Got Hacked Thread

言語: JP EN DE FR
2010-06-21
New Items
users online
フォーラム » FFXI » General » Got Hacked Thread
Got Hacked Thread
First Page 2 3 ... 11 12 13 14
 Siren.Calnus
Offline
サーバ: Siren
Game: FFXI
user: Calnus
Posts: 796
By Siren.Calnus 2012-09-30 16:40:18  
Security token. If it happens once and you get it restored and you care about the future safety of your account, order a security token while waiting on the roll back and add it to your account + update your passwords.
 Fenrir.Jinjo
VIP
Offline
サーバ: Fenrir
Game: FFXI
user: Minjo
Posts: 2269
By Fenrir.Jinjo 2012-09-30 16:42:35  
Prevent accounts beings safe?!
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-09-30 17:00:37  
Bismarck.Hsieh said: »
What is noscript?
Noscript is a firefox plugin. it prevents (depending on your settings) different elements or scripts from running in your browser without your permission. It takes a while to get used to, and occasionally can be a hindrance to some sites, but it really is one of the best things you can do to protect yourself on the web short of sandboxing your browser.

You can set settings that noscript will remember and on the sites you visit frequently you won't really notice a difference. I've had maybe 1 infection since I've installed it 5 years ago.
 Bahamut.Bekisa
Offline
サーバ: Bahamut
Game: FFXI
Posts: 596
By Bahamut.Bekisa 2012-09-30 17:01:45  
I can go on for hours on this subject but I'll keep it simple:

1) Don't give anyone else your password
2) Don't reuse your POL or SE passwords on any other website. I recommend using a password generator, and browser password vault (such as LastPass) for simple websites like this one. Before you create browser password vault, make sure your PC is clean though.
3) Keep your software up to date. Run updates every Tuesday or Wednesday, since 99% of the new vulnerabilities are patched Monday/Tuesday.
4) Have your own built in security measures on your computer such as a well known AV and Firewall. Don't go with free anything. Use a software Keyboard to enter your passwords if you want to also.
5) Just because you own an Apple or use Firefox with NoScript, doesn't mean you are hack proof. Firefox has more problems that most people know but so does every browser. Whatever you use, keep it updated.
6) Don't use Java or Flash unless you check for updates weekly or less.
7) Subscribe to the RSS feed from SAN's Internet Storm Center; they post threats faster than most other sites and work with all AV companies (not against each other). https://isc.sans.edu/

RMT thieves aren't expert hackers generally; they use widely patched vulnerabilities and just hope to find the person who hasn't patched it yet (because most people don't). I make it a point in my Tuesday routine after work to update everything on my PC -- it's called Patch-Tuesday for a reason you know. Though it helps a lot seeing as this is what I do for a living at work ;)

If the account is a victim of vandalism, SE can see this easily and a roll back should be a joke to do. Since it seems like you still have your log on information and passwords, there is no reason they would deny this.
[+]
 Fenrir.Sylow
Offline
サーバ: Fenrir
Game: FFXI
Posts: 6862
By Fenrir.Sylow 2012-09-30 17:18:35  
NoScript makes the Internet an incredibly miserable place.
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-09-30 17:23:09  
@Bekissa

What you said was mostly right.
Bahamut.Bekisa said: »
4) Have your own built in security measures on your computer such as a well known AV and Firewall. Don't go with free anything. Use a software Keyboard to enter your passwords if you want to also.

There's no reason to pay for antivirus software, it's often bloated with tons of features, that usually just make them more difficult to use. Reputable companies (such as AVG, avast, Microsoft Security Essentials) offer perfectly viable free AV software with hopes that it will eventually get you to upgrade, or they'll attract corporate clients. The fact that it's free doesn't make it inferior.

Also, if you're interested, you can download secunia PSI. Secunia keeps track of a huge library of programs(but not every one) and alerts you as to if you have the most recent updates. It's a little finicky, sometimes you have to find the patches yourself, but it will alert you to any programs that needs addressing. They have their own community, and they work with sans, as well as other security researchers to keep you safe.


Also @ Bekisa
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-09-30 17:23:33  
Fenrir.Sylow said: »
NoScript makes the Internet an incredibly miserable place.
I don't even notice it anymore. sites that require you to unearth and allow like 7 different domains to let one media file run probably aren't worth dealing with anyway.
 Bahamut.Bekisa
Offline
サーバ: Bahamut
Game: FFXI
Posts: 596
By Bahamut.Bekisa 2012-09-30 18:06:04  
Cerberus.Eugene said: »

I can advise you from vast experience in the area on a professional level, almost all free AV software subscriptions are vulnerable longer than paid services. I'm not saying jump on board with Norton or McAfee right away but I have seen many end users whose protection methods were open source or free AV/Firewall, and ended up paying the price. If it wasn't for NDA's we sign, I could give you lists of Fortune 500 companies which fired tech leads and security teams over saving money by going with open source and free services. I know a certain aircraft manufacturer that lost all of its blueprints to another country, costing the company billions of USD$ when that country copied their ideas. They used Avast free edition for their NAS controller systems. Their signatures were up to date but Avast didn't release a flaw fix in the main dll file until 2 weeks later which prevented the simple NOOP sled vulnerability on it.

As far as patching right away, I can assure you that most patches do fix problems when released. There are a few here and there which cause issues but when a multi-billion dollar company is on the line they do test the patch through millions of VM's. Of course, the anti-Microsoft fanboys would like you to think otherwise. MS is not perfect but they are far from what anti-MS fanboys make them out to be.

I will never convince forum users one way or another, and I could show document after document of proof or real world examples. People on forums will continue to believe what they read somewhere else only without any basis for proof. I've done thousands of site surveys for companies ranging from 10-20 users to seven digit numbers. Take it for what you want.
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-09-30 22:26:25  
Bahamut.Bekisa said: »
If it wasn't for NDA's we sign, I could give you lists of Fortune 500 companies which fired tech leads and security teams over saving money by going with open source and free services.
There's probably a difference between Fortune 500's needs and the average internet user. Their network infrastructure is radically different.

Bahamut.Bekisa said: »
As far as patching right away, I can assure you that most patches do fix problems when released. There are a few here and there which cause issues but when a multi-billion dollar company is on the line they do test the patch through millions of VM's. Of course, the anti-Microsoft fanboys would like you to think otherwise. MS is not perfect but they are far from what anti-MS fanboys make them out to be.

I believe that patches fix problems. The issue is that patching also can inadvertently create problems. With the multitude of different operating environments all on different hardware, it's really not all that hard to believe that there will be some issues with compatibility. one particular real world example Is the average user probably safer just patching? yeah but its not blanket advice.
 Cerberus.Deadplaything
Offline
サーバ: Cerberus
Game: FFXI
Posts: 454
By Cerberus.Deadplaything 2012-09-30 22:31:30  
My friend just got his account hacked along with his mule but they were linked. Happend earlier this past week.
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-09-30 22:37:35  
Also a bit of evidence: According to this independent researcher: here

conducting a series of of tests over 4 months march-june 2012, with 2159 test cases per product, some free AV products (like avast) out performed paid products (like webroot/sophos) by as much as 8%.

But I just believe things willy-nilly without proof.
necroskull Necro Bump Detected! [30 days between previous and next post]
 Valefor.Hjui
Offline
サーバ: Valefor
Game: FFXI
user: Hjui
Posts: 34
By Valefor.Hjui 2012-10-30 18:17:58  
Well just experienced my first serious Trojan.

I cannot stress the strength of Trojan PSWOnlinegames-c enough. One fine day my PC is working alright when I crashed, thought nothing of it... logged back in ran a scan and found Trojan PSWOnlinegames-c twice on my HDD.

I was on Skype at the time, I do not know if this is relevant.

I researched PSWOnlinegames-c to be a password and sensitive information stealing virus with the ability to block off and/or prevent exe files from executing / functioning. I believe that this particular Trojan can also break in to files that store passwords.

PSWOnlinegames-c had disabled / broken the sfc /scannow command, my task manager, system restore and all other system tools functions.

The next thing I tried was a repair install which resulted in me experiencing the "blue screen of death".

I don't know all there is to know about viruses, but I know for sure that this virus did a lot of registry editing as many of my exe files returned error messages relating to DLL entry points being unable to be located.

Having to reformat my HDD and clean install everything. Sucks to have lost 400GB of data, but I hope I have gotten off lightly - will find out when I can log in.
 Bahamut.Kazius
Offline
サーバ: Bahamut
Game: FFXI
Posts: 87
By Bahamut.Kazius 2012-10-30 18:22:35  
That sounds like a barrel of fun. Hope your character is intact! Kinda obvious but make sure to change any important passwords and stuff as soon as possible etc
 Quetzalcoatl.Scwall
Offline
サーバ: Quetzalcoatl
Game: FFXI
user: Scwall
Posts: 101
By Quetzalcoatl.Scwall 2012-10-31 15:34:15  
Reformatting my machine now too.

I had 3 characters hacked. My main account on it's own SE ID and two mules sharing another SE ID.

It was pretty strange, though. I was able to reset my SE passwords using the email addresses I registered them with, then I was able to reset the POL passwords.

I also found it strange they deleted every character from all the accounts. Who knows what they took or dropped... I had to fill out a form for each one anyway. Later this week I guess I'll find out if it's able to be recovered or not.
 Asura.Slugman
Offline
サーバ: Asura
Game: FFXI
user: Sluggo
Posts: 426
By Asura.Slugman 2012-10-31 15:47:38  
Valefor.Hjui said: »

Having to reformat my HDD and clean install everything. Sucks to have lost 400GB of data, but I hope I have gotten off lightly - will find out when I can log in.


To address this - there are many live-cd distros of linux which will let you mount windows file systems so you can recover all of your pr0n, mp3s, movies, etc and burn them to a dvd or external hdd.
 Bismarck.Amphion
Offline
サーバ: Bismarck
Game: FFXI
user: Amphion
Posts: 27
By Bismarck.Amphion 2012-11-23 22:31:53  
Is it possible to get hacked on PC these days while using a security token?

Last time I played on PC was years ago before they had tokens. Of course I was hacked, rerolled and never touched the PC version again. All my game time was done on a 360.

Now I am considering of returning to playing on PC and I am curious what the situation is for people using tokens. Do they still get hacked? What are the chances?
 Lakshmi.Aelius
VIP
Offline
サーバ: Lakshmi
Game: FFXI
user: Aelius
By Lakshmi.Aelius 2012-11-23 22:35:51  
I've never heard a legit story of someone being hacked while with the token. Don't get me wrong here, I've heard stories of people "being hacked" while they claim to have the token but as their story progress, turns out that it wasn't true.
 Odin.Cindro
Offline
サーバ: Odin
Game: FFXI
user: Cindro
Posts: 66
By Odin.Cindro 2012-11-23 22:38:41  
Quetzalcoatl.Scwall said: »
Reformatting my machine now too.

I had 3 characters hacked. My main account on it's own SE ID and two mules sharing another SE ID.

It was pretty strange, though. I was able to reset my SE passwords using the email addresses I registered them with, then I was able to reset the POL passwords.

I also found it strange they deleted every character from all the accounts. Who knows what they took or dropped... I had to fill out a form for each one anyway. Later this week I guess I'll find out if it's able to be recovered or not.


This is happening more and more frequently. I can speak from experience as this exact same thing happened to me. And now I've been hearing reports of people with tokens being hacked as well. Not sure how much longer we'll be able to safely play this game without fear of losing the hard work we're investing- especially considering that SE requests a scan of your driver's license and a detailed form to restore deleted characters.

Edit: I have a token now, but like I said- no one is safe it seems.
By volkom 2012-11-23 22:46:26  
stop buying gil, browsing rmt sites, checking weird emails
[+]
 Odin.Cindro
Offline
サーバ: Odin
Game: FFXI
user: Cindro
Posts: 66
By Odin.Cindro 2012-11-23 22:59:13  
volkom said: »
stop buying gil, browsing rmt sites, checking weird emails

I've never done any of the above and was hacked regardless. This is not always the case... and in most cases it isn't. Plain and simple, there has been a rise in hacked accounts in the past 2 months.
[+]
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-11-23 23:03:59  
volkom said: »
stop buying gil, browsing rmt sites, checking weird emails
keep your software patched too.

Bismarck.Amphion said: »
Is it possible to get hacked on PC these days while using a security token?
Even if it isn't possible to lose your account with a token, you can still get malware on your system. You want to get that stuff off anyway.
 Sylph.Rafaras
Offline
サーバ: Sylph
Game: FFXI
user: Enitsu
Posts: 332
By Sylph.Rafaras 2012-12-06 10:15:25  
Odin.Cindro said: »
volkom said: »
stop buying gil, browsing rmt sites, checking weird emails

I've never done any of the above and was hacked regardless. This is not always the case... and in most cases it isn't. Plain and simple, there has been a rise in hacked accounts in the past 2 months.

This is very true.
 Bismarck.Angeleus
Offline
サーバ: Bismarck
Game: FFXI
user: Munky
Posts: 2614
By Bismarck.Angeleus 2012-12-06 10:39:36  
Be nice to others...
Offline
Posts: 856
By mattyc 2012-12-18 16:34:43  
just woke up today to message on my screen said that this character has been logged on, on a different terminal, i went through loops, had changed my POL and SE account, only to see where my mains and mules char saying "character" undergoing a restoral, but im pretty sure my relic/emp is gone along with my gil....this game is *** ridiculous and the security behind it is even moreso. unfuckingbelievable.
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-12-18 16:41:21  
It's locked using an account name and a password. If you visit an RMT site and get malware on your PC, there is absolutely nothing SE can do about that.

Buy a token, get noscript, stop RMTing; or better yet do all 3. Also stop using IE.
Offline
Posts: 856
By mattyc 2012-12-18 16:45:18  
dont have a token, will be purchasing one if i do get my char rolled back, NEVER BOUGHT GIL or even thought of it, and no-script runs 24/7 on every website.
 Cerberus.Eugene
Offline
サーバ: Cerberus
Game: FFXI
user: Eugene
Posts: 6999
By Cerberus.Eugene 2012-12-18 16:56:30  
Assuming your password isn't "password" or "qwerty" or something else obvious there is little chance of RMT guessing it. If it is it's your fault. The packets transferred between SE servers and you are encrypted, so the only way RMT can steal your info is by installing malware on your PC. RMT aren't cracking SE servers and getting info that way.

Maybe you picked up something somewhere, idk. I would get someone who knows how to handle infections to take a look at your PC. Only other possibility is someone you knew or gave info to guessed your account information.

I'm sorry you lost your account, but it's not SE's fault. Blaming them and not taking the proper precautions is only going to compromise your account again (either through the same vector or new vectors). Hope this helps and hope you get everything sorted out.
Offline
Posts: 856
By mattyc 2012-12-18 16:59:43  
nah, i know it's not SE's fault, just lame this kinda thing is still allowed to happen, it is obviously my fault for not having a security token. you live you learn.
 Shiva.Paulu
Offline
サーバ: Shiva
Game: FFXI
user: Paulu
Posts: 776
By Shiva.Paulu 2012-12-18 17:04:07  
Purely speculation but you didn't search around some shady websites looking for fixes for certain tools that broke this past update did you? You could have easily picked up some malware downloading things.
 Carbuncle.Anesthesia
Offline
サーバ: Carbuncle
Game: FFXI
user: analgesia
Posts: 845
By Carbuncle.Anesthesia 2012-12-18 17:06:04  
volkom said: »
stop buying gil, browsing rmt sites, checking weird emails


The idea that this is always how your account gets hacked is one of the worst, most persistent recurrent urban legends ever.

The vast majority of all account hackings: Player uses same password as game on less secure community site --> Community password database gets compromised --> Hackers try usernames/passwords on game ---> A significant portion of them work


Beyond that, you're one to talk.

http://www.ffxiah.com/forum/topic/12826/crap-i-deal-with-because-of-people-selling-account#752212

He deleted the OP out of embarrassment, but it's easy enough to get the idea.

Seriously, I don't know why everyone on the site doesn't post this thread whenever Volkom says anything, ever.
First Page 2 3 ... 11 12 13 14
Log in to post.