Hacked

Chris_H · Nov 19, 2009

l.Onslaught.l said:
well we all have a keylogger on our GW
I installed Kaspersky 30 Trail (was told its the best in the market at the moe) it even picked up the Trojans on my Flash drive that AVG couldn't. But noticed two warnings from GW. So I was freaking out when i saw Keylogging with my GW. So asked 4 other friends with GW to download Kaspersky and run the test ~ all of them have it.
My question is then:
Does some one just need to get ahold of that keylogging to see my detials?
or how does a Keylogging program work?

Proof:
http://img134.imageshack.us/img134/6425/keyloggergw.jpg

These antivirus programs detects algorithms in software and if it looks suspicious it will let you know. I worte a program that has a function sending e-mail to clients and personal on a scheduled event, antivirus programs detects it as a mass mailer worm

lilDeath · Nov 19, 2009

Chris_H said:
These antivirus programs detects algorithms in software and if it looks suspicious it will let you know. I worte a program that has a function sending e-mail to clients and personal on a scheduled event, antivirus programs detects it as a mass mailer worm

Yes, and to add to this... some AV's pick up certain legit apps as keyloggers or to have a bad reputation, like AutoIT (in Onslaught's screenshot) - which is actually a very legit and very cool scripting tool.

Also, do not forget that keylogging in itself is not bad, as it has its uses and some companies even use it to run on employees desktops, especially in a shared-pc environment.

It is what keylogging can be used for when in the wrong hands, that's what is giving it a bad rep.

l.Onslaught.l · Nov 20, 2009

lilDeath said:
Yes, and to add to this... some AV's pick up certain legit apps as keyloggers or to have a bad reputation, like AutoIT (in Onslaught's screenshot) - which is actually a very legit and very cool scripting tool.

Also, do not forget that keylogging in itself is not bad, as it has its uses and some companies even use it to run on employees desktops, especially in a shared-pc environment.

It is what keylogging can be used for when in the wrong hands, that's what is giving it a bad rep.

See now i can understand why keylogger is there and can also understand that if in the wrong hands it will cause issues.

thanks for shedding some light on that

Claymore · Nov 21, 2009

lilDeath said:
NCsoft site could have been hacked, but I doubt it and they will be liable to communicate it. I am also still fine.
However, NCSoft did manage to perma ban players a few weeks ago due to fraudelent credit card purchases, which were actually legit (their systems picked it up as fraudulent). They reversed the bans as people logged support tickets.

My wife's NCSoft account was hacked, and the Guildwars password reset on her NCSoft account.

NCSoft did absolutely nothing to help apart from reset the password; not even a damn apology, never mind restoring the account. My wife will probably never play again, and without her, most of the rest of the guild will likely fade away too.

Claymore · Nov 23, 2009

I understand that NCSoft has never restored anyone's account after they were hacked. If anyone knows different (by personal experience), please let me know.

It seems it was definitely the NCSoft account that was hacked, and it sounds like an inside job (or leaked data). My wife's Guildwars characters do not have the same name as the NCSoft account (there's no connection there), she had not logged into the NCSoft account in months, and she didn't use the NCSoft account name on any of the Guildwars forums.

So unless people are hacking random characters, someone had access to the data that could link her character to her NCSoft account name...

lilDeath · Jan 1, 2010

A lot of NCSoft / GW / Aion accounts have been hacked in the last few months.
The common link in the hackings is the NCSoft account, which you link all your Game accounts to.

It is very easy to do some social engineering on the NCSoft site and then find a username, especially if they are common usernames. Even more so are the passwords.
What seems to have happened is that the NCSoft site were essentially 'brute-forced' by bots to farm accounts and once they have legitimate accounts they can just try different passwords to login.
Obviously this is terrible design and implementations by NCSoft.

Players would be stuffed if they had a) simple passwords and b) used the same passwords all over the place and c) even more screwed if they used the same account name all over the place.

ANet introduced what they call a Security Question into the GW game-client, a week or so ago (granted it is too late for a lot of people), in order to try and prevent any further hackings, since they have no control over what happens at NCSoft.

RJMadCat · Jan 29, 2010

Claymore said:
I understand that NCSoft has never restored anyone's account after they were hacked. If anyone knows different (by personal experience), please let me know.

It seems it was definitely the NCSoft account that was hacked, and it sounds like an inside job (or leaked data). My wife's Guildwars characters do not have the same name as the NCSoft account (there's no connection there), she had not logged into the NCSoft account in months, and she didn't use the NCSoft account name on any of the Guildwars forums.

So unless people are hacking random characters, someone had access to the data that could link her character to her NCSoft account name...

As much as i would love to try all these new games that are free... i cant help but think to myself, this is why i pay for a game each month, because if i get hacked i get every thing back. i feel for you man, if my WoW ccount got hacked and blizzard told me sorry cant help you i would sue. its painfull to loose what u worked so hard to get.

Claymore · Jan 29, 2010

RJMadCat said:
As much as i would love to try all these new games that are free... i cant help but think to myself, this is why i pay for a game each month, because if i get hacked i get every thing back. i feel for you man, if my WoW ccount got hacked and blizzard told me sorry cant help you i would sue. its painfull to loose what u worked so hard to get.

You've got that right.

Devill · Feb 1, 2010

lilDeath said:
A lot of NCSoft / GW / Aion accounts have been hacked in the last few months.
The common link in the hackings is the NCSoft account, which you link all your Game accounts to.

It is very easy to do some social engineering on the NCSoft site and then find a username, especially if they are common usernames. Even more so are the passwords.
What seems to have happened is that the NCSoft site were essentially 'brute-forced' by bots to farm accounts and once they have legitimate accounts they can just try different passwords to login.
Obviously this is terrible design and implementations by NCSoft.

Players would be stuffed if they had a) simple passwords and b) used the same passwords all over the place and c) even more screwed if they used the same account name all over the place.

ANet introduced what they call a Security Question into the GW game-client, a week or so ago (granted it is too late for a lot of people), in order to try and prevent any further hackings, since they have no control over what happens at NCSoft.

Glad I don't have an NCSoft account

Think I would only really be pissed off if my char was deleted.... All the time spent on doing some of those titles / missions / elite areas

snobee · Feb 6, 2010

RJMadCat said:
As much as i would love to try all these new games that are free... i cant help but think to myself, this is why i pay for a game each month, because if i get hacked i get every thing back. i feel for you man, if my WoW ccount got hacked and blizzard told me sorry cant help you i would sue. its painfull to loose what u worked so hard to get.

@RJMadCat: Could you or someone answer this? How does Blizzard treat gold bot farmers, etc, in WoW?

shadowfox · Feb 12, 2010

RJMadCat said:
As much as i would love to try all these new games that are free... i cant help but think to myself, this is why i pay for a game each month, because if i get hacked i get every thing back. i feel for you man, if my WoW ccount got hacked and blizzard told me sorry cant help you i would sue. its painfull to loose what u worked so hard to get.

Paying's got nothing to do with it ... from what I hear plenty of WoW accounts have been hacked in the past, and the phenomenon repeats itself on Aion, and every other MMO I've heard about paid or not. Gold sellers do it because its easy money, and there are always idiots who want their money/items/xp the easy way. And you wouldn't be able to sue - the onus would be on you to prove that you haven't been irresponsible with your account in some way - and I would love to see someone do that.

Another way people get hold of GW data - or any other MMO for that matter - is by hacking into forums/fansite/any other site to do with the game - where people have accounts. These are by definition nowhere near as secure as the game or account servers - those sites have a lot of data - player names, character names, e-mail addresses, sometimes even the same passwords - and all of it can be used. If its just the same e-mail address, that can be enough - all the hackers need to do is run the e-mail past their password checkers. Those programs can rip through an entire dictionary in a matter of seconds - so just using random words are nowhere near enough. Even using foreign languages won't help you anymore.

GW password protection has one weakness - in that it doesn't accept special characters. So you're limited when you create passwords - but you can still protect yourself. Use combinations of words, mispellings, numbers and letters, mixup your capitals if you were thinking of using something like appletart (just an example) - make your password something like aPp13TArT.

Its a pain in the arse, but it works most times - even if you think you're secure because your system is clean - this is hardly the only avenue of access. Securing your PC means you've only done 10% of the job right. (Random number, but 98% of all stats are made up on the spot

)

None of my accounts have been hacked in the 2 years I've played GW, or the last 7 months I've played Aion. Saying that NCSoft's servers have been hacked just doesn't hold any water for me.

Claymore · Feb 12, 2010

shadowfox said:
None of my accounts have been hacked in the 2 years I've played GW, or the last 7 months I've played Aion. Saying that NCSoft's servers have been hacked just doesn't hold any water for me.

My account's never been hacked either.

My wife's was, though. And her GW logon and password is different from any accounts she uses on forums, etc. The *only* place there is a link is in her NCSoft account. So either someone was freakishly lucky at guessing her GW logon and password, or her NCSoft account was hacked.

Keeper · Feb 12, 2010

lilDeath said:
Yes, and to add to this... some AV's pick up certain legit apps as keyloggers or to have a bad reputation, like AutoIT (in Onslaught's screenshot) - which is actually a very legit and very cool scripting tool.

Yeah, tell me about it - same with MMB Scripting - people code viruses with it and then my apps get tagged

Join the MyBroadband community

Get started

Hacked

Chris_H

Expert Member

lilDeath

Executive Member

l.Onslaught.l

Active Member

Claymore

Executive Member

Claymore

Executive Member

lilDeath

Executive Member

RJMadCat

Well-Known Member

Claymore

Executive Member

Devill

Damned

snobee

Expert Member

shadowfox

Senior Member

Claymore

Executive Member

Keeper

Honorary Master