|
Took every precaution, still got Hacked!
サーバ: Asura
Game: FFXI
Posts: 34187
By Asura.Kingnobody 2013-11-19 09:38:59
Leviathan.Comeatmebro said: »If you keep your computer clean and don't post your password then you aren't getting hacked. [+]
Seriously. If you give anyone your password, that is just asking for trouble.
[+]
サーバ: Fenrir
Game: FFXI
Posts: 124
By Fenrir.Boomslang 2013-11-19 09:43:05
Just throw down for a new serial and start grinding. You could probably re-do a char and max out the gear in the 6 weeks it's going to take to get your char back.
By Spiraboo 2013-11-19 09:43:19
Quote: So yes, Very Careful People with Security Tokens are getting hacked! Beeelllllive iiitttt!
This is very suspicious. RSA tokens can't be hacked with any commonly available equipment, and even a professionally purpose-build system would still take a ridiculously long time. To deactivate your token they would need to first hack your email, but not just any email, the one you registered with SE.
Also RMT's don't hack accounts for gil, simply no profit in it. The people with the specific skill set required to do all that don't come cheap. Contrary to Hollywood movies, real life blackhat hackers aren't these dark basement swelling people with no job eating junkfood. Those skillsets are in very high demand and they can make a ridiculous amount of money selling them. It was players who were hacking each other and stealing / deleting accounts, doing it for vengeance over some slight or "for the lulz".
See the episode about BatTaj for a demonstration. And even then he wasn't that good of a hacker, he just found that some admins didn't secure their backend MySQL database and were using the default password. All he did was walk into the forum database and start browsing records looking for anyone who sent they're credentials to others in PM.
Personally I'm smelling BS troll. He quit the game and decided to pull a stunt to garner public sympathy. In a few weeks we'll hear him complain on how he couldn't get his characters back due to SE's customer support.
Actually not entirely true. Hacking a very well protected corporate network? yes. Hacking a personal computer of an average user doesn't need anything more than a script kiddy, or someone who can read a manual and buy a hacking toolkit off the black market.
Hacking a RSA token legitimately by brute forcing to crack the encryption will take a lot of time with super computer(s), but doing a man in the middle attack by intercepting your code and logging in using it within the time frame when it's valid is not hard.
having said that, with gil going for 2.99/M. It is probably not worth the RMT's time and they're much better off hacking the ffxiv players.
[+]
Ragnarok.Sekundes
サーバ: Ragnarok
Game: FFXI
Posts: 4189
By Ragnarok.Sekundes 2013-11-19 09:51:23
Relevant:
An exploit/malware would basically be the 5$ wrench.
But, it requires a door or window to get access. Which isn't terribly hard to come by. Just look at the number of java, flash, adobe reader, OS and browser updates. But if you keep your PC properly updated and use some form of adblock you'll be way more secure. Add on a script blocker like no script or not scripts and you're very unlikely to run in to anything. Though unlikely does not mean invulnerable.
Ragnarok.Afania
サーバ: Ragnarok
Game: FFXI
Posts: 2822
By Ragnarok.Afania 2013-11-19 09:57:23
Phoenix.Dramatica said: »Don't jump to conclusions so quickly, there was that thread with multiple people having their characters deleted. This is probably related somehow.
This, love all that "it must be your fault, you're doing something baddddd" reply under any got hacked tread.
Also RMT's don't hack accounts for gil, simply no profit in it. The people with the specific skill set required to do all that don't come cheap.
I heard stories about Chinese RMT companies make tons of money and hire specialists though, and do item duping/server hacking for gold in many MMO titles all the time. Saying RMT=no profit is false assumption, it's probably more profit than most players can imagine. Some ppl with specific skill probably just open their own RMT studio in China anyways.
Quote: So yes, Very Careful People with Security Tokens are getting hacked! Beeelllllive iiitttt!
This is very suspicious. RSA tokens can't be hacked with any commonly available equipment, and even a professionally purpose-build system would still take a ridiculously long time. To deactivate your token they would need to first hack your email, but not just any email, the one you registered with SE.
Also RMT's don't hack accounts for gil, simply no profit in it. The people with the specific skill set required to do all that don't come cheap. Contrary to Hollywood movies, real life blackhat hackers aren't these dark basement swelling people with no job eating junkfood. Those skillsets are in very high demand and they can make a ridiculous amount of money selling them. It was players who were hacking each other and stealing / deleting accounts, doing it for vengeance over some slight or "for the lulz".
See the episode about BatTaj for a demonstration. And even then he wasn't that good of a hacker, he just found that some admins didn't secure their backend MySQL database and were using the default password. All he did was walk into the forum database and start browsing records looking for anyone who sent they're credentials to others in PM.
Personally I'm smelling BS troll. He quit the game and decided to pull a stunt to garner public sympathy. In a few weeks we'll hear him complain on how he couldn't get his characters back due to SE's customer support.
Actually not entirely true. Hacking a very well protected corporate network? yes. Hacking a personal computer of an average user doesn't need anything more than a script kiddy, or someone who can read a manual and buy a hacking toolkit off the black market.
Hacking a RSA token legitimately by brute forcing to crack the encryption will take a lot of time with super computer(s), but doing a man in the middle attack by intercepting your code and logging in using it within the time frame when it's valid is not hard.
having said that, with gil going for 2.99/M. It is probably not worth the RMT's time and they're much better off hacking the ffxiv players.
Supply and demand, if ppl's selling it, that means there's profit period.
サーバ: Leviathan
Game: FFXI
Posts: 6052
By Leviathan.Comeatmebro 2013-11-19 10:09:26
Write basic keylogger: 2 hours
pick popular open source program: 5-30 minutes
combine: 10-30 minutes
deploy on a few locations: 1 hour
say you hit 15 accounts with an average of 20m in gil/fast moving sellables, and spend 30 minutes stripping each.. 7.5 hours.
you've just made 300m = $700 if you sell to a reseller
i don't think there are many people here who can call $700 in 12 hours with no commitment insignificant, and there have certainly been much larger attacks in xi's history(and prices have been higher)
the companies/people doing this ***aren't relying solely on xi for income, but it's still quite profitable
[+]
Cerberus.Robmelee
サーバ: Cerberus
Game: FFXI
Posts: 62
By Cerberus.Robmelee 2013-11-19 10:22:20
Personally I'm smelling BS troll. He quit the game and decided to pull a stunt to garner public sympathy. In a few weeks we'll hear him complain on how he couldn't get his characters back due to SE's customer support.
Umm... No!
Clearly you don't read, for if you did your intelligence would had stopped you from saying this, and if there is intelligence in that brain of yours, then no doubt you are here trolling now. As I said from the very beginning... I wrote this post ultimately for 1 Reason....
To inform people being careful to the best of there ability can still result to being hacked even with a registered security token, continue to be as careful as you know how and change passwords regularly if you are not doing so already. That has always been the gist of my post.
I don't troll on here, as you can see I rarely post here... considering I have been registered on the forms for almost 5 years with less than 100 posts, that is neither here or there. By the way if I don't get my characters back, it wouldn't be the end of the world. Of course I would like to have them back if I can.
To say Security Tokens can't be hacked by common means implies absolutely nothing! There is nothing common as you put it about hacking. Understanding computers beyond regular personal use is certainly above common, especially if it involves understanding system language that allows you to manipulate other systems for your gain/purposes. As you so eloquently said yourself anyone with the right skill set can hack anyone, whether they don't come cheap or not, or the motive is beneficial or not or for the lulz, it all matters not.
Nope! I didn't quit the game. I just took breaks like everyone else.
It seems to me that you are the troll, because frankly if I were you and had nothing of substance to add I would had moved on to the next post or did what others had done and offer a simple gesture of "Good Luck" and/or "Hope all works out" response.
This post was never about sympathy just a warning to others. Take it for what you will.
To everyone else that have been supportive and offered reasonable rebuttals and/or advice, I really appreciate it and extend my sincerest Thanks. It's nice to know from others experiences that way I know I'm not alone going through this and I still may have some hope yet.
Peace!
Cerberus.Robmelee
サーバ: Cerberus
Game: FFXI
Posts: 62
By Cerberus.Robmelee 2013-11-19 10:25:34
OP - have you by any chance, logged into the SE Account Management site recently, before you were hacked?
Well, about 2 weeks ago to add Crysta to pay for the month. Other than that not within a few days of being hacked.
By Afania 2013-11-19 10:25:49
Leviathan.Comeatmebro said: »Write basic keylogger: 2 hours
pick popular open source program: 5-30 minutes
combine: 10-30 minutes
deploy on a few locations: 1 hour
say you hit 15 accounts with an average of 20m in gil/fast moving sellables, and spend 30 minutes stripping each.. 7.5 hours.
you've just made 300m = $700 if you sell to a reseller
i don't think there are many people here who can call $700 in 12 hours with no commitment insignificant, and there have certainly been much larger attacks in xi's history(and prices have been higher)
the companies/people doing this ***aren't relying solely on xi for income, but it's still quite profitable
Some jobs make $700 a month in China, or maybe even less :) RMT is totally profitable lol.
Fenrir.Sylow
サーバ: Fenrir
Game: FFXI
Posts: 6862
By Fenrir.Sylow 2013-11-19 10:26:00
Ever wonder why hack threads always seem to pop up after updates? Broken third party tools + careless frantic google searches + what comeatmebro said.
It's very difficult to hack a *specific person* but you don't need to hack a specific person.
Garuda.Chanti
サーバ: Garuda
Game: FFXI
Posts: 11336
By Garuda.Chanti 2013-11-19 10:41:55
I wonder if any of the hacked security token users do NOT use windower.
By fonewear 2013-11-19 11:10:21
You can hack me any time honey bunny... just do it quickly.
Ragnarok.Sekundes
サーバ: Ragnarok
Game: FFXI
Posts: 4189
By Ragnarok.Sekundes 2013-11-19 11:39:27
I wonder if any of the hacked security token users do NOT use windower.
If you're using basic built in plugins and add-ons I don't think you'll have any or at least much of an increased risk as it's self updating but I personally don't know very many people who are windowless to act as a control group. And obviously I'm biased and don't know everything there is to know about how these exploits work but I think it'd be more likely if you use external 3rd pt tools that you'd have to go hunt down from possibly questionable sources.
Cerberus.Fthis
サーバ: Cerberus
Game: FFXI
Posts: 54
By Cerberus.Fthis 2013-11-19 13:03:36
Do hope all works out for you, best of luck and sorry that this happend to you, i know it sucks a ton.
[+]
サーバ: Phoenix
Game: FFXI
Posts: 1245
By Phoenix.Gaiarorshack 2013-11-19 14:32:27
"took every precaution."
only mentions absolute basic ***
Did you make sure to never use same password anywhere ? (PWDhash ?)
Use a strong enough password ? ... no i mean a STRONG password.
Did you enable NX bit on all software?
if you use Wifi did you make sure to use WPA2 with AES encryption only or did you leave tkip on for protability with consoles?
did you make sure to disable WPS on your wifi router?
do you run you windows in administrator account?
etc etc etc.
Generally people know a lot less about computer security than they think. most people dont even know the different between a virus, a worm and a trojan (thank you modern Dumb-it-Down media)
Anyway sorry for you loss im happy you at least got your stuff back.
Leviathan.Comeatmebro said: »Regardless of your computer knowledge, you can't just gain access to something without a vulnerability.
this is very true but you have to remember some of those vulnerability works fast.
my favorit example is the blaster worm that would infect you DURING installations of windows before you could ever install a antivirus software.
you just had to be connected to the internet and the couple of secs after you typed in you network info and got connected, a buffer overflow attack would injecet the worm, before you ever hit the desktop.
alos someone mentioend you cant hack a RSA token.
you have to realize alot of by passing encryptions does not go through the actually encryption/password algotitme itself.
alot of those hacsk works in flaws in the distribution protocol.
i dont remember what context rsa what brought up but if you are using none salted passworded to make rsa keys rainbow attacks works pretty fine.
basically there are alot to do with security. that even big companies like adobe forget to cover (none salted. 3DES single key encrypted passwordlist)
which is why im trying to educate my friends never to reuse password cause once you password leaves a vulnerable spot its open and most places you register with you emails.So somebody has you email and password. and cant start to have fun from there.
サーバ: Asura
Game: FFXI
Posts: 20
By Asura.Twillin 2013-11-26 13:42:12
Account roll backs are bullsheet!!! My account was hacked Oct 28th I called se the next day and got my passwords changed and backand in my hands. While I was still on the phone with them I logged in and told the rep my characters on 2 main accounts had been deleted along with all my mules. Thinking that because I was on the phone with the rep when I discovered all my charCters had been deleted that the rollback would be quick.... They are still investigating and will not give me a date while they continue to charge me saying tough ***if I call to check status...
Anyone found a way to beat se at this one sided rollback crap?
VIP
サーバ: Odin
Game: FFXI
Posts: 9534
By Odin.Jassik 2013-11-26 13:50:00
I found a keylogger on my computer that I picked up via a patch download. I found the same file tied to a handful of other FF related programs and add-ons that are mirrored all over the internet. So far I got one of the hosts to drop the file, and waiting for a reply from Pastebin about files they are hosting.
It looks like whoever is doing this is tacking the logger onto various MMO related files. I found it in an FFXIV fishing bot, 2 different POS tools for FFXI, a chest helper, and a bunch of add-ons for WoW. Whoever is doing it has definitely spread their stuff out. I'd recommend sticking to PoL for any update patches, windower for plugins/add-ons, and thoroughly cleaning your PC with malwarebytes or the like anytime you update or download anything new.
サーバ: Fenrir
Game: FFXI
Posts: 127
By Fenrir.Squintik 2013-11-26 13:59:43
That's an interesting point. How many people patch FFXI from outside sources? I only ever patch from PoL, and honestly never thought of downloading from elsewhere.
Cerberus.Robmelee
サーバ: Cerberus
Game: FFXI
Posts: 62
By Cerberus.Robmelee 2013-12-09 18:47:20
Here's an Update from my Original Post....
Characters Fully Restored! Glad that I'm back.
Thanks everyone that was polite and offered support.
Square Enix Recovery Time in my case was about 3 weeks and 1 day. Not Bad. Could had been far longer based off other's testimonies.
サーバ: Odin
Game: FFXI
Posts: 28
By Odin.Darkhelmet 2013-12-09 18:50:38
I also just got my character back today from a hacking, I got hacked on the 13th of November, so I was gone almost a month. Glad to see your character got restored as well.
Cerberus.Robmelee
サーバ: Cerberus
Game: FFXI
Posts: 62
By Cerberus.Robmelee 2013-12-09 18:53:18
I also just got my character back today from a hacking, I got hacked on the 13th of November, so I was gone almost a month. Glad to see your character got restored as well.
Thanks! Glad to hear you got restored as well. Its good to be back! =)
By Jetackuu 2013-12-09 20:21:54
lol the blaster worm, brings back memories...
you want to know how to not get hacked?
browse in a sandbox, or on another pc.
the bottom line is that you messed up somewhere, the majority of the people who own a PC don't belong near one.
Hell I do a dozen things every day that I know I shouldn't on a PC just because Windows isn't really made to operate on a security minded basis. I'm going to soon just run linux as main and game in sandboxes, I have the hardware to do so...
[+]
Phoenix.Draxxus
サーバ: Phoenix
Game: FFXI
Posts: 4
By Phoenix.Draxxus 2013-12-09 20:24:19
I figured I would chime in on this subject. I'm currently in the process off getting my account back. I got hacked at exactly 12:00 Saturday midnight, I started disconnecting and figured my connection was poor do to the stormy weather. So I wait about thirty minutes and try to log on to no avail. I try to log into square enix account management site ... And there it is "this account has already been canceled" So I had to wait until Monday morning to talk with anyone from SE so they tell me pretty much the same thing my square enix pass word and play online password was changed and character deleted. So just wanted to drop in and say whatever is "compromising" these accounts have been busy this weekend. So anyone that knows me I'll be back when I can. Once I get my "final fantasy xi game data recovery declaration" filled out and sent back to SE.
Welp, my Square Enix Account was cancelled, SE Security Token removed, both SE/POL passwords all changed, and my characters "Robmelee" (main) plus one mule were both deleted all occurring yesterday evening at about 9:30pm PST.
The Good News is my SE Account was reactivated and I was able to regain access back to the SE Account, so far all they were able to tell is that my characters were merely deleted and no one has access to them at this time. That much the SE Support Team was willing to confirm to me.
The Bad New is I now have to do a rollback (Character Recovery), which I can only utilize "1" time per account and it can take 2-6+ weeks with absolutely no guarantee I can get my characters back.
All I can say is WOW! Douchebags still out there trying to hack accounts and make money off a dying game that's practically finished (maximum one year shelf life left- being generous!) I mean seriously, what else can SE do at this point? More Item Level Weapons and new Item Level areas??? This game is done. Its too funny! Really it is. Its seems to be all about FFXIV now-a-days.
I write this to give folks warning that people getting hacked is still happening its very real and everyone should continue to take every precaution to be secure. Keep the Anti-Virus and Anti-Spam programs up-to-date and change passwords regularly.
Just so you all know for the almost six years I have been playing I have never once shared my account information with anyone and I have had a Square Enix Security Token since there release.
For the longest, I always thought people getting hacked is just folks not being careful, I was wrong! I have been paranoidly crazy careful, kept Anti-Virus and Anti-Spam software up to date and I only played on PC about 30% of the time. All other times I was on Xbox 360.
So yes, Very Careful People with Security Tokens are getting hacked! Beeelllllive iiitttt!
Hope to see you all online in 6 weeks, if SE gives me my characters back. Be Secure! Be Safe! Peace!
TL-DR Version:
Got Hacked, Everything Got Changed, Got Account Back, Discovered Characters Got Deleted, doing Roll-Back, SE says no guarantees I can get my characters back. Saying all this to remind everyone Getting Hacked is very Real even if you are careful. Be secure! Be Safe! Peace!
|
|