WTF? another hacked account?
Sniper22
Funny how it seems only the rich people are getting hacked... dunno how this would keep happening though. You sure you guys don't have any keyloggers hidden on your computer?
Lord Xivor
There is one other way that is so obvious, yet no one ever wants to think of it.
How many of you use the same email and password for GW as you use on websites such as this one? Or gw.incgamers, etc? There are tons of these sites. All it takes is one corrupt admin to think a bit deviously, access the database, and go to town on the account. I know this, because I have seen it done in other games. You would be surprised the kind of people that are around.
NOTE: I am not accusing GWGuru admins of anything. I am merely giving an example. There are hundreds of sites out there...it can be anything from a community site to a guild/alliance website. The point is...use different log on information.
How many of you use the same email and password for GW as you use on websites such as this one? Or gw.incgamers, etc? There are tons of these sites. All it takes is one corrupt admin to think a bit deviously, access the database, and go to town on the account. I know this, because I have seen it done in other games. You would be surprised the kind of people that are around.
NOTE: I am not accusing GWGuru admins of anything. I am merely giving an example. There are hundreds of sites out there...it can be anything from a community site to a guild/alliance website. The point is...use different log on information.
Inde
Lord Xivor, you don't know how this forum software works. There is no way for an admin on GWGuru or GWO to decrypt the passwords as it's a one way encryption in vbulletin. We don't have access to any passwords. I don't know about other sites and their forum software.
Lord Xivor
As I said, I was not pointing a finger at GWGuru. I was giving one very valid explanation. And for your information, I DO know how this forum software works, and have used it before. I am a web developer myself. And with enough effort, any encryption can be decrypted. There are even online tools to decrypt md5 hashes straight off of a website. The question is...who would actually go through that kind of trouble for a silly game. Well, I doubt anyone would. However, other sites may not have as secure of software as you use here, but I am thinking more of the smaller community sites, not the big ones.
Rayzor
Lord,
Fortunately the site doesn't use generic MD5 encryption, since it relies on both MD5 with salt. The likelihood of that being decrypted is so remote that it can be used for one way encryption of passwords with little concern for it being compromised. All passwords are stored in a unreadable format and are not even decrypt during login. It is far more likely that a person with ill intent has compromised the passwords through use of a logger etc.
That being said, can someone modify a forum to store an unencrypted password? Yes, but it is most likely a smaller lesser known site. I can assure everyone that their data is well encrypted on Guru and is not being used for hacking accounts. (My qualifications for saying this, I use to develop ICBM Software)
Finally you should NEVER use the same password for a forum that you use for any type of account you want to keep secure such as bank accounts etc.
Rayzor
Fortunately the site doesn't use generic MD5 encryption, since it relies on both MD5 with salt. The likelihood of that being decrypted is so remote that it can be used for one way encryption of passwords with little concern for it being compromised. All passwords are stored in a unreadable format and are not even decrypt during login. It is far more likely that a person with ill intent has compromised the passwords through use of a logger etc.
That being said, can someone modify a forum to store an unencrypted password? Yes, but it is most likely a smaller lesser known site. I can assure everyone that their data is well encrypted on Guru and is not being used for hacking accounts. (My qualifications for saying this, I use to develop ICBM Software)
Finally you should NEVER use the same password for a forum that you use for any type of account you want to keep secure such as bank accounts etc.
Rayzor
Lord Xivor
And you are absolutely correct, in reference to maybe this website. But can you say the same for other websites that run off of PhPBB, SMF, Joomla, PhPNuke, etc, etc, etc? I myself administrate a website running off of SMF/Joomla, and trust me...I know the security flaws it has, and I worked my butt off to make it secure, which partially comes from just regularly updated with the new patches and such. But for example, if someone in my guild ticked me off and left, it would take me about 45 seconds to figure out that persons password and should it be the same email/password for the site as it is for his account, then I would be able to do as I please.
Does this mean I would? Absolutely not. I have much higher standards than that. Does this mean someone else can do it? Absolutely. Someone with the right knowhow (really, intermediate web/database development knowledge). Any wannabe web developer that uses a packaged open source application that has set up a website for his guild/alliance/community really can do this.
I was never referring to someone from the outside accessing the information, nor was I referring to an admin with "mod" status. I was referring to admins with access to things like phpmyadmin, etc. A site admin.
NOTE: Again, I am not saying THIS IS THE CAUSE. I am giving just one option, and really, my point is not to argue the security of this site. My point is to inform the community to be very careful of the login credentials they use. It is always good to have different passwords for each website you use.
Does this mean I would? Absolutely not. I have much higher standards than that. Does this mean someone else can do it? Absolutely. Someone with the right knowhow (really, intermediate web/database development knowledge). Any wannabe web developer that uses a packaged open source application that has set up a website for his guild/alliance/community really can do this.
I was never referring to someone from the outside accessing the information, nor was I referring to an admin with "mod" status. I was referring to admins with access to things like phpmyadmin, etc. A site admin.
NOTE: Again, I am not saying THIS IS THE CAUSE. I am giving just one option, and really, my point is not to argue the security of this site. My point is to inform the community to be very careful of the login credentials they use. It is always good to have different passwords for each website you use.
Inde
Yes, I know what you were referring to Lord. I can assure you, with even all that aside, I can't tell you how many people send me their keys, their passwords, and everything else under the sun asking for help with some minor problem on GW. Thinking I am support or can send their information to the correct people. Quite frankly, I wouldn't even need to waste effort on such a thing with how people give out their information so freely without prompting to me. It's just not something that crosses my mind though. No matter how corruptable someone may think I can be. 
I really do hope that maybe ArenaNet can shed some light on all this, that maybe they can tell us what happened to so many accounts and why they were compromised if that data is available to them. Tell us how many accounts were affected, make changing passwords easier for the players to protect themselves. That one person was able to gain access to so many different accounts in such a short time period is concerning and I do hope that they will open up about how it did happen.
I really do hope that maybe ArenaNet can shed some light on all this, that maybe they can tell us what happened to so many accounts and why they were compromised if that data is available to them. Tell us how many accounts were affected, make changing passwords easier for the players to protect themselves. That one person was able to gain access to so many different accounts in such a short time period is concerning and I do hope that they will open up about how it did happen.
Lord Xivor
Haha, I can imagine, Inde. Being such a large community as this, I am sure it is readily assumed by many new or younger players that you and the other admins just HAVE to have direct access to the Guild Wars Gods or something.
But yeah, I have been following these posts on the forums, because frankly, it concerns me. Every game has its idiots, but this is something that is happening from outside the game...beyond what you see in the Guild Wars screen. That bothers me.
But yeah, I have been following these posts on the forums, because frankly, it concerns me. Every game has its idiots, but this is something that is happening from outside the game...beyond what you see in the Guild Wars screen. That bothers me.
TheRaven
Inde, I know exactly what you mean. I work in the IT department at my company and you wouldn't believe how dumb some people can be. I'll send an e-mail to someone asking them to describe the issue they are having with the software and they'll response with:
Thx for your help!!!! Each time I access this field the screen goes funky and <blah blah blah blah blah>. My user name is <usrname> and password is <password>. My network user name is the same and the password there is <password>. My e-mail is <email> and my SSN is <ssn>. If you need to verify any of that my mother's maiden name is <name>.
Oh, and I really want to change my GW password too as soon as I can figure out how to navigate thru NCsoft's hoops. Especially since I'm registered on Lord Xivor's forum.
(Although, my forum password is not the same as GW!, whew!)
Thx for your help!!!! Each time I access this field the screen goes funky and <blah blah blah blah blah>. My user name is <usrname> and password is <password>. My network user name is the same and the password there is <password>. My e-mail is <email> and my SSN is <ssn>. If you need to verify any of that my mother's maiden name is <name>.
Oh, and I really want to change my GW password too as soon as I can figure out how to navigate thru NCsoft's hoops. Especially since I'm registered on Lord Xivor's forum.
(Although, my forum password is not the same as GW!, whew!)
Age
Quote:
|
Originally Posted by Inde
Ummm... because we happen to be the largest GW site out there??? It's not a conspiracy Age, it's just where people go to post. I'm pretty sure that if we were to tally up all the "I got hacked" posts out there across all the GW fansites that we'd probably have the majority of them. I also really doubt you can read French, German, Spanish, Chinese, Danish, Dutch, Finnish, Italian, Russian, etc. etc. to know if it wasn't posted on any other GW fansite.
It might be helpful, though I don't think anet would do this, to tell us how many accounts were affected, the method they believe they were compromised by, or if they can indeed find out this information at all. |
To Lord Xivor.The same applies to PhPBB and PhPBB Fully Modded which is what we use over at Star Trek Gamers as all password are encrypted and I as an Admin don't have access to them.
How many of you are playing on other PCs not your own as I only play on my own PC?For instance Internet Caffees.
Red Sonya
This is why I've always wanted an official forum and not these unofficial sites. Even a well known site for EQ was eventually found out to be keylogging/hacking EQ accounts. You just can't trust individuals no matter how nice in wolves clothing they appear. They can tell you all kinds of security measures they use, but, does that mean it's so?
Fril Estelin
Quote:
|
Originally Posted by TheRaven
Iyou wouldn't believe how dumb some people can be.
|
I'm NOT saying that people are fine the way they behave or trying to find excuses for some people that are really dumb. I've been working enough in security to know that the problem is more complex that people believe. I can even tell you that the "big stories" (like company/state spying/hacking) are very much like the "small ones" (normal people hacked), they use the same "social engineering" tricks that EVERYONE can fall into, even you, me or Inde (except she's going to be extra-carefull due to her responsibility).
The day people stop being "intellectually lazy" by putting all security problems into the "you're dumb" bag, and start thinking "maybe I should try to help rather than blame", we'lll have made collectively a giant step, one that technology itself can't do. Individually, a lot of people are doing great, collectively we're failing like kids, because of a various reasons (here I'm blaming a bit everyone and noone at the same time). Hackers have huge established networks, they share (i.e. sell) a lot, and they've got in front of them a crowd of people divided into the few that understand the problem and the others that fail prey of the hacker's tricks.
Anyway, just my 2 cents, feel free to join me on this thread.
farahmir sanz
Wow, I had no idea that there were so many hacked accounts out there lately. A friend of mines just had his account hacked into a few days ago and had missing black dyes, money, and runes taken from his storage.
I'll point him to this thread. :\
I'll point him to this thread. :\
Regina Buenaobra
The folks at Support, including Gaile Gray, have been looking into this problem over the past several days. It is a priority problem. All hacked account reports are being reviewed for more information. In all, 16 player accounts were affected as of May 1.
Right now, it is believed that someone was using two accounts to hack other players' accounts. Those accounts have been banned. If there are more accounts involved, they will also be banned. It is suspected that they are using a key logger or a fake website to obtain account information.
If you believe you have been hacked, please contact support immediately and open a ticket. It will help them figure out how widespread this is by cross referencing data, and will help them in their investigation.
As others in this thread have advised, please safeguard your account information. Don't fall for tricks such as people asking you to input your account name and password into their website.
Right now, it is believed that someone was using two accounts to hack other players' accounts. Those accounts have been banned. If there are more accounts involved, they will also be banned. It is suspected that they are using a key logger or a fake website to obtain account information.
If you believe you have been hacked, please contact support immediately and open a ticket. It will help them figure out how widespread this is by cross referencing data, and will help them in their investigation.
As others in this thread have advised, please safeguard your account information. Don't fall for tricks such as people asking you to input your account name and password into their website.
makosi
Can any of the victims list the GW related websites or message boards that they have signed up to then? That might help indicate which website (if that is in fact the method of hacking) is abusing people's information.
The Arching Healer
Someone hacked me aswell, well on Guild Wars fansites. And he pmd me in Guild Wars sending me inlog names + passwords from other people (yes from the game itself). Offcourse I didnt use the info etc and ignored him. I think he hacked me aswell but I kept changing my password 3 times a day for ~4 days. Good for me no money / ecto's etc were missing . Good to hear the accounts are banned.
. Good to hear the accounts are banned.
Witchblade
How do you know if nothing is missing?
Chthon
Well, since it seems that the PlayNC site has a vulnerability that makes phishing attacks ridiculously easy, I have to ask: Did any of the hacked people follow a link from somewhere to the PlayNC site, and then log in?
Sir Pandra Pierva
that could be it.
could someone be doing that with people following the link inside of guildwars itself?
or it could probolly just be a key logger adress thingie.
could someone be doing that with people following the link inside of guildwars itself?
or it could probolly just be a key logger adress thingie.
SurareVaera
The only way someone could have gotten my email is from the Team Quitter Forums - though my email has since been changed. Honestly, a few people on QQ forums have bragged about being able to get the account info of well known players from those forums. http://www.teamquitter.com/phpBB2/vi...=asc&star t=0
However, a topic addressing hacked accounts hasn't come up on QQ, so I don't know how much merit those (joke) claims have.
Another possibility is this site of course, but I don't think the email is public and Inde has vouched for the security here. Then again, there was a thread http://www.guildwarsguru.com/forum/s...php?t=10283360 indicating some ads here on guru may contain viruses and/or keyloggers.
No keyloggers appeared on a virus scan or spybot search & destroy. I don't suspect any type of phishing related to plaync, since my access to plaync occured by clicking the "reset password" link on the login screen to the guild wars client. Also, the reason I only lost ectos and shards, and not my entire account is because my account was tied to plaync due to purchases from the online store. While there may have been doubts about plaync's security in the past, I don't think it's the case in this particular instance.
As an earlier poster demonstrated, it may be possible to remotely access saved passwords on your computer. http://guildwarsguru.com/forum/showp...&postcount=100
If that was the case, then lesson learned; I've turned off that feature on Firefox and made stronger passwords for everything i could think of. If I could change my username for Guild Wars I would, but that's impossible (I think) with a plaync linked account. Losing 300k in ecto's and shards is annoying but not particuarly damaging in the grand scheme of identity theft.
However, a topic addressing hacked accounts hasn't come up on QQ, so I don't know how much merit those (joke) claims have.
Another possibility is this site of course, but I don't think the email is public and Inde has vouched for the security here. Then again, there was a thread http://www.guildwarsguru.com/forum/s...php?t=10283360 indicating some ads here on guru may contain viruses and/or keyloggers.
No keyloggers appeared on a virus scan or spybot search & destroy. I don't suspect any type of phishing related to plaync, since my access to plaync occured by clicking the "reset password" link on the login screen to the guild wars client. Also, the reason I only lost ectos and shards, and not my entire account is because my account was tied to plaync due to purchases from the online store. While there may have been doubts about plaync's security in the past, I don't think it's the case in this particular instance.
As an earlier poster demonstrated, it may be possible to remotely access saved passwords on your computer. http://guildwarsguru.com/forum/showp...&postcount=100
If that was the case, then lesson learned; I've turned off that feature on Firefox and made stronger passwords for everything i could think of. If I could change my username for Guild Wars I would, but that's impossible (I think) with a plaync linked account. Losing 300k in ecto's and shards is annoying but not particuarly damaging in the grand scheme of identity theft.
Scarlett Romanov
Quote:
|
Originally Posted by Regina Buenaobra
Right now, it is believed that someone was using two accounts to hack other players' accounts. Those accounts have been banned. If there are more accounts involved, they will also be banned. It is suspected that they are using a key logger or a fake website to obtain account information. |
I was one of the folks who was hacked recently. I reported it to support and posted about it here.There are no keyloggers, viruses, spyware, etc. (scanned many times with different programs) on my computer and I'm not dumb enough to go to some fake GW website and enter my account information. Everything on my computer is up-to-date as well.
Now if I can be of any service in helping figure out why it happened, please let me know and I'll divulge whatever information you or support needs. I hope that you will keep us updated on this situation.
Additionally, since some people were wondering. My ign is only located on this forum, guild wars guru auctions and Guild Wars Incgamers. My email address was only publically available on GWGA.
Aussie Boy
Quote:
|
Regina Buenaobra "As others in this thread have advised, please safeguard your account information." |
I wished we could change that the Email as well as the password.
as right now you can only cover yourself %50 by keep changing the password but thats only what 12 chars ? not very secure
it should be 20 for more security IMO.
I know you can change the password through the PlayNC master one if your in that but
unable to change the Email as well really bites.
Specially those of us playing for a few years.
moose_rider
I hope you realize there is millions of possibilities with 12 characters. 12 is fine.
Stockholm
Quote:
|
Originally Posted by Scarlett Romanov
I like how you all assume that we're all incompetent and incapable of managing our own Guild Wars accounts.
My email address was only publically available on GWGA. |
well managed
cosyfiep
Quote:
|
Originally Posted by Aussie Boy
I would be more happier if we could change the Email on the GW login Screen.
I wished we could change that the Email as well as the password. as right now you can only cover yourself %50 by keep changing the password but thats only what 12 chars ? not very secure it should be 20 for more security IMO. I know you can change the password through the PlayNC master one if your in that but unable to change the Email as well really bites. Specially those of us playing for a few years. |
People move, people change email addresses....people get married, divorced, married...move to other states/countries etc....there SHOULD be a way to change more than just your password!
Fates
Quote:
|
Originally Posted by cosyfiep
blah blah blah....there SHOULD be a way to change more than just your password!
|
Shakti
Quote:
|
Originally Posted by Fates Monk
You can change the email address, and it's fairly easily. You just need to do it with both email addresses active.
|
cosyfiep
yes my 2nd to last dsl went chapter 13---closed down and NO WAY to access the old email....and my last dsl provider cut off my email before they cut off my dsl!!!
so go blah blah blah yourself fats monk.
so go blah blah blah yourself fats monk.
Necro Quink
Someone cleaned out my storage when i just had over 100k in storage. From that day on i changed my passwords, email adresses, bought a secondary account to put my valuable things on that account. So now all my weapons/ecto's/obsi shards/gold are spread out over these 2 accounts.
I hope they can find these ppl who hack into other ppl's accounts and just ban them. It's just lame you have to hack accounts just to have gold /ecto/...
I hope they can find these ppl who hack into other ppl's accounts and just ban them. It's just lame you have to hack accounts just to have gold /ecto/...
Hajimesaitou
Everything seemed fine friday when i was playing, went home for mothers day weekend and after i got back and logged on i find 1.350k in my storage as opposed to the 350 something k i had. It is weird because i never goto any bull crap sites or dl anything that would give some punk access to my account. i dont care that much as it is just a game but is still kinda pisses me off since all those hours of play are just wasted on some prick.
TideSwayer
Anyone of you affected recently sign up for the Xunlai Tournament House (via guildwars.com)? Just throwing this out there, but I know the signup does ask for your account email address (among other things). If someone wanted to find out your super-secret account email address (that you keep away from forums and other internet things), setting up a copycat site like the Xunlai Tourney signup page would be an easy way to get it.
Anyone hacked recently 1) sign up for the Xunlai Tourney House recently, and 2) go to the page from a random site link instead of surfing to it from guildwars.com itself? In the case of 2), you might have been redirected to a copycat phishing site instead of sending you to the real guildwars.com signup.
No idea if this is relevant, but I might as well throw it out there in case it helps.
Anyone hacked recently 1) sign up for the Xunlai Tourney House recently, and 2) go to the page from a random site link instead of surfing to it from guildwars.com itself? In the case of 2), you might have been redirected to a copycat phishing site instead of sending you to the real guildwars.com signup.
No idea if this is relevant, but I might as well throw it out there in case it helps.
BuD
I did not recently sign up at the xunlai house. Ive had an account at the house for 4 or 5 months. A guildie of mine got hacked 2 days before me, so I went to PlayNC to change my password. For some reason my account at PlayNC was not tied to my game account even though I had made purchases in the online store, so I couldnt change my PW right away & I didnt have all the info they needed to link my account, so I was on a scavanger hunt looking for cd keys (we just moved everything was buried in storage).
I got hacked before I could find my info & get my PW changed. My PW is changed now & everything has been fine since then.
I really think there was/is an exploit at one of the fansite forums, or PlayNC them selves. I have 2 other accounts that were not touched that I access on a daily basis. I scanned the hell out of my system and found no threats. The only 3rd party program I use is KSMOD, he is trustworthy, I have known him from back in the UT2Kx days. So all this leads me to think it was not a keylogger, rather an exploit somewhere on a website.
I got hacked before I could find my info & get my PW changed. My PW is changed now & everything has been fine since then.
I really think there was/is an exploit at one of the fansite forums, or PlayNC them selves. I have 2 other accounts that were not touched that I access on a daily basis. I scanned the hell out of my system and found no threats. The only 3rd party program I use is KSMOD, he is trustworthy, I have known him from back in the UT2Kx days. So all this leads me to think it was not a keylogger, rather an exploit somewhere on a website.
agamemnon II
well my account was recently hacked, i was watching it being done but there was nothing i could do about it, my account had somehow been linked to plaync, i have been trying to change my password since it happened, but to do that i have to add guild wars to my plync account, which i cannot do as it just says "invalid serial number" 
. and until i can change my password there is no use me doing anything on my account as it will just get hacked and hacked, then hacked some more.
i changed my password a few weeks prior to this with no problems, but it got linked to plaync, now i can't do it. the hackers must have linked me to plaync, as they probably know that changing your password through that is unbelievable hard (well for me anyway).
they took EVERYTHING from my account, 11 prestige armors, 1 being obsi, my customized tormented scythe (this makes no sense to me as they cannot sell it) clockwork scythe, ectos/shards/dyes....oh wait they didn't take everything i still have a ruby djinn polymock peice.
. and until i can change my password there is no use me doing anything on my account as it will just get hacked and hacked, then hacked some more.i changed my password a few weeks prior to this with no problems, but it got linked to plaync, now i can't do it. the hackers must have linked me to plaync, as they probably know that changing your password through that is unbelievable hard (well for me anyway).
they took EVERYTHING from my account, 11 prestige armors, 1 being obsi, my customized tormented scythe (this makes no sense to me as they cannot sell it) clockwork scythe, ectos/shards/dyes....oh wait they didn't take everything i still have a ruby djinn polymock peice
makosi
Sounds almost like a personal vendetta because they took your customized scythe. Made any enemies lately?
Sorry to hear about the loss of your goods.
Sorry to hear about the loss of your goods.
??? L??wLi????????? ???
I have a plaync account too and I really dont know how to change my password and neither do a few of my friends that have a plaync account. When I go on there it says I have to put in my code from my guild wars box, I do and it doesnt work :S So I cant change my pw..idk its sucks, sorry for your hacking problems.
Gen Saver
same problems with plaync here 
cataphract
The only problem I had with PlayNC was the answer to my secret question.
One thing that bothers me about it is inability to change GW email address.
One thing that bothers me about it is inability to change GW email address.
Smile Like Umean It
You don't make an account or need to input your GW serial key as they auto-make your PlayNC account and link it to your GW account.
All I had to do was go to the PlayNC website -> Account -> Manage and then type in your username (the email used for your GW account which, more than likely the entire thing isn't going to fit so you just put in as much of the first part as you can) and then the password you use on GW.
Once logged in change both passwords. Do not use the same password for both.
All I had to do was go to the PlayNC website -> Account -> Manage and then type in your username (the email used for your GW account which, more than likely the entire thing isn't going to fit so you just put in as much of the first part as you can) and then the password you use on GW.
Once logged in change both passwords. Do not use the same password for both.