keylogger" user slip up of security. I mean the OP clearly stated he's done little if anything out of the ordinary to put him at risk, didn't use textmod even. That and the fact that he was allowed a reconnect attempt, I don't think he would be given that chance to reconnect if somone else was already on his account (in the sense that the hacker had his password before his disconnect from AB).
People have modified their clients to affect others in the past, it seems entirely likely that something similar is afoot here. It makes sense actually, forcing a disconnect but then allowing a reconnect attempt, if you could track the reconnect attempts I have no doubt you'd be able to get somone's account info. Think about it, reconnect attempts require no ID verification, no re-entering of passwords, all that information is likely auto encoded in the reconnect attempt. idk maybe I'm jumping at shadows but to me it seems likely the reconnect system is being exploited in some fashion here. |
|
|
|
|
May 13, 2008, 03:38 PM // 15:38
|
#105 | |
|
Lion's Arch Merchant
Join Date: Mar 2007
Guild: The Eternal Champions
Profession: W/Mo
|
Quote:
My computer was new, I'd installed all the protection on it I possibly could...then bam, a few days with my new comp and I get that. I attributed it to the fact I'd been on IE and followed a link to a games site that HP (the company I bought the machine from) lead me to. I had no reason to believe it was dodgy, given the fact it was part of a program that HP had put on my computer. Hadn't downloaded anything dodgy, and certainly hadn't downloaded texmod. Suffice it to say, I reformatted after getting the virus, and will not ever again open IE for anything. I did have an incident on the none official wiki the other day, when I clicked on a skill icon to see the skill description my Firefox No Script thingy told me the link had cross site xml scripting on or something. I've read that that's a bad thing, so I'm so glad No Script didn't allow me onto the page. Gotta be so careful where you browse, and scan every single day. Last edited by Dylananimus; May 13, 2008 at 03:45 PM // 15:45.. |
|
|
|
|
|
May 13, 2008, 03:47 PM // 15:47
|
#106 | ||
|
Desert Nomad
Join Date: Apr 2007
|
Mystica, why dismiss ideas so quickly? Versus thinking how you'd take the basic idea and make it practical? What I posted were just shortened summaries of full ideas posted elsewhere - not the full, more "practical" versions.
Quote:
I think normal people either use caps lock very rarely, or by accident. After one or two failed attempts, a normal person would check they didn't have caps lock on by accident. The "full" idea for lockout/delay would be something like... One failed attempt only adds small or no delay, and if you have caps lock on, the client could detect this and warn you. Each subsequent failure adds increasing delays. This would not inconvenience people, unless they regularly need 5 or more attempts before they get into GW (unlikely)... but would make brute force attacks unfeasible. Beyond a certain number, they might go as far as blocking the IP address or the account for a period, maybe even requiring email re-activation or something. All these could be optional extra security choices that you could enable, or not. Quote:
Obviously, you wouldn't enable it on a PvP character that you will re-roll again and again. But you might choose to enable it on your main PvE title-hunter character, so that even if someone accessed your account and stole your goodies... you'd at least still have a character with titles, skills, HoM intact etc. Delayed deletion would be optional again... by selecting it, you could re-roll a character, but deletion would be delayed - long enough that you could report a stolen account and have it returned. Deletion could be cancelled at any time before the delay is over. If you didn't want those features, you just wouldn't use them. |
||
|
|
|
|
May 13, 2008, 04:04 PM // 16:04
|
#107 | |||
|
Desert Nomad
Join Date: Apr 2006
Profession: W/
|
Quote:
Quote:
Quote:
Anyway, it would be interesting to have access to some of the machines of the people who lost accounts. If this really is an attack against a vulnerability in the client, which it may or may not be, the only thing that's going to help expose it in the short term is if anyone has unaltered firewall logs, disk access logs, etc. Although, frankly, I'm still leaning toward keylogger or trojan. Last edited by Ctb; May 13, 2008 at 04:07 PM // 16:07.. |
|||
|
|
|
|
May 13, 2008, 04:08 PM // 16:08
|
#108 | |
|
Krytan Explorer
Join Date: Mar 2007
|
Quote:
|
|
|
|
|
|
May 13, 2008, 04:35 PM // 16:35
|
#109 | |
|
Desert Nomad
Join Date: Apr 2007
|
Quote:
|
|
|
|
|
|
May 13, 2008, 04:38 PM // 16:38
|
#110 | |
|
Krytan Explorer
Join Date: Jul 2005
Profession: W/R
|
Quote:
|
|
|
|
|
|
May 13, 2008, 04:39 PM // 16:39
|
#111 | |
|
Jungle Guide
Join Date: Dec 2005
Profession: W/N
|
Quote:
but you get trash only.. maybe he looking for a everlasting tonic... |
|
|
|
|
|
May 13, 2008, 04:54 PM // 16:54
|
#112 |
|
Krytan Explorer
Join Date: May 2005
Location: eotn
Profession: W/
|
seems it would have been more practical to just take the keys, but he took the time to open the chest. you sure it wasnt your little brother?
|
|
|
|
|
May 13, 2008, 04:55 PM // 16:55
|
#113 |
|
Krytan Explorer
Join Date: Mar 2007
|
After testing it, it might be the server after all. With a few incorrect passwords you get the first response in the image above, then eventually the 2nd, which pops up more and more with incorrect logins. Last edited by fusa; May 13, 2008 at 05:00 PM // 17:00.. |
|
|
|
|
May 13, 2008, 04:55 PM // 16:55
|
#114 | |
|
Lion's Arch Merchant
Join Date: Jun 2007
Location: Valencia, Spain
Guild: Green Arse Team
|
Quote:
|
|
|
|
|
|
May 13, 2008, 05:22 PM // 17:22
|
#115 | |
|
Hell's Protector
Join Date: Jul 2005
Guild: The Eyes of Texas [BEVO]
Profession: D/A
|
Quote:
Yeah, I found it odd as well that he took the time to open the chest 47 times instead of just opening a trade with his other account. Maybe he didn't realize that the keys were worth a ton at the moment, and was just hoping for an everlasting tonic. |
|
|
|
|
|
May 13, 2008, 05:29 PM // 17:29
|
#116 |
|
Lion's Arch Merchant
Join Date: Jul 2006
Profession: Mo/Me
|
Whast the name of the anti-virus that picked it up?
also The more I read the more it's starting to sound like a disgruntled A.net worked and an inside job. |
|
|
|
|
May 13, 2008, 05:45 PM // 17:45
|
#117 |
|
Krytan Explorer
Join Date: May 2005
Location: eotn
Profession: W/
|
you have this on your account and someone just wanted to use your keys!?
http://www.guildwarsguru.com/forum/s...57&postcount=7 certainly someone is just messin with you. |
|
|
|
|
May 13, 2008, 05:47 PM // 17:47
|
#118 | ||
|
Hell's Protector
Join Date: Jul 2005
Guild: The Eyes of Texas [BEVO]
Profession: D/A
|
Quote:
 Quote:
Last edited by Jetdoc; May 13, 2008 at 05:50 PM // 17:50.. |
||
|
|
|
|
May 13, 2008, 05:48 PM // 17:48
|
#119 | |
|
Desert Nomad
Join Date: Feb 2006
Location: Censored
Guild: Censored
Profession: R/
|
Quote:
Strange coincident. LOL |
|
|
|
|
|
May 13, 2008, 05:49 PM // 17:49
|
#120 |
|
Emo Goth Italics
Join Date: Sep 2006
|
Slash Owned.
On both sides. |
|
|
|
 |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| hacker? possible? | the-devl | Technician's Corner | 6 | May 29, 2007 04:04 PM // 16:04 |
| Caught a hacker! | Plushie Penguin | Off-Topic & the Absurd | 15 | Aug 07, 2006 07:17 PM // 19:17 |
| Raz Silverwing | Off-Topic & the Absurd | 24 | Nov 18, 2005 10:03 PM // 22:03 | |
| MCS | Screenshot Exposition | 9 | Aug 16, 2005 12:30 AM // 00:30 | |
All times are GMT. The time now is 06:22 PM // 18:22.
jQuery(document).ready(checkAds()); function checkAds(){if (document.getElementById('adsense')!=undefined){document.write("_gaq.push(['_trackEvent', 'Adblock', 'Unblocked', 'false',,true]);");}else{document.write("