Got Hacked Thread

Langues: JP EN DE FR
users online
Forum » FFXI » General » Got Hacked Thread
Got Hacked Thread
First Page 2 3 ... 13 14
 Cerberus.Eugene
Offline
Serveur: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2013-02-12 12:55:50
Link | Citer | R
 
Valefor.Angierus said: »
I'm almost positive if you are being key logged, anything copy'd to clipboard is something that can be pulled and sent along with everything else you're typing.
Depends on the malware. reading the i/o stream for a keyboard, and catching the contents of the clipboard are two separate functions. but it doesn't hurt to assume that if you've been compromised in one way, you've been compromised in others.
 Fenrir.Acey
Offline
Serveur: Fenrir
Game: FFXI
user: abyssal
Posts: 475
By Fenrir.Acey 2013-02-12 14:05:20
Link | Citer | R
 
Dreamsea said: »
i've not been following this thread, but lately (in the past 4 weeks or so there has been a LOT of players been keylogged/hacked on siren! I know of 5 cases but there's probably more...

all had their characters taken stripped and then deleted >_<

i was wondering if any other servers has been experiencing the same thing?

evi~

Fenrir has had a few me and a buddy both got it on the same day within an hour if each other
 Fenrir.Sylow
Offline
Serveur: Fenrir
Game: FFXI
Posts: 6862
By Fenrir.Sylow 2013-02-12 14:09:04
Link | Citer | R
 
Fenrir.Sylow said: »
The recent spike in hackings is because SE broke clipper in the 12/12 update, people subsequently made new ones, and someone snuck a link to a download containing a trojan into the thread of legitimate (non-trojan) links on guildwork.
 Asura.Rucks
Offline
Serveur: Asura
Game: FFXI
user: Seravolk
Posts: 207
By Asura.Rucks 2013-02-12 14:51:30
Link | Citer | R
 
lolclipper
 Diabolos.Raelia
Offline
Serveur: Diabolos
Game: FFXI
user: Raelia
Posts: 1707
By Diabolos.Raelia 2013-02-12 22:09:15
Link | Citer | R
 
Fenrir.Sylow said: »
Fenrir.Sylow said: »
The recent spike in hackings is because SE broke clipper in the 12/12 update, people subsequently made new ones, and someone snuck a link to a download containing a trojan into the thread of legitimate (non-trojan) links on guildwork.
Actually it's worse than that. There was a pastebin with a dirty version that came up first result on google and certain persons are that dumb.

I know because I received this link from said persons. I sandboxed it for lulz and watched it hook up with a server in canada. The dude behind it even left his name on the damn log file (or someone did a damn good framejob) which is some *** with a wide open facebook account linked to accou***wappers.com.
 Fenrir.Sylow
Offline
Serveur: Fenrir
Game: FFXI
Posts: 6862
By Fenrir.Sylow 2013-02-12 22:14:37
Link | Citer | R
 
Lol, I knew about the one on google but I didn't know all the details behind it so I didn't mention it.

Awesome.

Tl;dr all of your friends who have been hacked recently - there's an extremely high probability it's because they were stupid and downloaded 3rd party tools from an untrusted source because they needed their cheating fix!

FOR SHAME!
[+]
 Leviathan.Egonn
Offline
Serveur: Leviathan
Game: FFXI
user: Egonn
Posts: 280
By Leviathan.Egonn 2013-02-22 22:24:24
Link | Citer | R
 
Fenrir.Sylow said: »
Lol, I knew about the one on google but I didn't know all the details behind it so I didn't mention it.

Awesome.

Tl;dr all of your friends who have been hacked recently - there's an extremely high probability it's because they were stupid and downloaded 3rd party tools from an untrusted source because they needed their cheating fix!

FOR SHAME!


The whole cheating/tools/etc thing is just ignorance. Even SE is saying there is more to it than 3rd party software. Apparently even 3rd party email is an issue lol.



compromise​d_accounts@​us.playonli​ne.com (compromised_accounts@us.playonline.com) 2/12/13
To: ***rou**@hotmail.com

This message is being sent to you as a reminder of e-mail security. There has been an increase in the number of unauthorized access since January 2013. There appears to be a trend of unauthorized access reports being submitted by customers who are using hotmail e-mail accounts as their registered e-mail address.

In light of this information, we strongly suggest that you change your e-mail password for your e-mail account or simply use another e-mail address as your registered email address as soon as possible. Preferably a more secure e-mail address such as an Internet Service Provider e-mail address.

Please note that if you use the same account name or password as your PlayOnline ID or Square Enix account on other online services, a security breach at any of the other online services you use could potentially lead to your PlayOnline ID or Square Enix account being compromised as well.

Likewise, if you use repeated strings of characters, phone numbers, birth dates, or other such information, this will leave your account highly vulnerable in the event another customer's account name and password is compromised from other online services, even if you are not using the same exact account name or password.

Therefore, if you are sharing the same account name or password between other online services and your Square Enix account, or if you are using information that can be easily deciphered, we ask that you change your password as soon as possible.

Note: If you received this e-mail and do not use Hotmail as your e-mail service provider, we still recommend ensuring that your password for your e-mail be set to a different password than that of your SQUARE ENIX Account or PlayOnline Account.

We appreciate your continued support for Final Fantasy XI.

SQUARE ENIX Support Center

Please do not reply to this e-mail. For any questions or concerns, please contact the SQUARE ENIX Support Center at http://support.na.square-enix.com
 Siren.Kalilla
VIP
Offline
Serveur: Siren
Game: FFXI
user: Kalila
Posts: 14552
By Siren.Kalilla 2013-03-03 20:24:31
Link | Citer | R
 
Asura.Lewyo said: »
I'm not sure if its against the rules to post real life information but I'll be releasing any RL info I have on this guy in case others want to take legal action.
I don't want you to get in trouble, so I'm just going to post this before you do.

Lakshmi.Jaerik said: »
- Posting any personal real-life identifiable information or images about a particular user without their permission is not allowed, unless they have previously posted it here.

Fenrir.Scragg said:
Real Name
Address (that includes street)
Photos of themselves or family
Names of immediate family
Phone Numbers
Birth Dates
Email Addresses
Lakshmi.Jaerik said: »
I had to close a thread earlier because some folks were posting an FF player's personal info, including RL address and contact info, etc. Because it was already publicly available on another site, people thought it was okay to re-post without asking. It wasn't, and let me explain why.

If some internet psycho saw that info, and something happened to that poor person, it wouldn't matter that it wasn't you. The fact you re-posted the information that lead to the crime could mean you "facilitated" the act in question, which is itself quite serious. It would also mean that this site, by allowing you to do so, could be seen as complicit. For proof, look at the MySpace stalker/suicide cases, and which parties were indicted on the charges.

The case might be sketchy, we might have a strong counter-argument, and they probably wouldn't be able to convict you or us of anything in the end. But they could still haul our *** into court. If you don't have a few grand on you in bail money, that means you could sit in prison awaiting trial. And if you're a minor, that would mean hauling in your parents too. I guarantee they would never let you within a foot of a computer ever again if you made them go through that.

I don't want to end up standing side by side with any of you at a defense table in court any time soon. So please, think before you post.
[+]
 Asura.Escorian
Offline
Serveur: Asura
Game: FFXI
user: Escorian
Posts: 636
By Asura.Escorian 2013-03-03 20:33:06
Link | Citer | R
 
Asura.Lewyo said: »
For anyone not informed the user has been posting a ratted version of the popular FFXI tool "FFXI Clipper" on paste bin. The post was posted a year and a half ago. A years worth of people DLing and using has supplied him with an incredible amount of accounts, items, gil and of course real life cash.

lol... It's their own fault for downloading 3rd party tools like that. Seriously the people with clipper don't deserve their gear in the first place since they hacked their way to it.
[+]
 Asura.Originalkord
Offline
Serveur: Asura
Game: FFXI
user: rocs42
Posts: 119
By Asura.Originalkord 2013-03-03 20:37:03
Link | Citer | R
 
Asura.Escorian said: »
Asura.Lewyo said: »
For anyone not informed the user has been posting a ratted version of the popular FFXI tool "FFXI Clipper" on paste bin. The post was posted a year and a half ago. A years worth of people DLing and using has supplied him with an incredible amount of accounts, items, gil and of course real life cash.

lol... It's their own fault for downloading 3rd party tools like that. Seriously the people with clipper don't deserve their gear in the first place since they hacked their way to it.

*Walks through Dark Miasma*
Obtains: All Mythic Weapons

Did I do it right?
 Siren.Kalilla
VIP
Offline
Serveur: Siren
Game: FFXI
user: Kalila
Posts: 14552
By Siren.Kalilla 2013-03-03 20:42:54
Link | Citer | R
 
Asura.Escorian said: »
Asura.Lewyo said: »
For anyone not informed the user has been posting a ratted version of the popular FFXI tool "FFXI Clipper" on paste bin. The post was posted a year and a half ago. A years worth of people DLing and using has supplied him with an incredible amount of accounts, items, gil and of course real life cash.

lol... It's their own fault for downloading 3rd party tools like that. Seriously the people with clipper don't deserve their gear in the first place since they hacked their way to it.
There really is only one reason that I feel people should not have abused clipper.

When SE was creating NNI, and they were gathering data of players doing the event seeing how well the average group does, it would have been nice if their tests were accurate without the players who were running through walls at flee speeds.

I don't care if you use it, I really don't, but it really *** up any chances of them adjusting the event when they first implemented it. If no one used it would they have changed anything? Probably not, but there still might have been a chance.

other than that I don't really care if others use it.
[+]
 Asura.Escorian
Offline
Serveur: Asura
Game: FFXI
user: Escorian
Posts: 636
By Asura.Escorian 2013-03-03 20:47:14
Link | Citer | R
 
Asura.Originalkord said: »
Asura.Escorian said: »
Asura.Lewyo said: »
For anyone not informed the user has been posting a ratted version of the popular FFXI tool "FFXI Clipper" on paste bin. The post was posted a year and a half ago. A years worth of people DLing and using has supplied him with an incredible amount of accounts, items, gil and of course real life cash.

lol... It's their own fault for downloading 3rd party tools like that. Seriously the people with clipper don't deserve their gear in the first place since they hacked their way to it.

*Walks through Dark Miasma*
Obtains: All Mythic Weapons

Did I do it right?

Trying to say people who did NNI and used this program didn't get anything at all? Not to mention selling the runs for money.
[+]
 Lakshmi.Aelius
VIP
Offline
Serveur: Lakshmi
Game: FFXI
user: Aelius
By Lakshmi.Aelius 2013-03-03 21:05:08
Link | Citer | R
 
There is to be no rl information submitted to this thread. People who do so will be topicbanned swiftly and posts erased.

Any links that lead to unapproved 3rd party content will earn a quick ban as well. Tread lightly here.
 Cerberus.Toralin
Offline
Serveur: Cerberus
Game: FFXI
user: toralin
Posts: 58
By Cerberus.Toralin 2013-03-03 21:06:24
Link | Citer | R
 
I understand the rules 100% and have and always will follow.
 Siren.Mcclane
Offline
Serveur: Siren
Game: FFXI
user: mcclane
Posts: 411
By Siren.Mcclane 2013-03-03 21:41:54
Link | Citer | R
 
A legal case because of a game? I think there's a better use of money and time.
 Diabolos.Raelia
Offline
Serveur: Diabolos
Game: FFXI
user: Raelia
Posts: 1707
By Diabolos.Raelia 2013-03-03 21:55:47
Link | Citer | R
 
He's PMing me about now. I don't care to pursue this. I'm on the fence about whether people stupid enough to run the first link on Google deserved to be hacked or not, because in some cases it was said stupid person foisting it to their friends and it was the friends that were hacked instead. Anyone who wants to sandbox and inspect the file in question can get in touch with me. As easy as running it in a VM and watching processes for where the log file gets put.

Was he stupid enough to have his real name be the name of the log file, or did somebody cleverly use it to frame him?

I'd advocate Hanlon's Razor, just based on his association, but there's room for doubt.
 Cerberus.Eugene
Offline
Serveur: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2013-03-03 23:56:55
Link | Citer | R
 
You don't actually own your character or account. They remain property of SE, so I don't know what kind of legal case you think you can make.
 Diabolos.Raelia
Offline
Serveur: Diabolos
Game: FFXI
user: Raelia
Posts: 1707
By Diabolos.Raelia 2013-03-04 00:12:28
Link | Citer | R
 
Simple thing is: It had his name on it.

That doesn't really mean as much as Lewyo would like to think.

Complex parts are:

1. The server in Canada that it uploaded to is with a host that starts at $249/month. It might be some grandfathered account or whatever and be cheaper, but that'd be a huge overhead for something one guy or even a half dozen guys would use for stealing piddly FFXI accounts.

2. The link in the pastebin un-redirects to a dropbox account I can't get an identification of, just their user database id which appears in any public link, but I did manage to dig up another file being hosted by it; some program called 'OmniPotent' for Order & Chaos Online first appearing back in September. This executable being flagged for a trojan is why the link comes up, and is probably removed from DropBox for the same reason though I'd love to inspect it for the juicy bits like if it goes to the same Toronto server.

So whoever is truly behind it is not only much bigger than even Toralin's operation, but also targeting more than just FFXI. The only thing that really links it to him is his name as the log filename (and it's a rather unique name, not a chance of coincidence).
Offline
Posts: 191
By Smurfite 2013-03-06 16:12:37
Link | Citer | R
 
GOT HACKED! Mine and gf characters all deleted. 1 week - 6 months for recovery. So stupid. Afk 6 months.
 Quetzalcoatl.Stik
Offline
Serveur: Quetzalcoatl
Game: FFXI
user: hectordc5
Posts: 172
By Quetzalcoatl.Stik 2013-03-06 16:27:10
Link | Citer | R
 
Hmmmm FFXIV Summer Sam All Right See You On XIV
 Unicorn.Hardwood
Offline
Serveur: Unicorn
Game: FFXI
Posts: 45
By Unicorn.Hardwood 2013-03-10 17:02:00
Link | Citer | R
 
So on Feb 25th i left my 3 accounts bazaaring in jeuno as i fell asleep. When I woke up on the 26th I had 3 POL ID's with 22 chars(220 mob marbles) all deleted. FFXI x3 programs were not running and my antivirus (2month old Norton 360) had been compromised as it said was out of date and stopped working even tho I had purchased the 1 year license. I do not run clipper, fisheries, or what have you other then good old fashioned Windower legal. (btw do not use security tokens)

So for those of you who show sympathy over a 10year old account + many gils, items, and my marbles lost there was no intrusion do to a 3rd party program. I did however recently put a new .dll in my windower, which until recently I used and fully trusted, but per admins I will not say which.

And for those of you who are curious it took SE 13 days to even Begin the investigation after report and filing paperwork. Needless to say My restore will almost definately be finished after march 26th, the final day for the mog bonanza collections, and to top it off I have screenshots of all my marbles for quick and easy winning number checking but now will be used to see if for the first time i win more then a rank 4.

Lastly after 7 phone calls in 13 days a senior investigator with SE told me if I had an Active Token and still had been hacked they would have had my restore done on March 4th, but because I do not they are either lowering its priority as i think, or officially as he said they are investigating 90 days back for any connection to rmt, as to make sure i am not trying to "double" my net worth, or in rmt world, there actual net income. In my eyes thats SE technical bull ***speak for, you did not pay us more money by buying tokesn and thus we care less for you AND more importantly have no trust that a 10year old player with more then $5,000.00 service fees paid is a rmt.

Take from this what you will be it none to all, I just thought that sharing my story needed to be done becauswe I am deeply disturbed that 17 of the 22 characters hod ONLY 10 mog marbles with not a single gil or item otherwise needlessly erased.

They stole everything and left nothing, other then a metaphor stating how much they hate me.
Offline
Posts: 14020
By Quiznor 2013-03-10 17:06:44
Link | Citer | R
 
I called up for a rollback on monday,mentioned I had a security token and all,and they told me up to 6 weeks :<
 Asura.Devilzero
Offline
Serveur: Asura
Game: FFXI
user: Devilray
Posts: 36
By Asura.Devilzero 2013-03-13 03:34:30
Link | Citer | R
 
All I can add to this is get Adblock and Noscript on Firefox. Also Nod32 Antivirus and Malware Anti-bytes running in the background. You should become pretty foolproof with all of those things running. Just Nod32 and Malware antibytes is not good enough. You need Noscript and Adblock or say goodbye to your account.
 
Offline
Posts:
By 2013-03-13 03:43:28
 Undelete | Edit  | Link | Citer | R
 
Post deleted by User.
necroskull Necro Bump Detected! [59 days between previous and next post]
 Lakshmi.Reddwarf
Offline
Serveur: Lakshmi
Game: FFXI
user: Reddwarf
Posts: 160
By Lakshmi.Reddwarf 2013-05-10 16:58:40
Link | Citer | R
 
Got Hacked, had Token, SE Password/ID password changed, Characters Deleted.
 Bismarck.Shinryuu
Offline
Serveur: Bismarck
Game: FFXI
Posts: 9
By Bismarck.Shinryuu 2013-05-21 19:25:39
Link | Citer | R
 
I got hacked back in 2011 and because I wasn't playing much I just left it alone and had my friend contact a GM to freeze the account for me. Recently I've been wanting to play again so I contact SE to unfreeze it and possibly recover data. It's been too long to recover data apparently, so that's my fault. I tried to log in to POL, but I need to put in SE ID stuff. I never linked a SE ID to my POL ID, so I try to do that. Turns out I can't. I contact SE again and they say it's already been linked and it's linked outside of region so they can't help.

Makes sense. I had never linked ID or used Crysta so the person who used my account had to have done that and then reactivated and paid for my account to steal stuff. So I can never use this character unless I get JP support who understands me? I also unfroze the account so now the only person able to access my account is the hacker.
necroskull Necro Bump Detected! [31 days between previous and next post]
 Asura.Peacewalker
Offline
Serveur: Asura
Game: FFXI
user: mirdyn
Posts: 11
By Asura.Peacewalker 2013-06-21 13:57:03
Link | Citer | R
 
I got hacked in 2011, they took my 2 FFXI ID's as well as one FFXIV account.
Lately I started the process of recovery, but ***, these guys are slow.
I faxed them some stuff on Monday and I asked them yesterday if I could have my account back, but apparently now they're investigating and have no idea when I can have it back.
Anyone has any idea on how long it takes for them to "investigate"?
First Page 2 3 ... 13 14
Log in to post.