Curse

Pevil Lihatuh · Mar 03, 2006, 06:42 PM // 18:42

Hey guys not been around in a while, but wanted to let you all know this.

Now we've all seen the "omg i've been hacked" threads around here. We all know the 'easy' way to be hacked is downloading what you think are cheats, or giving out your email, silly things like that. But I would just like to make sure you all keep yourselves extra safe. Why? Because it happened to me just now. And no, I'm not expecting any help with it (I was lucky anyway) or anything but I want to be sure that everyone, especially new players, are aware of the dangers.

Ok so first of all, what happened? Well I haven't been on guild wars in maybe 10 days. Today I decided to log in as I needed to send an invite out to a friend for the preview event. So I get on my main account. Wrong password. Ok... I'll try it a few more times, make sure caps lock isn't on, the usual stuff. Still no go. Check my second account (same password, i'll be changing that!). That's fine so I know i'm typing it right. Getting worried. Do a password recovery. Get the new password in 30 seconds or so. Log in and change it to something completely different to the old one.

I find my 3 characters plus a lvl 1, pre-sear warrior with a polish first name. The last name also wasn't Lihatuh so it clearly wasn't my character, which is good in case they were abusive to my guildies/friends! Anyway, getting more and more panicky I note that my chars on the log in screen still have their proper armour on. The polish warrior gets deleted. I check my 3 chars inventories and the stash. Nothing gone. Whew.

Anyway the point of this story is that from the looks of it, it was a "I CAN hack you" rather than an attempted account hijack. Any serious ill-doer would have had the 22plat out of my account, my sup divine favour rune and deleted my chars. But this guy left everything as it was and put in a character as if to say "I was here".

Now I virus scan once a week and ad-aware regularly, along with other spyware scanners. My virus scan is every thursday evening and came up clean last night as usual. I ad-aware'd straight after finding this out and had nothing unusual, just my normal 9 or so tracking cookies that always get deleted. I haven't downloaded anything all week except for a Morrowind patch (official) last night and the new beta for MSN messenger.

So the point of this post; beware. Even if you take every precaution and don't fall for the keyloggers, it can happen. I just hope that by posting this a few people can stay safe with their accounts. I know I'm counting my blessings that my chars are still there, and I also know I'll be changing emails and passwords on both accounts right now.

edit: I'm going to contact support, the idiot in fact filled in the mailing details with an address and name. Now it could, of course, be fake but it WILL be passed onto support. Maybe it was some weird mistake with creating a new account but I doubt that somehow.

~ Star Maiden ~ · Mar 03, 2006, 06:46 PM // 18:46

Thank you for the kind warning/reminder, Pevil.

I'm always very careful with my personal info and my computer but it's good for a returning player like me to make note of things like this.

I'm sorry to hear it happened to you

but I'm glad nothing truly serious happened.

Lasher Dragon · Mar 03, 2006, 06:51 PM // 18:51

Welcome back Pevil, glad to hear that you and your toons are intact. Still have the giant chicken?

Loviatar · Mar 03, 2006, 06:51 PM // 18:51

Quote:

Originally Posted by Pevil Lihatuh

edit: I'm going to contact support, the idiot in fact filled in the mailing details with an address and name. Now it could, of course, be fake but it WILL be passed onto support. Maybe it was some weird mistake with creating a new account but I doubt that somehow.

try running this free scan.

i bought it after it found stuff the others missed including trojans.

http://www.pctools.com/spyware-doctor/

Pevil Lihatuh · Mar 03, 2006, 06:56 PM // 18:56

hehe yeah i still have the giant chicken. Just emailed support so hopefully they can investigate it and if there is a weakness somewhere it will help them to fix it and/or ban the offender.

And thanks for that link Loviator, I'll run that now

jet_striker · Mar 03, 2006, 06:57 PM // 18:57

Same thing happened to me, but they took my ectos and shards, and money for my characters, but for some reason they were too stupid to steal my inventory cash and items, so i survived to fight another day. There are a lot of hackers out there, so change passwords oftern and e-mails too if possible to keep them guessing, they are mostly key loggers.

~ Star Maiden ~ · Mar 03, 2006, 07:01 PM // 19:01

Quote:

Originally Posted by jet_striker

Same thing happened to me, but they took my ectos and shards, and money for my characters, but for some reason they were too stupid to steal my inventory cash and items, so i survived to fight another day. There are a lot of hackers out there, so change passwords oftern and e-mails too if possible to keep them guessing, they are mostly key loggers.

Wow, I'm getting a bit worried now

'Cause if you guys keep scanning for viruses and take care of your computer but still have this problem, I'm scared it might happen to me. Is it a fairly common thing nowadays or is it rare? Seems like you'd have to be actively targeted and hacked if you were following all the precautions and not downloading anything on your own.

Loviatar · Mar 03, 2006, 07:14 PM // 19:14

Quote:

Originally Posted by ~ Star Maiden ~

Wow, I'm getting a bit worried now

'Cause if you guys keep scanning for viruses and take care of your computer but still have this problem, I'm scared it might happen to me. Is it a fairly common thing nowadays or is it rare? Seems like you'd have to be actively targeted and hacked if you were following all the precautions and not downloading anything on your own.

here is a free top rated firewall which is much more secure than the one that comes with win XP

free for personal home use but i upgraded on a sale to the more convenient pro version

http://www.zonelabs.com/store/conten...n&lid=nav_z a

also i use a full 16 alpha/numeric/sym password for security and put it directly into the shortcut command line so i dont have to type it and a keylogger cant see it

EDIT

i also run spyware doctor and adaware before my GW and update my AV daily using the FREE AVG anti virus

Big_Iron · Mar 03, 2006, 07:15 PM // 19:15

This is a great post Pevil. Thanks. It's a good lesson for us all. Just so people know, if someone knows your e-mail address, which is our user ID in GW, they can run something like ophcrack that'll guess your passwords. Choose strong passwords; combinations of caps and lowercase letters with numbers and symbols and at least 8 characters long. It's too easy to crack short passwords with all numbers or letters. People will just plug in their birthdays or their dog's name and think that's good enough. A 1/2 decent cracker can break a password like that in seconds. Fortunately, GW supports strong passwords. My advice is take advantage of this. No password is totally unbreakable, but you can make it harder on them.

**Note: I'm not implying that Pevil is handing out his e-mail address or has a weak password, but a lot of people in GW do. I've seen people giving out their e-mail addresses in the public chat many, many times.

Pevil Lihatuh · Mar 03, 2006, 07:17 PM // 19:17

it just shows they're inventive. Now I don't have the tightest security in the world, I admit. But I have these precautions:

1. Router: only has a few ports open and basically acts as a firewall with its firmware
2. Firewall: on from the moment my pc switches on, only recognised programs get 'allowed' by me, nothing is auto-allowed
3. Virus scan: every week
4. Downloads: I rarely download anything, NEVER music or illegal type stuff, only ever the odd patch or preview video
5. Firefox: ok so it still can get spyware etc but it gets less than IE does

However I do admit my ad-aware scans slip from time to time; until I scanned today my definitions were apparently 42 days out of date :S oops!

Actually my worry is that its basically the same way people used to hack your character on Diablo 2, but they've figured out a way to do it here... but hopefully now that I've emailed Anet it will be able to help them make it even stronger, along with all the other emails they must have had by now lol. Oh and thats the firewall i use, love it, with built in AV protection

Just did that scan Loviator; nothing found though when I enabled On-Guard it said over 2400 Active X controls were immunised! Maybe thats where the problem came in... *shrugs*

edit: and I strongly agree with Woody. The one place my security fails is that i have similar passwords for everything. Now, most of my accounts on the internet are on forums, which aren't really so important. But I've now changed my two guild wars passwords to be far more secure (random ones) and will be changing my EQ2 account as well. Not to mention I'll be changing my contact address from my website so that it doesn't use one that any of my game accounts use.

~ Star Maiden ~ · Mar 03, 2006, 07:19 PM // 19:19

Thanks Loviatar and Woody

I'll make sure to use a complex password when I set up my account later. Even if I have to write/type it down somewhere and keep checking whenever I log-in, I don't mind if it means added security.

I'm sure this isn't a common problem, though, right?

Pevil Lihatuh · Mar 03, 2006, 07:26 PM // 19:26

I shouldn't think so Star, as long as you're careful I wouldn't waste time worrying about it. I've been playing this game since April and it took a long time to happen to me, and its the first time in 7 years of being online that I've had any kind of account hacked

~ Star Maiden ~ · Mar 03, 2006, 07:28 PM // 19:28

Quote:

Originally Posted by Pevil Lihatuh

I shouldn't think so Star, as long as you're careful I wouldn't waste time worrying about it. I've been playing this game since April and it took a long time to happen to me, and its the first time in 7 years of being online that I've had any kind of account hacked

Ok thanks Pevil, that's reassuring.

Thanks again for the advice.

Woutsie · Mar 03, 2006, 07:31 PM // 19:31

But.. How is this possible? :|

Feminist Terrorist · Mar 03, 2006, 07:34 PM // 19:34

I'm glad nothing was stolen Pevil.

=HT=Ingram · Mar 03, 2006, 07:36 PM // 19:36

yea. thats the new thing now. since so many of the accounts have been banned with no hope of return they are resorting to destructive hacking behavior to find ways in. the next thing you will be seeing is hacked instance servers to log GW client into... I already got an e-mail solicitation for this and it was quickly forwared to arenanet for legal action...

~ Star Maiden ~ · Mar 03, 2006, 07:40 PM // 19:40

Quote:

Originally Posted by =HT=Ingram

yea. thats the new thing now. since so many of the accounts have been banned with no hope of return they are resorting to destructive hacking behavior to find ways in. the next thing you will be seeing is hacked instance servers to log GW client into... I already got an e-mail solicitation for this and it was quickly forwared to arenanet for legal action...

Ugh, that's horrible. I really don't want to see GW go down the road of Lineage II, which has tons of pirate servers out there. I think it says something about the quality/respect of a game when there are lots of shady ways to play it besides the official way. And GW is free to begin with. I mean, c'mon, just play fair and enjoy what you're given.

Pevil Lihatuh · Mar 03, 2006, 07:41 PM // 19:41

I've found what it was that saved my account. The email.

The email is, as you all know, what the account is pretty much linked to. Now, in order to change it, they send an email to both the old and hopefully new email addresses. BOTH links in BOTH addresses must be clicked within 7 days to verify the email swap over.

I can't currently change my email for my main account (done it for my second one now) because without me noticing, I deleted the email requesting me to change it, and as such, the other guy can't change my email, therefore he can't fully steal my account as this means I can ALWAYS get my password reset.

Sir Skullcrasher · Mar 03, 2006, 07:42 PM // 19:42

not trying to be paranoid but can the hacking be done while your in-game?

Pevil Lihatuh · Mar 03, 2006, 08:09 PM // 20:09

there have been reports of people being kicked out of their account because the hacker tried to log in while they were logged in. You can do the same back to the hacker though