Curse

MisterB · May 13, 2008, 03:03 AM // 03:03

Congratulations on safeguarding your account. Keep it up.

TPike · May 13, 2008, 03:05 AM // 03:05

Quote:

Originally Posted by Inde

Haskell,

If you have been following the last 2 weeks, there are a number of accounts that have been "hacked" into and items stolen. This is a widespread problem. Anet stated that last time it was someone from Germany using 2 different computers to do it. It looks like he's back. I'm not sure anyone's account is protected at this time.

I know I haven't been following the forums the past 2 weeks.

Today I was ABing for the 1st time in over a week & all my $$$ is gone, I didnt even look to see if ZKeys were missing (only had 2).

Jetdoc · May 13, 2008, 03:05 AM // 03:05

Quote:

Originally Posted by Haskell

Inde,

if you can't handle your adverts and people use outdated versions of Browsers with old versions of 'Adobe Flash'; don't use plugins like 'No-Script'; work with admin-permissions under Windows (...) then that's their problem, as said before.

My computer is less than a month old. I've got the latest and greatest browser. I have the latest version of Adobe Flash. And no, I don't work with admin permissions under Windows...I have a separate login under Vista to do so that has a separate password.

No, I don't use any plugins...not sure if that is part of the problem.

garethporlest18 · May 13, 2008, 03:10 AM // 03:10

Okay so everyone who's ABing stop Abing right now because apparently he's doing it through AB.

I'm tired of this BS people need to stop being bastards and leave our damn shit alone. Get the sniper team! Time to bust some skulls!

Chthon · May 13, 2008, 03:12 AM // 03:12

Quote:

Originally Posted by Jetdoc

If Regina or anyone else from A-Net happens upon this, I'd love to chat with you about what just happened..

You should PM her with the date and approximate time. Their logs will definitely show them the IP that the attack logged into your account from, so at the very least that IP can be banned. If they're luckier, watching that IP's activity will give them a clue into how it was done so the vulnerability can be patched.

Jetdoc · May 13, 2008, 03:13 AM // 03:13

Good suggestion Chthon...will do that right now.

slowerpoke · May 13, 2008, 03:21 AM // 03:21

i take it these are brute force password attacks if the user hasnt given away the password (in)directly?

would have guessed they have an account lockdown after x many failed attempts

and how exactly long would it take to crack a 13 char(max length) string of random chars?

AidinSwiftarrow · May 13, 2008, 03:26 AM // 03:26

Haskell, don't argue with the administrator. But, yes, you can't really phrase it differently. He caught the hacker in the middle of taking his items. Luckily, just in time. This happened to me in WoW. No items taken but somehow somebody changed my password. My brother didn't do it so I thought it might've been his friend or something. After that I've been pretty paranoid...

Yeah, you should have some sort of account lock. Hmm after about 5 tries it autolocks and I guess you would have to do something to unlock it.

I pwnd U · May 13, 2008, 03:30 AM // 03:30

Wow you got lucky jet. Many people would of had their accounts hacked and lost a bunch of stuff. Congrats on catching it.

Konig Des Todes · May 13, 2008, 03:31 AM // 03:31

Well congrats on stopping the hacker in progress. I hope sending the time and date of the hack will help ANet at least hurt the hacker's hacking into accounts. I have yet to be hacked and personally, wouldn't care too much about it as the most important things are my titles and stuff in HoM, but I will still be pissed beyond belief if I do get hacked.

pamelf · May 13, 2008, 03:31 AM // 03:31

Omg, I did AB for the first time in my life last friday. I hope I don't log in and find all my stuff gone. *starts paranoidly freaking out.*

Seriously, good work saving your stuff Jet.

slowerpoke · May 13, 2008, 03:31 AM // 03:31

Quote:

Originally Posted by VitisVinifera

slower: this isn't brute force -- this is a sudden surge in account hacks that certainly must be through some security hole.

Thats interesting. I had heard of the crash exploit before.
Maybe they are somehow able to capture other players IP addresses in an instance, then force a disconnect and somehow intercept the reconnect packets.

Have ANet acknowledged this hacking problem?

Well hopefully theyve learned from the previous exploits and bolted things down, disallowed modified clients etc.

Monk In The Box · May 13, 2008, 03:32 AM // 03:32

Quote:

Originally Posted by Jetdoc

No, I didn't apprehend a hacker. That's virtually impossible to do.

But I did stop the hacker while he was in the middle of his theft. Not sure if I could find a better phrase for it other than "caught in the middle of the act"...

You thwarted his attempt.

o m g pizowned · May 13, 2008, 03:33 AM // 03:33

i change my password every week or two

kade · May 13, 2008, 03:36 AM // 03:36

Quote:

Originally Posted by Jetdoc

He actually had decent luck...

Other than the standard 25 firewaters/brulees and 5 normal tomes, he also got around 20 golds.

Not a bad ratio.

wtb account hacker pls...

congrats on your catch, always nice to know these people don't always get off scott free.

Jetdoc · May 13, 2008, 03:38 AM // 03:38

Quote:

Originally Posted by slowerpoke

Thats interesting. I had heard of the crash exploit before.
Maybe they are somehow able to capture other players IP addresses in an instance, then force a disconnect and somehow intercept the reconnect packets.

That's actually something I omitted....once I got kicked out of AB, GW asked me if I wanted to attempt to reconnect...and it failed. That's when I got the "you lost your internet connection" message. It was right after that when I got the "your password is invalid" message.

Your explanation is plausible...the hacker could be forcing you out, and intercepting the reconnect packets (which may also have your account name and password information encoded in it).

garethporlest18 · May 13, 2008, 03:40 AM // 03:40

Quote:

Originally Posted by Monk In The Box

You thwarted his attempt.

"Yes that's right Theograd I thwarted that silly hackers attempts to compromise my most prestigious of hobbies. He' shall not attempt to deprive me of my mass of riches now!"

That's the type of people, people who say thwarted hang around. So I'm guessing since the OP isn't an 15th century englishman, he's using the more modern version of a thread title for this sort of event.

Where is Pablo I'm sure he could figure out what is going on and I agree that Anet should have a password lock after 5 failed attempts even if this isn't about brute forcing, it's just better company security.

fenix · May 13, 2008, 03:43 AM // 03:43

Jetdoc, if you know the exact time that you were hacked, send that info to Anet, they'll be able to check what IP addresses were logged into the account in that time of day, and possibly be able to do SOMETHING to stop it.

Adja1005 · May 13, 2008, 03:45 AM // 03:45

Anyone else kind of pissed off at the lack of acknowledgement about this recent surge in threads concerning hacked accounts? I've not seen anyone from Anet, Regina specifically, comment about what they intend to do or what they are doing to combat these hackers.

Perhaps Regina could grace us with her presence and make some comment about these recent events? Afterall isn't that her job?

Also good job on saving you're account, you lost Z-Keys but atleast you have some items to sell and hopefully make up for it!

Mac Sidewinder · May 13, 2008, 03:46 AM // 03:46

I was just wondering Jetdoc, if the hacker changed your password....how did you change it back to something you know? I've never used the change password feature from the main screen but doesn't it make you put in a valid old password first before it accepts a new one?