Toon Hacking/Account Stealing/Keylogging Consolidated Thread

[Petgroup]

Quote:

Originally Posted by nhdjoseywales

Dude honest to god you sound like you work for the fucking geek squad

Im telling you, as independent and enterprise security people have told me, guys with cisco level security certs, guys who do network and desktop security for a living and i dont mean go to peoples houses on service calls, have repeatdly told me and my own experience confirms, the choice of antivirus in the long run doesnt matter, its a managed risk that is going to eventually fail. you just need ot find one with an interface and console you like and stick with that. now you keep going to the nice peoples houses and selling them whatever like your shift manager tells you too and while yer at it go get yer fucking shine box

Eveyone should go out and get Windows Live OneCare, it works but will eventually fail right? Its a piece of shit right outta the fancy container it comes in.

So people at Cisco tell you pick whatever anti-virus you want, sooner or later its gonna fail? So does your real world experience? Both you and them are full of shit. I worked at Cisco, now what?

I go to peoples homes and business' and sell them a solution to there virus/spyware infection, or hard drive crash etc. MYSELF, it's my own fucking business now. I answer to absolutely noone. I stated countless times at my previous job I installed Webroot on 100's of different computers that were infected, 0 repeat calls in 1.5 years from anybody. I had at least 10 warranty calls for new hard drives that failed in less than a year. Hard drives with 5 year warranties.

Those are my numbers. Have your friends at Cisco call my fucking bluff.

[axuis]

pet im sure you got a great working understanding of online problems object of this thread is to try and get to bottom of these hacks weather you use this weboot or norton or what ever it still seems to be happening

just about every anti virus software thats been mentioned here has not picked up a single thing so whats going on?

if every ones and i am assuming no 1s bs here about their accounts being hacked have ran all these programs and nothings been found wheres it comming from

if you got say 10 people that been hacked all 10 ran all these programs and again its a leap of faith what they saying is true (i can only speak for myself to say what i posted is true) and nothing gets picked up on 10 machines using 10 various types of spy ware etc then it must be at soe ends somewhere is it not?

now i can never see soe saying sorry guys we been hacked all your accounts are up for grabs as it lose so much money for them and eq2 and prob all there on line games would stop as every one would pull out of it

now after allt hat is there any thing else that no ones looked at like a ventrilo program or guild portal or something that could contain this stuff im just trying to cover all the aspects of this so i can be asured for my own peace of mind this never happen again and i at least have covered all option i know off

thanks

[Vindruil]

Well I was told mcafee was the one's who found the keylogger crap going on so I switched from Trend Micro to Mcafee for now. Still haven't had any problems whatsoever, but it could be do to the fact that I don't ever type my account name in when I log on. So if I did have a keylogger all they would have is a password that didn't go with anything else I use, they would still need a way of getting the account name. Something to think about atleast. Wonder how many people that got jacked were changing accounts or constantly retyping in their account info like on station.com or some crap.

[Manratten]

I don't know what the hell is causing people to have their accounts compromised, but Petgroup convinced me to get Webroot. (Not joking)

I especially liked his comment about (not sure of exact phrasing) not going into the cockpit and telling the pilot how to fly a plane.

Sold me. Spending $40 or whatever in the hell it is when I get home.

[Petgroup]

Quote:

Originally Posted by Vindruil

Well I was told mcafee was the one's who found the keylogger crap going on so I switched from Trend Micro to Mcafee for now. Still haven't had any problems whatsoever, but it could be do to the fact that I don't ever type my account name in when I log on. So if I did have a keylogger all they would have is a password that didn't go with anything else I use, they would still need a way of getting the account name. Something to think about atleast. Wonder how many people that got jacked were changing accounts or constantly retyping in their account info like on station.com or some crap.

Keyloggers can take screenshots of whatever you are looking at any timeframe they want. So, since your username isn't *********, they got you. Not saying you in specifics but if you had one, they are more than capable of breaching that method of security you are taking.

Quote:

Originally Posted by Manratten

I don't know what the hell is causing people to have their accounts compromised, but Petgroup convinced me to get Webroot. (Not joking)

I especially liked his comment about (not sure of exact phrasing) not going into the cockpit and telling the pilot how to fly a plane.

Sold me. Spending $40 or whatever in the hell it is when I get home.

Glad I could help. If you only need it for 1 computer, get it from Buy.com for the $33 that I linked.

[Oswaldor]

Seriously stop the stupid Anti virus discussion - it yields absolutely nothing to this thread.
It is insanely stupid from a security point of view to state that any of the Top 20 anti virus products in use today is better than the other - it all depends on the profile of the user. What works for you might be quite terrible for someone else.
Educating the users in safe computing will beat the shit out of any anti-virus software in use. Unfortunately most users will not take the time to educate themselves but insist on being safe despite being computer illiterates so anti virus software is still a valid generic protection.
However anything generic will sucks against something specific, so even with Webroot, trend micro, mcafee, panda or what the hell else useless piece of shit anti virus software there is, it will die terrible with a specific directed attack.

Quote:

Originally Posted by Vindruil

Well I was told mcafee was the one's who found the keylogger crap going on so I switched from Trend Micro to Mcafee for now. Still haven't had any problems whatsoever, but it could be do to the fact that I don't ever type my account name in when I log on. So if I did have a keylogger all they would have is a password that didn't go with anything else I use, they would still need a way of getting the account name. Something to think about atleast. Wonder how many people that got jacked were changing accounts or constantly retyping in their account info like on station.com or some crap.

EQ2 has to read the username from somewhere - so can a specific keylogger. However a genric keylogger will most likely, as they do, read it directly from the control hosting the username.

Quote:

Originally Posted by Petgroup

Keyloggers can take screenshots of whatever you are looking at any timeframe they want. So, since your username isn't *********, they got you. Not saying you in specifics but if you had one, they are more than capable of breaching that method of security you are taking.

Keyloggers which are dependent on screen shots are so terrible retarded that it probably doesn't pose any real threat. Imagine spreading a keylogger to just 1000 users and having to accept screen shot periodically of the programs running. Not even to mention those poor bastards that actually have to sort through the screen shot to find the 'nice' stuff. Not really an option (and no, to capture you mastubating on your webcam with some other boy online, they will capture the video stream instead of using screen shots as real capture programs do).

[axuis]

ok what we did it wont work on your eq2 log in to game but works on your station access to your account

get a note pad doc or something put your password etc in and copy paste it into that access thing works ok

now how i done it on this pc i had no problems but i havent been hacked my friends have now i know you going to say hey you typed it in so whats the diffrence well im assuming that a 1 off into a note pads better than doing it every time you have to log in

i know once is anoth but im hoping that once is anoth to stop them if you doing it every time you log into acces ie typing there must be more chances of you getting caught with a key logger

i guess you could send it via another pc on email or msn or something but that pc would have to have no bearng or connection on your hom net work or eq2 thats a guess

for example if you went round your parents house and sent your self a msn with all that on they shouldnt have a key logger on that pc but you never know i know but prob not and once that is sent cut paste that to a note pad

and make that cyptic as well so for example if your password was dallascowboys

you gould do 123890dall399as0982cow0949boys094

and cut and cpy the password out that or something like that i would thought would work

now this pc as i said hopefully wont have any beaing on your pc and nothing to do with eq2 so they shouldnt be able to get that password

would that work thats my idea

[Oswaldor]

Quote:

Originally Posted by axuis

ok what we did it wont work on your eq2 log in to game but works on your station access to your account

get a note pad doc or something put your password etc in and copy paste it into that access thing works ok

now how i done it on this pc i had no problems but i havent been hacked my friends have now i know you going to say hey you typed it in so whats the diffrence well im assuming that a 1 off into a note pads better than doing it every time you have to log in

i know once is anoth but im hoping that once is anoth to stop them if you doing it every time you log into acces ie typing there must be more chances of you getting caught with a key logger

i guess you could send it via another pc on email or msn or something but that pc would have to have no bearng or connection on your hom net work or eq2 thats a guess

for example if you went round your parents house and sent your self a msn with all that on they shouldnt have a key logger on that pc but you never know i know but prob not and once that is sent cut paste that to a note pad

and make that cyptic as well so for example if your password was dallascowboys

you gould do 123890dall399as0982cow0949boys094

and cut and cpy the password out that or something like that i would thought would work

now this pc as i said hopefully wont have any beaing on your pc and nothing to do with eq2 so they shouldnt be able to get that password

would that work thats my idea

No it wouldn't. It is not the actual typing that most keyloggers log, but what the controls you type into contains. When you issue a copy paste command to a text box that command can be intercepted and the copy paste value can be read.

If you have a keylogger on your system then it can access pretty much anything (and more) than you can access.

[axuis]

bugger ok thanks this how i been doing it

[nhdjoseywales]

Quote:

Originally Posted by Petgroup

Eveyone should go out and get Windows Live OneCare, it works but will eventually fail right? Its a piece of shit right outta the fancy container it comes in.

So people at Cisco tell you pick whatever anti-virus you want, sooner or later its gonna fail? So does your real world experience? Both you and them are full of shit. I worked at Cisco, now what?

I go to peoples homes and business' and sell them a solution to there virus/spyware infection, or hard drive crash etc. MYSELF, it's my own fucking business now. I answer to absolutely noone. I stated countless times at my previous job I installed Webroot on 100's of different computers that were infected, 0 repeat calls in 1.5 years from anybody. I had at least 10 warranty calls for new hard drives that failed in less than a year. Hard drives with 5 year warranties.

Those are my numbers. Have your friends at Cisco call my fucking bluff.

Cisco lvl certs doesnt mean they work for cisco, it means they are certified security experts with cisco internet security certs, if you worked for cisco i would expect you to know that

bottom line is you dont really understand what the fuck you are doing. any shithead can walk in a users living room, install a piece of software and tell them hey, yer protected. If you only run one cleaner on a machine you know is infected you have robbed your customer and left them with an infected machine, i guarantee it. I have some co-workers boxes at home that i need to clean. maybe i should video tape sophos cleaning it, then go back thru the win32 directory and find some things it missed. i guess you would call bullshit on that too tho.

oh, and the hard drives that failed in a year. let me guess, they were maxtor drives right? yeah seen lots of premature failures on those too. dont see how it relates to the conversation tho. i mean really, does anyone warranty a virus cleanup call? its not exactly the same as a hardware failure.

now take your A+ cert and go get that fucking shine box like i told you to bitch