"Account locked out" e-mail - GW Guru hacker?
TigerWolf
I have just had somebody try to infiltrate my account. They werent successful and where locked out. It gave me their ip. Who should I send these details to? (admin, mod)?
DarkFlame
So after a busy day, I come home and check my mail to find this in my inbox
Seeing as how my "last visited" time hasn't been reset(from over a day ago), I assume whoever was trying to log into my forum account didn't break my password. Just wondering if anybody else got this and if Inde(or another site admin) can tell if there's been a rash of such attempts lately.
Fyi, game account is untouched and a full system scan turns up nothing.
Quote:
|
from: Guild Wars Forums - GW Guru <[email protected]> to: ********** date: Sun, Jun 15, 2008 at 9:18 PM subject: Account on Guild Wars Forums - GW Guru locked out Dear DarkFlame, Your account on Guild Wars Forums - GW Guru has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes. The person trying to log into your account had the following IP address: *(not mine)* Don't forget that the password is case sensitive. Forgotten your password? Use the link below: ****** All the best, Guild Wars Forums - GW Guru |
Fyi, game account is untouched and a full system scan turns up nothing.
drago34
I got an email saying the following earlier:
"Dear drago34,
Your account on Guild Wars Forums - GW Guru has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.
The person trying to log into your account had the following IP address: 213.98.218.28
Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
http://www.guildwarsguru.com/forum/login.php?do=lostpw
All the best,
Guild Wars Forums - GW Guru"
Anyone else receive this or something similar? Is it just a case of someone using the wrong username... was just wondering.
"Dear drago34,
Your account on Guild Wars Forums - GW Guru has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.
The person trying to log into your account had the following IP address: 213.98.218.28
Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
http://www.guildwarsguru.com/forum/login.php?do=lostpw
All the best,
Guild Wars Forums - GW Guru"
Anyone else receive this or something similar? Is it just a case of someone using the wrong username... was just wondering.
tmakinen
At least 2 members of our guild have gotten the same message, with the same IP even, so there's a prospective hacker out there trying to brute force guru accounts.
Felixious
Guru Accounts mean jack shit if they're not premium ones, which most of us didn't bother paying for. ^_^
But sure, it's a problem that needs to be solved. Ban the IP? 213.98.218.28.
But sure, it's a problem that needs to be solved. Ban the IP? 213.98.218.28.
Iuris
Just check whether it's a legitimate mail from gwguru and not a phishing scam first... PM the admin, maybe?
Sleeper Service
thats...true felix, why would anyone bother -.- its not like creating a new account is hard. ugh.
edit, unless hes attacking only people with char names displayed in the hope of coming across one that uses the same pass ingame.
edit, unless hes attacking only people with char names displayed in the hope of coming across one that uses the same pass ingame.
Edgar The Crosseyed
They do mean something, because most players use the same data to login to guildwars as they do to login to guru. Thats what those guys are hoping for! So if they have your guru info they might also have luck that that is gw login as well
psygnosis
same here:
Hostname: 28.Red-213-98-218.dynamicIP.rima-tde.net
Internetprovider: Internet Access Network of TDE
State: Spain
Town: Barcelona
Region: Cataluna
IP-Adresse: 213.98.218.28
Hostname: 28.Red-213-98-218.dynamicIP.rima-tde.net
Internetprovider: Internet Access Network of TDE
State: Spain
Town: Barcelona
Region: Cataluna
IP-Adresse: 213.98.218.28
Sleeper Service
huh well i am curious about where this is gonna lead but.....this is mined ground so il will bow out now. good luck anyways.
GaaaaaH
RIPE Network Coordination Centre - whos doing it (from amsterdam, not california according to your profile)
how i did that: http://tools.whois.net/whoisbyip/ then entered the ip
how i did that: http://tools.whois.net/whoisbyip/ then entered the ip
Darkobra
Quote:
|
Originally Posted by GaaaaaH
RIPE Network Coordination Centre - whos doing it (from amsterdam, not california according to your profile)
how i did that: http://tools.whois.net/whoisbyip/ then entered the ip |
Turbobusa
http://www.ip-adress.com/whois/213.98.218.28
there is an abuse mailbox...
I suggest you report it there since it seems to leed to a provider
there is an abuse mailbox...
I suggest you report it there since it seems to leed to a provider
Mahanaxar
Quote:
|
Originally Posted by Edgar The Crosseyed
They do mean something, because most players use the same data to login to guildwars as they do to login to guru.
|
xPIMPx
Could just get a mod to check up the ip and see if its being used by another acount. Someone must have a grudge against you and trying to log onto your acount 
Cebe
Admin are aware and I'm pretty sure there have been some bannings going on.
I would take this opportunity to check your passwords and make sure they're as strong as possible.
I would take this opportunity to check your passwords and make sure they're as strong as possible.
I pwnd U
They must hold a lot of grudges then as others in this thread have admited to know people who have had the same IP try to get into their account.
Badenstein
I got it also.
Messy
Quote:
|
Originally Posted by Edgar The Crosseyed
They do mean something, because most players use the same data to login to guildwars as they do to login to guru. Thats what those guys are hoping for! So if they have your guru info they might also have luck that that is gw login as well
|
Spangly_boy
Delete email, giving attention will only encourage more scoundrels to try it
Dralspire
I banned the IP address in question last night, and I filed the necessary reports this morning. Obviously we will keep a close eye on things as the security of your user accounts is our top priority.
Stolen Souls
Be careful, guys.
It may just be a VERY bizaar coincidence, but...
I did not receive an email from this site. However, I checked my email to find that someone has unsuccessfully tried logging into my account at another large forum I visit. I use the same username there that I use here. Like I said it may just be a very big coincidence, but someone may be trying from other forums, as well. Unfortunately the other site's email does not give the IP info, so I can't even be sure it's the same person. However, this is the first time I have gotten an email like that, and seeing everyone post this here caused me to raise an eyebrow.
Make sure all your passwords are strong, and don't use the same password on GW.
It may just be a VERY bizaar coincidence, but...
I did not receive an email from this site. However, I checked my email to find that someone has unsuccessfully tried logging into my account at another large forum I visit. I use the same username there that I use here. Like I said it may just be a very big coincidence, but someone may be trying from other forums, as well. Unfortunately the other site's email does not give the IP info, so I can't even be sure it's the same person. However, this is the first time I have gotten an email like that, and seeing everyone post this here caused me to raise an eyebrow.
Make sure all your passwords are strong, and don't use the same password on GW.
Cronos Khan
Well glad that I wasn't the only one who got hacked by this person. Good to see he didn't do any damage at all. I know I haven't played in a while but even if he managed to do so, my GW acct is on another email, did that a loooong time ago. 
Lasareth
It's not hacking really, it's just someone being dumb and trying to log into accounts with bad passwords. IF it was hacking you probably would've been compromised already.
Thankfully vb has the lockout so people can't keep guessing forever.
Thankfully vb has the lockout so people can't keep guessing forever.
Inde
I'll post the form letter that was sent out to those who forwarded the email to me just as an FYI:
Quote:
| We would like to let you know that this was a bot that tried accessing your forum account. Other GuildWarsGuru.com forum members were affected as well. Your account was not compromised and the IP address used has been banned from our forums and server. |
draceena
Hi everyone, I'm not sure who to direct this to but I got the following email today:
Dear draceena, Your account on Guild Wars Forums - GW Guru has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes. The person trying to log into your account had the following IP address: *Edited IP* Don't forget that the password is case sensitive. Forgotten your password? Use the link below:*edited URL out* All the best,Guild Wars Forums - GW Guru
I know for sure this was not me trying to get onto my account here. I rarely post anymore and in fact I think the last time I posted was over 1 year ago!
I really think this might be a "fishing" attempt of some kind...someone trying to log into accounts here, hoping if they discover the password that they can them try to use it on game accounts hoping that the 2 passwords are the same (obviously, my password here and my game password aren't even similar).
But, I have been reading here about alot of people having their game accounts "hacked" and thought I should give everyone a "heads-up". If a Moderator at Guru wants the IP of the person who tried to log into my account, I will PM it to you.
Thanks for your time.
Dear draceena, Your account on Guild Wars Forums - GW Guru has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes. The person trying to log into your account had the following IP address: *Edited IP* Don't forget that the password is case sensitive. Forgotten your password? Use the link below:*edited URL out* All the best,Guild Wars Forums - GW Guru
I know for sure this was not me trying to get onto my account here. I rarely post anymore and in fact I think the last time I posted was over 1 year ago!
I really think this might be a "fishing" attempt of some kind...someone trying to log into accounts here, hoping if they discover the password that they can them try to use it on game accounts hoping that the 2 passwords are the same (obviously, my password here and my game password aren't even similar).
But, I have been reading here about alot of people having their game accounts "hacked" and thought I should give everyone a "heads-up". If a Moderator at Guru wants the IP of the person who tried to log into my account, I will PM it to you.
Thanks for your time.
dilan155
yes this has been happening to some more ppl. whats the point of hacking into a forum account anyway? what to flame a mortal enemy with someone else's account? now if it was say an admin/gm acccount you could ban ppl and that could be a potential problem
DarkFlame
Hmm, interesting. Of the folks that have responded here saying they were targeted by that bot, all of us have early '05 join dates.
Well anyway, thanks for the update on this and quick actions, Dral and Inde.
Well anyway, thanks for the update on this and quick actions, Dral and Inde.
psygnosis
true dat, coincedence? dont think so tbh xd
Kaos the Korruptor
Hello All.
I haven't posted on these forums in over 2 years as I have been busy playing WoW.
Now the reason I am posting here again is that the person that tryed hacking the GW-Guru accounts did successfully break my password here.
However my password on GW is different than the one on these forums.
But it was the same as My World Of Warcraft Account, hence the reason for my post. After 30 mins of recovering my account password from the GM's at WoW I was able to finally log into my account. To see that all 3 of my Level Toons stripped bare. the hacker had Disenchanted all my epics and sold the shards on the AH durring the course of the day while I was at work.
So people if you play other games besides GW you might want to check the integrity of those accounts as well.
I haven't posted on these forums in over 2 years as I have been busy playing WoW.
Now the reason I am posting here again is that the person that tryed hacking the GW-Guru accounts did successfully break my password here.
However my password on GW is different than the one on these forums.
But it was the same as My World Of Warcraft Account, hence the reason for my post. After 30 mins of recovering my account password from the GM's at WoW I was able to finally log into my account. To see that all 3 of my Level Toons stripped bare. the hacker had Disenchanted all my epics and sold the shards on the AH durring the course of the day while I was at work.
So people if you play other games besides GW you might want to check the integrity of those accounts as well.
Inde
I'm sorry, I seriously doubt this. Someone randomly guesses your GW Guru forum account password, goes to ANOTHER game and tries the password there and breaks in? They have to know your user log in name for WoW and your password. If your WoW accounts was broken in to I don't believe that our forum and your password here had anything to do with it. It was more likely that your password is weak it's a coincidence. Please read up on password security and how to test the strength of your passwords here: http://www.guildwarsguru.com/forum/s...php?t=10298453.
Lord Sojar
This would only be a danger if a mod's account were hacked. The mods have a discussion regarding this matter (about our password strength) to prevent any of our accounts from being brute forced, as that would prove disastrous (especially if it were a supermod or admin).
This is a good time to increase the strength of your own passwords. Make sure they are at least 8-9 characters in length, use varied characters (letters and numbers) and use capital letters as well as lower case numbers. Try not to use any full dictionary words in the password. You can use a word, but break it up using numbers, and vary the letters with CAPS. Passwords are your life, protect it just as you would yourself.
I second this doubt. Weak passwords are common. Most general PC users don't understand what a strong password really is. Hopefully, with some work, the Guru population will soon learn exactly what strong passwords are. 
This is a good time to increase the strength of your own passwords. Make sure they are at least 8-9 characters in length, use varied characters (letters and numbers) and use capital letters as well as lower case numbers. Try not to use any full dictionary words in the password. You can use a word, but break it up using numbers, and vary the letters with CAPS. Passwords are your life, protect it just as you would yourself.
Quote:
|
Originally Posted by Inde
I'm sorry, I seriously doubt this. Someone randomly guesses your GW Guru forum account password, goes to ANOTHER game and tries the password there and breaks in? They have to know your user log in name for WoW and your password. If your WoW accounts was broken in to I don't believe that our forum and your password here had anything to do with it. It was more likely that your password is weak it's a coincidence. Please read up on password security and how to test the strength of your passwords here: http://www.guildwarsguru.com/forum/s...php?t=10298453.
|
Darkobra
Quote:
|
Originally Posted by Kaos the Korruptor
Hello All.
I haven't posted on these forums in over 2 years as I have been busy playing WoW. Now the reason I am posting here again is that the person that tryed hacking the GW-Guru accounts did successfully break my password here. However my password on GW is different than the one on these forums. But it was the same as My World Of Warcraft Account, hence the reason for my post. After 30 mins of recovering my account password from the GM's at WoW I was able to finally log into my account. To see that all 3 of my Level Toons stripped bare. the hacker had Disenchanted all my epics and sold the shards on the AH durring the course of the day while I was at work. So people if you play other games besides GW you might want to check the integrity of those accounts as well. |
Now scan your computer for downloader.swif.c and delete that. It was implanted on the old version of Flash and it was what she claimed that took her WoW password from her.
Kaos the Korruptor
Quote:
|
Originally Posted by Darkobra
Happened to a friend of mine. She didn't take the warning to update her Adobe Flash to the newest.
Now scan your computer for downloader.swif.c and delete that. It was implanted on the old version of Flash and it was what she claimed that took her WoW password from her. |
Thank you very much for the info.