I just caught a hacker...

The reason why an anti-virus might pick up texmod is because its a 3rd party program that changes files. Try this with another game and get a trainer, your av might act the same way.

I would assume the hacker probably knows that if he starts taking items like z-keys, ectos, gold, or collector material etc... It is easier to trace by A-net rather then a random spawned gold from the z chest that the hacked account would have no record of in the first place. Just a guess

JET... the PM i sent you (I run NORTON as well) took three days to catch the trojan on my system. I ran numerous scans 2 full and at least 4 quick, I update daily my definitions

Yeah it really does just sound like some one messed with ya here ... i mean if some one was to take the time to hack and have time to pop a chest 50 times they would just as quickly have moved cash / ectos instead ..

Jet, you did well by PMing Regina. I hope they can figure out what happened and prevent it from happening again.

Because it allows me to be a jerk by entering "123456" X times each day to keep your account locked out indefinitely. (Note: This wouldn't be a problem if accounts tied to PlayNC could change their username. Just one more reason to NEVER tie your account to PlayNC if you can avoid it.)

Half the time it's going to be the hacker displacing the legitimate user, and half the time it's going to be the legitimate user displacing a hacker who logged in while the use was out.
But, what should be happening is that anet's system should be automatically logging whenever one user bumps another off an account and sending a notification to support to investigate it.

That's a good idea, and I have no idea why it still hasn't been implemented.

There is no excuse for this. There is also no excuse for permanently binding your username when you link to PlayNC.

It's encrypted, but pretty weakly. The GWLP team had no trouble breaking it. However, man-in-the-middle doesn't fit Jet's scenario, because he was already logged in for some time when his account was accessed. Unless the hacker had been waiting for Jet to log in, then just sat on the password for awhile instead of using it.

I very much doubt that. Moreover, your comments are defamatory. Unless you can back them up, you shouldn't go around saying things like that.


---

@ Haskell: I see you've crawled out from whatever rock you were hiding under to troll these forums again. I've got an idea: Instead of trolling this thread, why don't you head over to the technical forum and post that method of connecting GW to a VPN that you once claimed you had? I've seen at least two people ask for it since you crawled under that rock, and I'm sure they'd appreciate it a lot more than Jet appreciates you calling him an idiot.

I doubt a 'hacker' wants to stand around and sell keys in Temple of Balth, as they're not worth anything at the merchant as I recall. Easier to sell the crap that comes out of the chest to the merchant Which probably left no time for him to move the ectos. Doesn't sound like a very bright 'hacker' whichever way you look at it.

gee we seem to think that everyone who has been having problems WILL get visit a fansite and post about it....
LOTS of players have no idea what guru (or other fansites) is, and since this one is in english I bet there are tons of non-english players who have never heard of it and since they may not read/write english wont visit this site....

AND

who says that others were not hacked???? Only a few people have come forward, I am sure they are others who have no clue what do to if they get hacked or just give up and stop playing altogether.....

(and usually these threads have been deleted in the past---so why would you post if you know your thread is just going to get deleted?)

Hmm im a bit afraid, how do I prevent this notorious hack from hacking me?

Maybe so, but:

#1 It needed to be said. I wasn't the only one thinking it, just the one who isn't bothered by the forum kiddies, the self righteous and the general forum idiots.

#2 There is a very good chance it is this person, or someone associated with this person.

To get to the bottom of this, every angle has to be covered. If someone e-feelings get hurt, tough shit.

This just in on the official gw site:

Update - Tuesday May 13
Bug Fixes

* Fixed an exploit.

Kind of lacking in detail, don't you think? I'm thinking it perhaps has something to do with the problems discussed in this thread.

So... Who do you suspect?

¿¿

LOL, even I know the respuesta to that one, Señor and I don't know most of the regulars all that well.

ok whomever told you that from support needs to be fired or they misunderstood your question.

Everytime you change your password, you get an email telling you that your password has been changed AND the ip address from which the change was made. So the hacker has to change your email addres to something you dont know in order to change your password without you knowing.

What really should be done to upgrade security is something like these:

1) require ALL email address changes to be verified and the verification email sent to both the old and the new address...this would help notify you if someone sneaks into your plaync account and changes the email firrst. The REquired verification would be limited to a 5 minute experation..after the 5 minutes, the account would be locked and you would be required to contact support to get your account back

2) require that all password and email changes be made only AFTER a secret security question is answered

3) limit the number of times someone can enter an invalid password. After 3 attempts, the account cannot be accessed again till you verfiy your idenity via security question.

I have noticed that the majority of hte hacks reported seem to be after someone has been in PVP or AB. Sounds alot like a smart hacker group is lingering in the pvp areas and targeting those whom have elite armor or whom they notice frequent the pvp arenas. This would flag that player as someonen whom possibly has alot of goodies and keys. Now I am not sure how they would get your user name, but perhaps they have hacked into a fan site database or are just that good at snooping into someones computer ip.
a

anyhow just my 2 cents on what could help improve security

Okay guys, here's the response I got from Support when I filed my ticket (at Regina's request).

So, in short, it sounds like A-Net and NCSoft's offical stance on hackers is that they won't do an "official" investigation unless we file a police report and the police issue a subpoena. I'm not sure if the police would issue such a subpoena unless it can demonstrated that the individual was "distributing and propagating a keylogger, Trojan, or other computer virus."

In my situation, I'm not sure if I can do that, unless (as Painbringer suggested above) my antivirus program subsequently detects a keylogger, Trojan or some other sort of virus (which it hasn't thus far)...and I'm not sure if that was even the cause of this hacking attempt.

Interesting official response, to say the least.

Basically they said screw you, come back with evidence.

"Hi guys, our security sucks so you get hacked, but ofcourse, it's YOUR problem!"

PS: HI ANDREW

This has got to be the most idiotic response I've seen from a company. Any company that cares about its customers aren't going to tell them basically too bad you were hacked but don't ask us to waste our time with it. Their response was complete bullshit also since you don't need to contact the police they can themselves. My Ebay account was hacked, luckily I caught it it quickly and talked to customer support person. She said I didn't need to contact the police since they were doing this for me. She also refered me to a page that listed people who were convicted all over the globe hacking ebay accounts.

We should place bets on how umm...'quick' the police will act when one person reports having been hacked.

Police wouldn't do shit. It would be passed to the cyber division, who would in turn sweep it under the carpet.

it's gonna be hard for them to really do anything considering that the individual(s) is/are underage...mommy and daddy might catch hell, but junior will walk.

Looks like the hacker just pulled the same stunt on someone else, but took it a step further (i.e. actually bought keys with the guy's gold before using them).