Got Hacked Thread

Langues: JP EN DE FR
users online
Forum » FFXI » General » Got Hacked Thread
Got Hacked Thread
First Page 2 3 ... 12 13 14
 Cerberus.Eugene
Offline
Serveur: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-12-18 17:12:03
Link | Citer | R
 
Carbuncle.Anesthesia said: »
volkom said: »
stop buying gil, browsing rmt sites, checking weird emails


The idea that this is always how your account gets hacked is one of the worst, most persistent recurrent urban legends ever.

The vast majority of all account hackings: Player uses same password as game on less secure community site --> Community password database gets compromised --> Hackers try usernames/passwords on game ---> A significant portion of them work
It's not an urban legend, I know people who had their accounts compromised through malware. I've had malware installed on my system too, but I got it off before anything happened. Most PCs are riddled with old versions of programs full of security flaws. It's really not difficult to design malware that takes advantage of these flaws and 0-days.

But you're right, reusing passwords does leave you vulnerable, but they still need a way to get your ID information too. Just reusing passwords isn't enough, because the password needs to be paired with the correct account.
 Carbuncle.Anesthesia
Offline
Serveur: Carbuncle
Game: FFXI
user: analgesia
Posts: 845
By Carbuncle.Anesthesia 2012-12-18 17:16:29
Link | Citer | R
 
Cerberus.Eugene said: »
Carbuncle.Anesthesia said: »
volkom said: »
stop buying gil, browsing rmt sites, checking weird emails


The idea that this is always how your account gets hacked is one of the worst, most persistent recurrent urban legends ever.

The vast majority of all account hackings: Player uses same password as game on less secure community site --> Community password database gets compromised --> Hackers try usernames/passwords on game ---> A significant portion of them work
It's not an urban legend, I know people who had their accounts compromised through malware. I've had malware installed on my system too, but I got it off before anything happened. Most PCs are riddled with old versions of programs full of security flaws. It's really not difficult to design malware that takes advantage of these flaws and 0-days.

But you're right, reusing passwords does leave you vulnerable, but they still need a way to get your ID information too. Just reusing passwords isn't enough, because the password needs to be paired with the correct account.

Please take careful note of the word "Always" in that sentence.

Also,

You didn't quote the other bit :(

Carbuncle.Anesthesia said: »
volkom said: »
stop buying gil, browsing rmt sites, checking weird emails



Beyond that, you're one to talk.

http://www.ffxiah.com/forum/topic/12826/crap-i-deal-with-because-of-people-selling-account#752212

He deleted the OP out of embarrassment, but it's easy enough to get the idea.

Seriously, I don't know why everyone on the site doesn't post this thread whenever Volkom says anything, ever.
 Cerberus.Eugene
Offline
Serveur: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-12-18 17:18:44
Link | Citer | R
 
You irrelevantly shaming him doesn't change the fact that you're advocating making a myth out of something that is a legitimate security concern.

Shame on you.
 Carbuncle.Anesthesia
Offline
Serveur: Carbuncle
Game: FFXI
user: analgesia
Posts: 845
By Carbuncle.Anesthesia 2012-12-18 17:23:25
Link | Citer | R
 
Cerberus.Eugene said: »
You shaming him, doesn't change the fact that you're advocating making a myth out of something that is a legitimate security concern.

Shame on you.

I'm not sure else how else I should try to draw your attention to the word "Always" in that sentence.

Does this help?

Carbuncle.Anesthesia said: »
The idea that this is always how your account gets hacked is one of the worst, most persistent recurrent urban legends ever.


Re-read slowly and carefully. I didn't say it was a myth at all.
 Cerberus.Eugene
Offline
Serveur: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-12-18 17:30:10
Link | Citer | R
 
Ok, you trivialized it. The surrounding context suggests that its a theory you don't take seriously. You could have simply drawn attention to to the fact that password reuse can lead to compromised accounts without downplaying the seriousness of infection. In which case I would have had to (and did) concede that you were correct. Infection is serious, because if someone restores the account without resolving the infection they will just lose the account again.

In order to maintain maximum account security you should (not in any particular order):
1) Use a unique password for your account.
2) Ensure your computer is not currently infected.
3) Properly shield your computer against future infections (script blocking, surfing habits, patched software).
4) Don't share your account information with other people.
5) Get a security token.
 Carbuncle.Anesthesia
Offline
Serveur: Carbuncle
Game: FFXI
user: analgesia
Posts: 845
By Carbuncle.Anesthesia 2012-12-18 17:31:28
Link | Citer | R
 
Cerberus.Eugene said: »
Ok, you trivialized it.


You are grasping at straws.

Is it that difficult to admit you didn't read what I wrote.
 Cerberus.Senkyuutai
Offline
Serveur: Cerberus
Game: FFXI
user: Yuffy
Posts: 4415
By Cerberus.Senkyuutai 2012-12-18 17:37:02
Link | Citer | R
 
From my personal experience and knowing "quite a lot" about the subject, most people "hacked" are simply being used by people who can access their account, as simple as that.

In case some people didn't know, a person can be your brother, sister, best friend, wife, husband, whatever, he/she can still destroy your account. Always be safe, always.

I have many examples of brothers deleting each others characters/items and so on, sometime the "hack" is something much more simple than a malware or even a userbase password database.

Simple things are always the most efficient. Real hacks are very rare, by a long shot, especially since FFXI accounts aren't worth anything.
By volkom 2012-12-18 18:21:54
Link | Citer | R
 
well if you want to go into it. Yeah back then I was dumb and didn't know half the stuff I know now.
I had 2 FFXI accounts. One of them was given to me and one that I started myself. Had a friend that wanted to play, thought I could get rid off an account from a different game for a 3rd FFXI account.
Anywho I can't prove to you that I did or didn't buy gil or if my account is legitimate or not.
What I do however is that I play new mmo's and try to hit level cap with decent gear within opening week/weekend and then try to sell it.
Think the only time that I ever bought something through RMT was money for aion just to craft.
But whatever. go ahead and post the thread every time I make a post. I don't give two shits about it.
 Cerberus.Eugene
Offline
Serveur: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-12-19 16:10:57
Link | Citer | R
 
SE doesn't train their Customer Service staff very well.
Offline
Posts: 856
By mattyc 2012-12-20 16:30:02
Link | Citer | R
 
ok so i just wanted to see if anyone has been hacked has similar situation as me.

i filled out my form for game data recovery and made a copy of my photo ID and have sent literally over 10 emails to the listed email address to send the form to.

none of which have been received by them...

i talked to 5 reps on the phone and they asked me if the files were under 800kb, which they were...

this being said i have sent the information from MY email, MY alt email, and even from my brothers email. they say successfully sent yet they do not receive...

i dont understand why POL wants us to jump through AIDS infested burning loops of ***...

any feed back be very nice as i am beyond frustrated...
 Quetzalcoatl.Scwall
Offline
Serveur: Quetzalcoatl
Game: FFXI
user: Scwall
Posts: 101
By Quetzalcoatl.Scwall 2012-12-20 17:00:31
Link | Citer | R
 
When I sent in my form, I composed a new message rather than replying to the one they sent. They specifically say don't reply to this message, just in case that's your problem. I use hotmail if that makes any difference.

Hopefully it's an easy fix like that^ otherwise I don't have any other suggestions for email. The next option would be physically mailing it...
Offline
Posts: 856
By mattyc 2012-12-20 17:05:13
Link | Citer | R
 
wish it was that scwall...
and i sent it this morning just in case something ridiculous like this happened....my luck is ***this is nothing new to me...
and ya i used hotmail, gmail, and my brothers yahoo email, all didnt work...like i said "***"
 
Offline
Posts:
By 2012-12-20 17:19:31
 Undelete | Edit  | Link | Citer | R
 
Post deleted by User.
 Quetzalcoatl.Scwall
Offline
Serveur: Quetzalcoatl
Game: FFXI
user: Scwall
Posts: 101
By Quetzalcoatl.Scwall 2012-12-20 18:16:32
Link | Citer | R
 
I didn't have to get mine notarized. After sending the email it took 29 days to have it recovered and able to log in again.
Offline
Posts: 856
By mattyc 2012-12-21 14:33:17
Link | Citer | R
 
dont need to have it notarized unless it's an account they cant get back using the game data recovery system, just got off phone with rep and was reassured that mine would not need it notarized, still having to send by mail rather than email is *** stupid, no one else has same issues as me apparently. my luck wins again nonetheless.
 Sylph.Kawar
Offline
Serveur: Sylph
Game: FFXI
user: Kawar
Posts: 1774
By Sylph.Kawar 2012-12-21 14:36:43
Link | Citer | R
 
Valefor.Angierus said: »
a friend of mine got hacked about a year back and when they got hacked they said this is the processes they went through to get their account back.

Quote:
it was given to me by the customer service guy, its used for rollbacks and such.. they email it to you in .pdf format and you need to print it out and sign it and get it notarized, and send in copies of your I.D

Hope that helps, SE's customer service has always been a *** to get through, as I recall they had to send in the form twice because the first time my friend failed to get it notarized.
That sounds about right and it sounds normal.Most game companys do this to make sure they are giving the account back to the owner with the right information on file.
Offline
Posts: 13
By Dreamsea 2013-01-15 17:04:27
Link | Citer | R
 
i've not been following this thread, but lately (in the past 4 weeks or so there has been a LOT of players been keylogged/hacked on siren! I know of 5 cases but there's probably more...

all had their characters taken stripped and then deleted >_<

i was wondering if any other servers has been experiencing the same thing?

evi~
 Shiva.Vosslerr
Offline
Serveur: Shiva
Game: FFXI
Posts: 110
By Shiva.Vosslerr 2013-01-31 01:36:07
Link | Citer | R
 
Cerberus.Eugene said: »
Ok, you trivialized it. The surrounding context suggests that its a theory you don't take seriously. You could have simply drawn attention to to the fact that password reuse can lead to compromised accounts without downplaying the seriousness of infection. In which case I would have had to (and did) concede that you were correct. Infection is serious, because if someone restores the account without resolving the infection they will just lose the account again.

In order to maintain maximum account security you should (not in any particular order):
1) Use a unique password for your account.
2) Ensure your computer is not currently infected.
3) Properly shield your computer against future infections (script blocking, surfing habits, patched software).
4) Don't share your account information with other people.
5) Get a security token.

Getting a security token should be at the top of that list in my opinion. It effectively prevents you from being hacked except by anyone who finds it or if you leave your token somewhere. Its not even easy to lose... Put it on your keyring..

I remember another game I played attempted to bring tokens to thier game but the idea was shot down specifically because people didn't want to pay the amount of money to be more secure. That reason is stupid because the same people keep find themselves hacked and thier items dropped or characters deleted. $10 is not an unreasonable amount to remain secure.
 Valefor.Omnys
Offline
Serveur: Valefor
Game: FFXI
user: omnys
Posts: 1759
By Valefor.Omnys 2013-01-31 02:40:23
Link | Citer | R
 
Hell, I don't know how people can manage without the extra bag that the token comes with.
[+]
 Asura.Tamoa
Offline
Serveur: Asura
Game: FFXI
user: Tamoa
Posts: 1341
By Asura.Tamoa 2013-01-31 02:54:26
Link | Citer | R
 
Scan your computer regularly. Also, I recently had no less than 3 different viruses on my pc due to the latest Java version exploit (was careless for the first time ever), they were picked up by AVG and Malwarebytes, but for those of you out there that use Avast - Avast did not pick up either of these viruses.

Neither AVG nor Malwarebytes were able to get rid of the stuff though, and I ended up needing outside help. I suspect this Java exploit is the reason why it seems there's an increase in hacked accounts lately.

And yeah, get a token. It's worth it.
 Fenrir.Sylow
Offline
Serveur: Fenrir
Game: FFXI
Posts: 6862
By Fenrir.Sylow 2013-01-31 02:59:05
Link | Citer | R
 
The recent spike in hackings is because SE broke clipper in the 12/12 update, people subsequently made new ones, and someone snuck a link to a download containing a trojan into the thread of legitimate (non-trojan) links on guildwork.
 Asura.Tamoa
Offline
Serveur: Asura
Game: FFXI
user: Tamoa
Posts: 1341
By Asura.Tamoa 2013-01-31 03:10:22
Link | Citer | R
 
Fenrir.Sylow said: »
The recent spike in hackings is because SE broke clipper in the 12/12 update, people subsequently made new ones, and someone snuck a link to a download containing a trojan into the thread of legitimate (non-trojan) links on guildwork.


There's that too, good point. So yeah, don't be lazy, run those virus scans. It certainly saved me.
 Asura.Mythh
Offline
Serveur: Asura
Game: FFXI
user: Ganjuh
Posts: 29
By Asura.Mythh 2013-01-31 03:12:50
Link | Citer | R
 
Yup same here been about a month. *** ridiculous. Will be getting a security token asap. Pretty pathetic that this has been happening a lot recently. I'm mad, bro.
 Siren.Taruina
Offline
Serveur: Siren
Game: FFXI
user: zerich
Posts: 95
By Siren.Taruina 2013-02-12 10:26:02
Link | Citer | R
 
One of the people who was keylogged/hacked had an up to date security token.

Didn't save her.
 Quetzalcoatl.Sithel
Offline
Serveur: Quetzalcoatl
Game: FFXI
user: Wildman33
Posts: 55
By Quetzalcoatl.Sithel 2013-02-12 10:55:50
Link | Citer | R
 
Siren.Taruina said: »
One of the people who was keylogged/hacked had an up to date security token.

Didn't save her.

That's because nothing will save you from a key logger hack, security token or not. The one hacking via key logger is just as easy as having the security token in hand and pressing the button. You have several options to avoid key loggers.
1) Try to do virus scans regularly
2) Could try never typing in you SE password and bring up the keyboard box and mouse click your password.
3) Copy your SE password to notepad on another PC you know isn't infected, transfer that text doc to your PC you play FFXI on via a thumb drive or whatever. Then when you enter your password always highlight it and copy and paste. Never no typing required.
4) or I guess you could just auto save password, if that's possible. I dunno, I use the other 3 options :P
 
Offline
Posts:
By 2013-02-12 11:04:11
 Undelete | Edit  | Link | Citer | R
 
Post deleted by User.
 Quetzalcoatl.Sithel
Offline
Serveur: Quetzalcoatl
Game: FFXI
user: Wildman33
Posts: 55
By Quetzalcoatl.Sithel 2013-02-12 12:46:48
Link | Citer | R
 
Valefor.Angierus said: »
I'm almost positive if you are being key logged, anything copy'd to clipboard is something that can be pulled and sent along with everything else you're typing.
I guess your right, I was reading up on that. Seems even having a virtual keyboard like what SE has to use mouse clicks can still be logged as if pressing the actual key on the keyboard. Looks like not all key loggers can copy the clip board but some do.
First Page 2 3 ... 12 13 14
Log in to post.