Toon Hacking/Account Stealing/Keylogging Consolidated Thread

[Petgroup]

Quote:

Originally Posted by axuis

my point is even if you are hacked for what ever reason weather you belive people being hacked or not and how they are being hacked why isnt there more security around the secret questions for your passwords how these people getting this info

This makes 0 sense. Of the situations I posted, only buying plat would rule out password exchange.

Powerleveling: they get access to your account.
Buying an account: they get access to your account.
Keylogger: they get access to anything they want that you do.
Giving info to someone you thought you could trust: gives them access to your account and I assume you know them and they know you so your secret question answer is not that "secure" under these conditions.

If my secret question was "Where did you grow up?" half of Second Dawn at the time probably could answer that. And if you spent 20 minutes reading through my posts here, I'm sure you could come to a conclusion also. I'll save you the time. Yankees Suck

[Oswaldor]

Quote:

Originally Posted by axuis

Not a single player thats been hacked has provided one shred of fucking evidence that would involve a virus/keylogger or fucking anything that would compromise the security on there computers

this is what i was on about from your post

now im guessing that most people wont know what a key logging virus looks like or what program it runs under

and im assuming that soe is just covering every option out there by saying its a key logger it could be any thing really from a key logger to a website to a 3rd party progam that some1 has installed

my point is even if you are hacked for what ever reason weather you belive people being hacked or not and how they are being hacked why isnt there more security around the secret questions for your passwords how these people getting this info

You need to read up on the links in this thread. The notion of keyloggers is not something that has been grabbed from thin air.

It started with McAfee (and some individuals) reporting massive activity in SQL injection attempts, which injects the <iframe> script / HTML into various forums/wiki/blogs etc... The "<iframe> script/HTML" supposedly uses old vulnerabilities in various programs, among them IE, QuickTime and some other junk, to download and install a keylogging program from a Chinese based server (though it is probably just a hacked storage place - it does not suggest Chinese criminels).

This program targets MMOs as claimed by various security companies - the how is still unanswered - AFAIK - and this is were we need information from those affected.

This coincides with a steep increase in people reporting hacked accounts without any obvious reason - giving away account information etc..
I have only seen you reporting people getting their password reset, you should get those friends online here to provide us with some information.

Quote:

as i said do they brute force it ? if so why no red flag a soe end and software to stop it

Brute force what?

Quote:

why is it when soe asks you the questions you have to give 5 answers to various questions when mr hacker only had to ask 1 = your secret answer

Ask SOE.

Quote:

im saying i think thers more to this than what people are writting ie passwords given out etc lot of blames at soe end if people can not only crack your password but secret questions as well is it really that hard to set up software that times users out after 5 attempts or something

And you know that it doesn't work like this? Can you confirm your claims that SOE does not infact lock your account if you fail to provide the proper answers?

Besides if the fault is at SOEs end, then I can assure you that their system would have been brought down for 'scheduled maintenance'. Especially now that they store credit card information.

Quote:

banks have a 3 strike your out rule you forget your pin you got 3 attempts if not your cards swallowed and you have to contact the bank etc why not this for soe?

Because this is an online game, not a bank*.
More security means more inconvenience for many people. If SOE implemented something like this they would have to hire many more support people and this is dead water resources - they don't generate income.
Security is always a trade-off and the stakes here are simply not that high - it sucks for the individual who gets hacked, but afaik they are able to get their accounts back and their characters rolled back, so besides the frustration nothing is really lost.
Coupled with the suspiscion that the reason they get hacked is because of SUB (stupid user behaviour - not patching), it is really hard to financially throw cash in the way of making the system more secure.
The password / username is good enough security for something like online games. SOE and the other game manufacturers need to secure their actual software, as previously discussed, instead of putting the security burden on the user (as they will never freaking learn - proven by history).


* Also quite a few banks implements similar simple password/username security for online banking.

[axuis]

well theres more secuirty on online porn sites than eq2

and i think if they can get as far as cracking your secret question then look out your credit card could be next yes it only shows last 4 digits but who knows maybe thats anoth

i think its a shame that this happens yes inconviance and all that maybe but still its frustarting for a user afet all you are buying into a product you expect some protection i do belive on news only last week i caught a glimp of loads of companys got hacked and sony was one of them

and no i havent got proff etc or screen shots or video evidence or area 51 security codes to ask them either was just a news program i glimpsed at

just woundering what security they have at soe as every 1 seems to be blaming the user alot ie passwords are handed out willy nilly and 3rd programs are being run

[Illuminator]

How many people worried about keyloggers are running Windows as an administrator account?

[axuis]

ok whats the point in any one saying they been hacked on this post as soe have not got anything to do with this site any more ? this post i would assume was put up because people were getting hacked when not given out any information

i have said it loads of times that there are various ways of getting hacked to keep telling people not to buy account give out your info etc is pretty obvious you dont do i would be very surprised if any ones posting here thats done any of these things

Powerleveling: they get access to your account.
Buying an account: they get access to your account.
Keylogger: they get access to anything they want that you do.
Giving info to someone you thought you could trust: gives them access to your account and I assume you know them and they know you so your secret question answer is not that "secure" under these conditions.

if they have then they are tards they desevere to get hacked

the point i would of thought was how is this happening if the above not been done

it seems very easy that peoples accounts are being hacked by some 1 or company it would be nice to have some constructive ways to prevent this rather than assume people are buying accounts handing out there info to every tell they get posting there info on there website and buying gold and getting some1 to power level 4 u

i know on my pc which just a home entertainment thing we got fire walls anti virus etc so 4th running but still it picks up threats twice a week weather thats a eq2 threat or something else who knows but sooner or later i can see something slipping through my net any one got any real good advice what anti virus etc to run fire walls etc

i use nod 32 and comdo fire wall if any better please post be helpfull ta

[Niber]

Anyone know if there's a email provider pattern? For instance, if all the compromised accounts used gmail, hotmail, or comcast? If that was the case then perhaps it's an isolated mail server that has been hijacked.

[Petgroup]

Quote:

Originally Posted by Niber

Anyone know if there's a email provider pattern? For instance, if all the compromised accounts used gmail, hotmail, or comcast? If that was the case then perhaps it's an isolated mail server that has been hijacked.

You are wasting your time trying to help just like I am. These chuckle heads perform post and run hijack threads and drift off into the night. Then mysteriously, low post number players bother to chime in with there uncles brother that did stand up for Jerry Seinfeld's cousin got jacked using horrible broken English and shitty grammar skills.

Theres my pattern.

[Karmalina]

Just a little anecdotal evidence.

It would seem that a keylogger is the most likely culprit. Our guild member who had his account hijacked (while he was out of town for 3 weeks) had his count reinstated yesterday. Today while many of us were logged on eq2/ventrilo he got booted out of game. A few minutes later his account was logged in again but he was unable to login and his password had been changed yet again.

Our guildmate is definately not technically savvy, but we are doing our best to help him to resecure his computer and hopefully get some more solid evidence of exactly what has compromised his system.

And just to clarify, no he has not bought plat/power levelling services (hell he is a brokeass mofo and I don't know why they would bother with his account again!).

If we are able to walk him through collecting some information via screenshots I will post them here.

For anybody that hasn't yet done a complete and thorough virus/spyware scan with reputable software, be sure to do so, and after verifying your system is clean it wouldn't be unwise to change any and all passwords you use online.

**Edited to add: Whomever the culprit they also changed the email address which corresponds to his user account, making it impossible to regain control of his account without SOE intervention.

[Grum Brug]

Quote:

Originally Posted by Oswaldor

You need to read up on the links in this thread. The notion of keyloggers is not something that has been grabbed from thin air.

It started with McAfee (and some individuals) reporting massive activity in SQL injection attempts, which injects the <iframe> script / HTML into various forums/wiki/blogs etc... The &quot;<iframe> script/HTML&quot; supposedly uses old vulnerabilities in various programs, among them IE, QuickTime and some other junk, to download and install a keylogging program from a Chinese based server (though it is probably just a hacked storage place - it does not suggest Chinese criminels).

This program targets MMOs as claimed by various security companies - the how is still unanswered - AFAIK - and this is were we need information from those affected.

This coincides with a steep increase in people reporting hacked accounts without any obvious reason - giving away account information etc..
I have only seen you reporting people getting their password reset, you should get those friends online here to provide us with some information.

Brute force what?

Ask SOE.

And you know that it doesn't work like this? Can you confirm your claims that SOE does not infact lock your account if you fail to provide the proper answers?

Besides if the fault is at SOEs end, then I can assure you that their system would have been brought down for 'scheduled maintenance'. Especially now that they store credit card information.

Because this is an online game, not a bank*.
More security means more inconvenience for many people. If SOE implemented something like this they would have to hire many more support people and this is dead water resources - they don't generate income.
Security is always a trade-off and the stakes here are simply not that high - it sucks for the individual who gets hacked, but afaik they are able to get their accounts back and their characters rolled back, so besides the frustration nothing is really lost.
Coupled with the suspiscion that the reason they get hacked is because of SUB (stupid user behaviour - not patching), it is really hard to financially throw cash in the way of making the system more secure.
The password / username is good enough security for something like online games. SOE and the other game manufacturers need to secure their actual software, as previously discussed, instead of putting the security burden on the user (as they will never freaking learn - proven by history).


* Also quite a few banks implements similar simple password/username security for online banking.

[Perramas]

The people who have had their accounts hacked may be victims to a preinstalled viruse on a new hardrive or other PC related gadget.

China virus found in Seagate drives in Taiwan - report


TAIPEI (Reuters) - U.S. computer hardware maker Seagate Technology said some external disc drives sold in Taiwan had been infected with a virus which reportedly sent users' information to China, but it had since fixed the problem.
The English-language Taipei Times, quoting the Investigation Bureau, reported around 1,800 hard discs, used to store large amounts of information often as a backup device, had been sold with a Trojan horse virus. Investigation Bureau officials said their investigation suggested infection may have occurred when the devices were in the hands of Chinese sub-contractors during the manufacturing process, according to the newspaper.


Some viruses come pre-installed - Yahoo! News

From iPods to navigation systems, some of today's hottest gadgets are landing on store shelves with some unwanted extras from the factory — pre-installed viruses that steal passwords, open doors for hackers and make computers spew spam.