Account Hackings - The Source

Phibes

Pre-Searing Cadet

Join Date: Jan 2010

02 Jan 2010 at 12:09 - 361
Quote:
Originally Posted by Riot Narita View Post
Require old password, before allowing you to set a new GW password.
This is VERY welcome. It was an obvious feature that should have been there from the start, it was conspicuous by its absence. But at least we finally have it.

People randomly accessing master accounts no longer get the keys to the (GW) kingdom.

I feel much safer now, but I hope that there is more to come.

I feel safer about the game account.

However, you still do not need to enter a current password to change the NCMA password. Which means if someone manages to randomly land in your account via logging in through their own they can still see all your personal profile information.

It only asks for a current password if you have forgotten it, and do a password reset (I got my husband to check this, as he had forgotten his) - then you have to enter the temporary reset password (which expires immediately) to change it to a new one.

So I will be filling my profile with dummy info until NCSoft sort out whatever the heck is going on with these seemingly random erroneous logins.

DragonRogue

DragonRogue

Lion's Arch Merchant

Join Date: May 2007

Seattle, WA USA

Demon Dawg Knights

E/Me

02 Jan 2010 at 12:30 - 362
Quote:
Originally Posted by Turbo Ginsu View Post
Unfortunately, due to the way liability laws work, a public apology is an admission of guilt, and something you'll almost never get from a Corp. Transparency, honesty and down to earth decency is generally something u only get with private operators...
Sadly this is true. However, sadder still is that if something isnt acknowledged and rectified to everyones satisfaction, no one will waste their money or time on their products again. Few will have their faith restored in the security of their games.

Improvavel

Desert Nomad

Join Date: Apr 2007

02 Jan 2010 at 12:37 - 363
Quote:
Originally Posted by fenix View Post
2) Every single thread ended up with trolling and flaming about internet security - which now clearly has no affect on whether you get hacked or not.
So are you saying and everyone in this thread saying that all of the accounts hacked were so because NCsoft master account?

I've a few NCsoft master accounts and I'vent been hacked.

And there are people that have been hacked without having a NCsoft account.

It is much easier to just get the information off some poorly protected PC or some careless user than hacking an average secure website.

That extra layer of security implemented, by requesting current password is nice, but sincerely I felt secure before and still feel secure.

Turbo Ginsu

Turbo Ginsu

I despise facebook

Join Date: Feb 2008

Australia

Meeting of the Lost Minds

Me/

02 Jan 2010 at 12:43 - 364
Quote:
Originally Posted by Improvavel View Post
So are you saying and everyone in this thread saying that all of the accounts hacked were so because NCsoft master account?

I've a few NCsoft master accounts and I'vent been hacked.

And there are people that have been hacked without having a NCsoft account.

It is much easier to just get the information off some poorly protected PC or some careless user than hacking an average secure website.

That extra layer of security implemented, by requesting current password is nice, but sincerely I felt secure before and still feel secure.
Thing is, no-one is saying that so much as pointing out the glaringly obvious. i.e. If there wasn't a problem, then today's action on the part of aNet and ncsoft would have been unneeded, and therefore would not have happened.

Actions speak louder than words, and in this case, their action says it all.

Nereyda Shoaal

Nereyda Shoaal

Frost Gate Guardian

Join Date: Jul 2006

Deldrimor Warcamp

Mo/W

02 Jan 2010 at 13:12 - 365
Quote:
Originally Posted by Regina Buenaobra View Post
(...) If you try to change your password on the NCsoft web site now, you will notice one of these changes: you will be required to input the old password to change it to a new one
A basic (BASIC) security option added to the website after how many years?
I generally believe ANet care about what they do (whether community agrees or not it's a different story) but NCSoft is an absolute joke
The bigger company the smaller axe falls on people responsible for the mess. Or... not trying to prevent the mess I should say

I'm not pissed about the money I spent purchasing GW because it's not a fortune
I'm pissed about the time I invested in the game. And apparently... time IS money. My investment has been compromised because someone is not doing his/hers job properly. You were employed to be web developer so be a web developer
Unless NCSoft were trying to be smart and employed someone who has no experience but they gave him the job because he/she wanted much less money than an experienced one. In the last few years that person has been sitting with Java/PHP/SQL books on his/her laps whilst writing code for the website
Based on this and real life situations I'm coming to a conclusion 1kg of a competent person is worth more than 1kg of gold

Anyway,
ANet - thumbs up
NCSoft - thumbs down

Riot Narita

Desert Nomad

Join Date: Apr 2007

02 Jan 2010 at 13:52 - 366
Quote:
Originally Posted by Improvavel View Post
So are you saying and everyone in this thread saying that all of the accounts hacked were so because NCsoft master account?
It's not a case of "all hacks have a single cause". There will always be idiots who give away their account info, RMT, or get keyloggers etc. That's their fault.

But as pointed out in thread, there are OTHER ways to lose your account that AREN'T your own fault... and until recently there was nothing you could do about it.

Quote:
Originally Posted by Improvavel View Post
I've a few NCsoft master accounts and I'vent been hacked.
And if I've been smoking for the last 30 years without dying of cancer, does that mean smoking poses no health risk?

No, it just means we were both lucky

Quote:
Originally Posted by Improvavel View Post
And there are people that have been hacked without having a NCsoft account.
Like I said there is more than one way to lose your account.

Quote:
Originally Posted by Improvavel View Post
It is much easier to just get the information off some poorly protected PC or some careless user than hacking an average secure website.
Actually, no it isn't. Because NCsoft is not an "average secure website". It is well below average, "secure" should not appear in any description of it.

What could be easier, than getting an NCsoft master account of your own, and then have a bot that just keeps logging into it? Until it glitches you into somebody else's account?

Quote:
Originally Posted by Improvavel View Post
sincerely I felt secure before
That is without question, a very dumb thing to say after all that's been posted in this thread. I don't mean that as a personal insult, I mean it's literally a crazy attitude.

Did you actually read what the NCsoft vulnerabilities are? Did you not understand them? Furthermore, most of the vulnerabilities are still there as far as we know - but now with a band-aid stuck on it. You said you have master accounts... I suggest you take out any personal information, credit card details etc from them ASAP. Because that information is not secure.

dr love

dr love

...is in denial

Join Date: Sep 2006

Hyperion

starcraft 2

P/Me

02 Jan 2010 at 14:00 - 367
thanks erys, regina and gaile. i'm glad action was taken swiftly. i feel safe playing again

Erys Vasburg

[Domination Henchman]

Join Date: Feb 2007

Echovald Forest

House Vasburg

Me/

02 Jan 2010 at 14:02 - 368
It seems there was a small amount of drama in the past few hours?
Quote:
Originally Posted by Lonesamurai View Post
I now want to know what information the Guru mods want from Regina and others that they don't already have
I'm sorry, but if you'd please take some time to read the thread, you'd know what is wanted.

shump

Ascalonian Squire

Join Date: Nov 2007

02 Jan 2010 at 14:03 - 369
It's nice to see anet say they are investigating.

It pisses me off that aion players and the game developers knew about it and surely told ncsoft and nothing happen like wth it took 2 ncsoft games having the problem for them to pay any attention to it.

Quote:
Originally Posted by DOCB22 View Post
We should all get a $25 GW store credit..
I would prefer 2.5 million gold to cover the lost of all the stuff I lost when I got hacked.

Lucci_Slevin

Frost Gate Guardian

Join Date: Nov 2008

Liars Cheats and Thieves

02 Jan 2010 at 14:05 - 370
I think this one is a false alarm. I decided to do some sleuthing after a concerned friend brought this up in vent.

I read that 8 page thread over on the the Aion boards.

The whole thing.

The only person that said they had that issue with the "NCSoft Master account" was the OP (AKA: Allah). Every single other person was having a different issue related to the Aion website. The info on this site can not be used to steal an account as others mentioned.

When several people asked him to clarify, he did not respond.

That was posted on 12/17/09, it is now 1/2/10. Allah has not gone missing. He has posted 143 times since then, none of those posts had anything to do with the incident(I checked). He is a extremely active poster, yet he did not respond to any of the people asking him to elaborate in that thread.

I think he just misspoke and is too embarrassed to correct it now that this thing has blown up so big.











----------------------------------------------------------------

Quote:
Originally Posted by zwei2stein View Post
A forum.

username AND email to try to log against? check
password to try? check
character name? you bet!
I am with you. I still think this is the main culprit. I checked securityfocus.com for vbulletin hacks and there were 5 discovered in the passed few months. Including one discovered on 12/31/009 which has not been patched yet. The second one on the list. Link. I hope there is someone here well versed in IT who can look that over to tell us if it is a possible culprit.

I remember a few months ago both major fan sites got flagged by google as attack sites not too far apart(Can not remember the exact dates). I wonder how that got resolved and if there was a correlation with these hacks. Even if that attempt was not successful, it showed that someone was targeting the forums.
--------------------------------------------------------------

I have been following this story since early November. A couple of my guildies were among the first victims(one of them quit ).

Here is a compendium of my posts on the issue.1,2,3,4

I know it is going to be a while before we figure out exactly what happened. But in the meantime, humor me folks and use a unique password for GW.

Enko

Forge Runner

Join Date: Jun 2006

VA

Mo/

02 Jan 2010 at 14:09 - 371
Quote:
Originally Posted by Lucci_Slevin View Post
I think this one is a false alarm. I decided to do some sleuthing after a concerned friend brought this up in vent.

I read that 8 page thread over on the the Aion boards.

The whole thing.

The only person that said they had that issue with the "NCSoft Master account" was the OP (AKA: Allah). Every single other person was having a different issue related to the Aion website. The info on this site can not be used to steal an account as others mentioned.

When several people asked him to clarify, he did not respond.

That was posted on 12/17/09, it is now 1/2/10. Allah has not gone missing. He has posted 143 times since then, none of those posts had anything to do with the incident(I checked). He is a extremely active poster, yet he did not respond to any of the people asking him to elaborate in that thread.

I think he just misspoke and is to embarrassed to correct it now that this thing has blown up so big.
There were a few people in this thread that said they were able to get into other people's master accounts. Not sure how reliable they are but even without that, the ncsoft master accounts still had some glaring security holes in it, one which now has a band aid on it.

Turbo Ginsu

Turbo Ginsu

I despise facebook

Join Date: Feb 2008

Australia

Meeting of the Lost Minds

Me/

02 Jan 2010 at 14:16 - 372
Quote:
Originally Posted by Lucci_Slevin View Post
I think this one is a false alarm. I decided to do some sleuthing after a concerned friend brought this up in vent.
IMHO, a false alarm does not trigger instant action from both companies concerned, unless there is a real danger. Obviously, given the flurry of action at aNet alone, there is more than just a false alarm here, and you would have to be wearing blinkers and hiding under a rock encased in concrete in a cave on Mars to not see that.

As I said before, actions speak louder than words.

JR

JR

Re:tired

Join Date: Nov 2005

W/

02 Jan 2010 at 14:19 - 373
Quote:
Originally Posted by Lucci_Slevin View Post
I am with you. I still think this is the main culprit. I checked securityfocus.com for vbulletin hacks and there were 5 discovered in the passed few months. Including one discovered on 12/31/009 which has not been patched yet. The second one on the list. Link. I hope there is someone here well versed in IT who can look that over to tell us if it is a possible culprit.

I remember a few months ago both major fan sites got flagged by google as attack sites not too far apart(Can not remember the exact dates). I wonder how that got resolved and if there was a correlation with these hacks. Even if that attempt was not successful, it showed that someone was targeting the forums.
I can't speak for other fansites, but I can say with certainty that Guru has never been compromised in any way that would put account information at risk. We have comprehensive security measures in place, and would know if anyone had tried or managed to penetrate any of them.

Meridon

Meridon

Lion's Arch Merchant

Join Date: Dec 2008

Funny Business Inc [FBI]

02 Jan 2010 at 14:28 - 374
Right, I'm going to pop in here, even though it's page 19.

First of all, @ Erys Vasburg: Thanks for going public with this. Also, thanks to any of the forum moderators you quoted. You took a big risk by going public with this, as now all the information on NCSoft's security is out on the street. However, you are now forcing Anet/NCsoft to respond, which Anet has done so far, and hopefully NCSoft will do too. The real danger here, however, is that NCSoft's response is pulling the plug on GW1 and Anet's Live team.

@ Inde: Thanks for the reassuring words. I have been reading through the thread (well, only the posts from the people that matter), and your words are far more comforting than Regina's so far.

@ the Moderation Team: While I understand some of you may be frustrated that fansites and their security (in other words, Guru, in other words, you guys) received the initial blame, please don't turn hostile towards Anet. Yes, they have screwed up multiple times. However, as some posters already mentioned, the best way to get something done about situation, is probably for Guru to work with Anet and all the other NCSoft game communities out there, to show the corporate executives there that we are all together in this.

Finally, some questions on behalf of my own concern.

1. With the NCMA no longer being secure, is it a wise idea to log in now, in order to delete any possible Support tickets it may still hold? This of course for them to not show my character name.

2. How can we, the Guru community, and the GW community as a whole, now work with Anet in the best possible way to make sure something is done about this by NCSoft? This is a question that also goes out to Anet's employees reading this. What's the next step for us to take Anet?

Improvavel

Desert Nomad

Join Date: Apr 2007

02 Jan 2010 at 15:02 - 375
Quote:
Originally Posted by Turbo Ginsu View Post
IMHO, a false alarm does not trigger instant action from both companies concerned, unless there is a real danger. Obviously, given the flurry of action at aNet alone, there is more than just a false alarm here, and you would have to be wearing blinkers and hiding under a rock encased in concrete in a cave on Mars to not see that.

As I said before, actions speak louder than words.
Wrong.

It is a question of cost/benefit - this thread is bad publicity.

A small fix like asking the current password only prevents random joe user of being able to hack the account. Grabbing the account email information allows hacker then to try to brute force passwords/character names.

It is a lot easier when you have half the information or even 1/3 of the information.

This question, real or unreal is bad publicity. Doing something, specially something so simple and so inexpensive, tells the world they are doing something, giving them good publicity.

If situation described on this thread is real, a not too complex script that would automatically log in and a few PCs could get hundred of thousands of accounts details in a matter of hours.

I don't have the data, but I doubt that there has been hundreds of thousand hacked NCsoft accounts.

gone

Guest

Join Date: Jan 2007

02 Jan 2010 at 15:03 - 376
Quote:
Originally Posted by JR View Post
I can't speak for other fansites, but I can say with certainty that Guru has never been compromised in any way that would put account information at risk. We have comprehensive security measures in place, and would know if anyone had tried or managed to penetrate any of them.
THIS IS JUST AN EXAMPLE IN NO WAY AM I SAYING THEIR SITE WAS HACKED OR TARGETED
I can't begin to tell you how much info was/is probably harvested right from the guild recruitment section(s). yes, this site(GURU) may have good security, why go after, and try to compromise it? There are plenty of other sites(with info), easy sites, to target. it's just a matter of finding them. Look at this site(GURU) as a one stop shop for tons of data, leading to OTHER, smaller, less secure sites. So yes the GURU has it's rear-end covered but why work hard, when you can hardly work. I don't even have to log in to view those sections that give info(all of guru)....So, right there is one of GURU's largest security flaws..every tom, dick and harry can view tons of data, without even being a member...

over time, I've found links to sites, from this site, that google can't find...if you can believe that.

I can't remember which thread I posted in (the guild recruitment section) and I think I even asked for the post to be deleted after read by moderation, but I do remember posting "this is a hacker's delight"
/Edit
http://www.guildwarsguru.com/forum/d...t10418991.html

Quote:
If you are interested in joining [DL], please go to our forum and open up a new thread in the New Recruits Application section. Start your thread with the title of "Your In Game Name Application". Copy and paste the questionnaire below. Screenshots are helpful to your application and very much appreciated. Please answer all the questions with as much detail as possible. Your effort into making your application would reflect the outcome of our decision.


IGN:

1.How much time have you spent playing GW? How old is your account /age and which Campaigns do you own?(Screen Shot of your /age in game is a bonus and will help with your application)

----Answer--->


2.How often do you play and during what time/days? What is your timezone?


----Answer--->


3.Which professions do you have and which campaigns have they completed?
Please include rank of titles like Lightbringer, Sunspear, EoTN Titles, and Luxon/Kurzick rank.

----Answer--->


4.How did you hear about DL? Through a friend/forum?


----Answer--->


5.Why do you want to join DL? What do you want to get out of DL and what can you bring to DL?


----Answer--->


6.Have you done any of the elite PvE Areas(DoA/UW/FoW/HM Dungeons/Urgoz/Deep)? If yes please state what role you played as in those areas.


----Answer--->


7.What other guilds have you been in? For how long and your reason for leaving.


----Answer--->


8.What maxed titles do you have and which ones make you proud the most?(You are not required to have any maxed titles or Screen Shots of your maxed titles but having them is a bonus and will help your application)


----Answer--->


9. Tell us something about yourself.


----Answer--->


Please use this guideline to complete the application. Any additional information is appreciated. DL Officers and members will be reviewing your application. During the voting process DL officers and members will be leaving comments on your application stating why they do or don't like the application. Any negative comment is not to be taken as an insult or to put your appliaction down but as an honest opinion of an officer or a member of DL and maybe as an advice on how to improve yourself as a GW player and at the same time your application. If you are here for speed clears a trial run will be requested. If you are new to speed clears please be honest with your appliaction. Here in DL we understand that we all had to start from somewhere and will gladly help you learn if you are willing to put in the work.
That is a pretty good Blueprint....
THIS IS JUST AN EXAMPLE IN NO WAY AM I SAYING THEIR SITE WAS HACKED OR TARGETED

Goddess Of Defense

Goddess Of Defense

Lion's Arch Merchant

Join Date: Feb 2009

United States

One Thirty Three Seven [????????????]

P/W

02 Jan 2010 at 15:15 - 377
Quote:
Originally Posted by flubber View Post
THIS IS JUST AN EXAMPLE IN NO WAY AM I SAYING THEIR SITE WAS HACKED OR TARGETED
I can't begin to tell you how much info was/is probably harvested right from the guild recruitment section(s). yes, this site(GURU) may have good security, why go after, and try to compromise it? There are plenty of other sites(with info), easy sites, to target. it's just a matter of finding them. Look at this site(GURU) as a one stop shop for tons of data, leading to OTHER, smaller, less secure sites. So yes the GURU has it's rear-end covered but why work hard, when you can hardly work. I don't even have to log in to view those sections that give info(all of guru)....So, right there is one of GURU's largest security flaws..every tom, dick and harry can view tons of data, without even being a member...

over time, I've found links to sites, from this site, that google can't find...if you can believe that.

I can't remember which thread I posted in (the guild recruitment section) and I think I even asked for the post to be deleted after read by moderation, but I do remember posting "this is a hacker's delight"
/Edit
http://www.guildwarsguru.com/forum/d...t10418991.html



That is a pretty good Blueprint....
THIS IS JUST AN EXAMPLE IN NO WAY AM I SAYING THEIR SITE WAS HACKED OR TARGETED
I agree, recon and social engineering are more likely the cause of people losing their accounts. I mean seriously there are easily manipulated people out there that put out a lot of information that make them large targets. Some sections would be better off blocked from guests, although that doesn't get rid of the problem 100% it still puts another roadblock in the lurkers path.

Improvavel

Desert Nomad

Join Date: Apr 2007

02 Jan 2010 at 15:18 - 378
Quote:
Originally Posted by Riot Narita View Post
It's not a case of "all hacks have a single cause". There will always be idiots who give away their account info, RMT, or get keyloggers etc. That's their fault.

But as pointed out in thread, there are OTHER ways to lose your account that AREN'T your own fault... and until recently there was nothing you could do about it.
Until someone can provide hard numbers on how many accounts have been hacked this is mere speculation.

If someone can hack into NCsoft database, THEY WILL HAVE ALL OF THOSE ACCOUNTS, not just some.


Quote:
And if I've been smoking for the last 30 years without dying of cancer, does that mean smoking poses no health risk?
No, it just means we were both lucky
Genetics - every human being is different. Some can smoke 30 cigarettes per day and will never have cancer. Same way milk is considered a very good nutritional source and a decent percentage of the human beings have problems digesting it, or how some people are immune to certain diseases.



Quote:
Like I said there is more than one way to lose your account.
This thread gives the impression that the only way or the biggest way of getting hacked is due to the ncsoft site.


Quote:
Actually, no it isn't. Because NCsoft is not an "average secure website". It is well below average, "secure" should not appear in any description of it.

What could be easier, than getting an NCsoft master account of your own, and then have a bot that just keeps logging into it? Until it glitches you into somebody else's account?
So why don't we see mass reports of people with NCsoft accounts getting hacked?

Why do half the accounts being hacked aren't linked to a NCsoft master account? What is the proportion of accounts linked to NCMA to those not linked.


Quote:
That is without question, a very dumb thing to say after all that's been posted in this thread. I don't mean that as a personal insult, I mean it's literally a crazy attitude.

Did you actually read what the NCsoft vulnerabilities are? Did you not understand them? Furthermore, most of the vulnerabilities are still there as far as we know - but now with a band-aid stuck on it. You said you have master accounts... I suggest you take out any personal information, credit card details etc from them ASAP. Because that information is not secure.
Are you able to reproduce that bug? Did you create a script that tried to log in thousands of times in a NCMA and got into someone else account?

Do you have data on how many accounts were hacked? How many of those accounts had suffered password changes?

We had like the op and 1 other person claiming in this thread to have got inside someone else NCsoft account.

We have hundreds/thousands of users in these forums. Many logged into their NCsoft accounts afterwards to check their info. If 1 user just got into 1 after 60 logs, even if ppl only logged once or twice, shouldn't we have this thread flooded by people claiming to get into someone else account by now?

Or simply people claiming to have been hacked in the few last hours?

As you say, a simple script to load in the account, change password and print screen, run by a dozen or so PCs, could get hundreds of thousands accounts data.

If that is true we are all RED ENGINE GORED ENGINE GORED ENGINE GORED ENGINE GOed, so where are the all RED ENGINE GORED ENGINE GORED ENGINE GORED ENGINE GOed people? Where are all the new posters to this forum asking for help? Or around the internet?

Not saying there aren't any vulnerabilities but people just love mass hysteria and stories about the end of the world.

Lonesamurai

Lonesamurai

Furnace Stoker

Join Date: Apr 2006

Cheltenham, Glos, UK

Wolf Pack Samurai [WPS]

R/A

02 Jan 2010 at 15:24 - 379
Right, lets back up a little here as multiple issues seem to be confusing things... the point of this thread is to discuss the NCSoft Master Account issue ONLY...

Yes there are standard security issues and even vague stupidity, but unfortunately, that is not limited to games accounts, it happens with banks and even in governments... It happens...

However I agree with EVERYONE here that NCSoft needs to step up and let us know whats happening here, but as that hasn't happened in nearly a month of this being known about, I very much doubt this will change just because the Guild wars community has gotten involved... not unless we, as a whole work with ANet to push the issue with NCSoft!

Conjecture, speculation and other factors also play a part in this and we need to stay on track about what we as a community want to hear from NCSoft, not ANet, not the community, but NCSoft, who's website has a security flaw and needs fixing!

We also have to remember that this issue is NOT limited to Guild Wars and first came to light with Aion and in the Aion community, however it is still NOT the Aion communities fault, or the fault of any community, it is a security flaw, nothing more and one that needs to be fixed, but only NCSoft can do that, not ANet!

gone

Guest

Join Date: Jan 2007

02 Jan 2010 at 15:29 - 380
Quote:
Originally Posted by Lonesamurai View Post
Right, lets back up a little here as multiple issues seem to be confusing things... the point of this thread is to discuss the NCSoft Master Account issue ONLY...
says you. People need to be made aware NOW. not just slam Anet/NCsoft.

I can get more info from GURU than I can from NCsoft.

Lonesamurai

Lonesamurai

Furnace Stoker

Join Date: Apr 2006

Cheltenham, Glos, UK

Wolf Pack Samurai [WPS]

R/A

02 Jan 2010 at 15:36 - 381
Quote:
Originally Posted by flubber View Post
says you. People need to be made aware NOW. not just slam Anet/NCsoft.

I can get more info from GURU than I can from NCsoft.
You;re right, they do need to be made aware, but they also need to be made aware of the separate issues and where these issues are and how to prevent them affecting you... has this happened? or has a witchhunt started? all I see is pitchforks being raised

maxxfury

Wilds Pathfinder

Join Date: Apr 2006

[DVDF] Gp

Me/A

02 Jan 2010 at 15:51 - 382
Personally id like to thank Erys Vasburg (and the others responsible) for this thread!!!!

Without this "leak" of information, i doubt it would have been adressed so quickly or at all!!

so THANK YOU! a sevice to the community indeed!

and a thank you to the people who actually took time to investigate and to fix it...

Erys Vasburg

[Domination Henchman]

Join Date: Feb 2007

Echovald Forest

House Vasburg

Me/

02 Jan 2010 at 15:53 - 383
Quote:
Originally Posted by Lucci_Slevin View Post
I think this one is a false alarm.
As some others have already pointed out, there was no false alarm here. Many people tested this, and found it to be true! The reason for the fix (last night? this morning?) is because the problem was real.
Quote:
Originally Posted by Lonesamurai View Post
My point is, what more do you want answering here that hasn't already been said?
Again, I am sorry, but it seems you have been too busy not reading to see what has been asked. If you wish to know, please read, and find the answer to your question. I will not repeat things for the sake of someone who refuses to see what is in plain sight. Furthermore -
Quote:
Originally Posted by Lonesamurai View Post
Right, lets back up a little here as multiple issues seem to be confusing things... the point of this thread is to discuss the NCSoft Master Account issue ONLY...
Who are you to tell us what the purpose of this thread is?

Please don't answer that question. I do not wish for this thread to be derailed by whatever response you may have, as there are still important questions on the floor for NCSoft to answer (through Regina, Gaile, or whoever they choose to send to us).

Miscreant_Moon

Ascalonian Squire

Join Date: Jul 2009

Somewhere in Ascalon

Me/E

02 Jan 2010 at 16:07 - 384
Despite the fighting, a lot of good has come from this thread. Check out AionSource.com's troubles and what they have to say about the Anet team.

"From my understanding, Areanet are pretty much praised by lots of people, and NCSoft is absolutely despised by Guild Wars fans. I can see why - their team is really dedicated, while our ncsoft team all decided to go on vacation, even though we are paying them monthly fees while guild wars has no monthly fees. /endrant"

"On a side note, I am finding myself feeling rather jealous of the support and dedication that the Guild Wars support team has shown to their players in the last few hours (and I realise I miss them all terribly). It's not to say that I don't appreciate the efforts of the Aion support team, it is merely that when action is required there appears to be none or too little for a game that requires a monthly account fee! At any rate, Arenanet may be a wholly owned subsidiary of NCSoft, but it is clear to me that they operate differently when it comes to their Guild Wars franchise and it is a credit to them."

"Sad thing that all of us have to follow what is going on on GW fansite and GW Wiki and in all this time we had one wrong response from our support/security team. And from what I saw Gaile Gray was misinformed by NCSoft about additional security when it comes to changing NCSMA."

"Someone mentioned earlier that Guild Wars now requires your existing password before you can change it, so why on earth can't Aion, which isn't FREE keep up with security like that? It's exceedingly basic."

"The only way NCSoft is going to act is if you guys keep yelling. Guild Wars was able to get extra security features like adding your IGN to the login. Just a few hours ago they also added that in order to change your Guild Wars password you now have to type in your current password. These changes did not carry over to Aion it looks like. Keep it up, eventually NCSoft will take action."

gone

Guest

Join Date: Jan 2007

02 Jan 2010 at 16:07 - 385
Quote:
Originally Posted by Lucci_Slevin View Post
Who Specifically? Other than the poster who goes by Allah(who has shied away from the discussion) I did not find anyone.
http://www.guildwarsguru.com/forum/s...&postcount=192

I trust him, as he and another member put it on the line before during the dupe craze. (at least I think it was him)

Erys Vasburg

[Domination Henchman]

Join Date: Feb 2007

Echovald Forest

House Vasburg

Me/

02 Jan 2010 at 16:29 - 386
Quote:
Originally Posted by Lucci_Slevin View Post
Who Specifically? Other than the poster who goes by Allah(who has shied away from the discussion) I did not find anyone.
http://www.guildwarsguru.com/forum/n...eply&p=5001369

I am sure you can find others if you read around enough.
Quote:
Originally Posted by Zehnchu View Post
After reading all this information about hacked accounts a chilling thought came to mind the wiki could have become compromised? Wiki would also give a large source of both email/password and players character names (which I said to anet they might want to tell wiki users not to list character names).
This is an interesting question. I am sure though that we don't need to dwell on it - the wiki is likely as secure as Guru is (going by what trusted, high ranking members of each community have told us).

Enko

Forge Runner

Join Date: Jun 2006

VA

Mo/

02 Jan 2010 at 16:29 - 387
Quote:
Originally Posted by flubber View Post
http://www.guildwarsguru.com/forum/s...&postcount=192

I trust him, as he and another member put it on the line before during the dupe craze. (at least I think it was him)
It was Fenix and myself.

Anyways, regardless of how many accounts got stolen this way (which we probably will never know. Even the ones who had accounts stolen were discouraged from posting on guru about it since guru can't do anything about it and their threads were locked), it doesn't change the fact that NCSoft's website is NOT secure and has multiple security holes. They're finally doing something about it now because they probably finally realized that its going to hit them financially eventually if they don't do something. While requiring the old passwords to change the new passwords is a good start, it is still only a bandaid on the larger problem of their security.

Reading what they had posted on Aion's forums, I'm surprised that the Aion side of the house isn't taking faster action as they are, after all, paying monthly fees while we are not. We may be hard on Anet for some of the things that have happpened but at the very least, they are very dedicated to Guild Wars.

A lot of people are getting the two Aion issues mixed up (the master account log ins vs the other Aion (supposedly cosmetic) issue where it says the wrong account name. I don't play Aion so I can't comment that much on that specific issue.

Emperor Bush

Frost Gate Guardian

Join Date: Mar 2007

Pandas of a Thousand Gentlemens or Something [LOD]

02 Jan 2010 at 16:34 - 388
"or has a witchhunt started? all I see is pitchforks being raised"

There's no such thing as a witch. Witches are imaginary. The specific security threat that this thread intended to highlight was real.

Lonesamurai

Lonesamurai

Furnace Stoker

Join Date: Apr 2006

Cheltenham, Glos, UK

Wolf Pack Samurai [WPS]

R/A

02 Jan 2010 at 16:40 - 389
Quote:
Originally Posted by Emperor Bush View Post
"or has a witchhunt started? all I see is pitchforks being raised"

There's no such thing as a witch. Witches are imaginary. The specific security threat that this thread intended to highlight was real.
You are right, the NCSoft Master Account issue is very real and a real concern

However, as was just pointed out above by a quote of Fenix, other issues that aren't part of that are also being confused into this situation

Emperor Bush

Frost Gate Guardian

Join Date: Mar 2007

Pandas of a Thousand Gentlemens or Something [LOD]

02 Jan 2010 at 16:46 - 390
Quote:
Originally Posted by Lonesamurai View Post
You are right, the NCSoft Master Account issue is very real and a real concern

However, as was just pointed out above by a quote of Fenix, other issues that aren't part of that are also being confused into this situation
I have spotted some metaphorical pitchforks in here myself. But the original claim was " all I see is pitchforks being raised". If that's all someone sees in this thread, then they either didn't read the whole thread, or they are indeed confused.

Faer

Faer

La-Li-Lu-Le-Lo

Join Date: Feb 2006

02 Jan 2010 at 16:55 - 391
Quote:
Originally Posted by Lucci_Slevin View Post
Who Specifically?
Myself, Sierra, a few other members of the team who wish to remain anonymous because they are not brave battle lions like we are even though they did far more work than we did (hell, all I did was read some shit and mash log in / log out before finally getting lucky and posting about it on wiki)... Really, a number of people.

I dunno what else to tell you man. This was the real deal.

psykoikonov

Ascalonian Squire

Join Date: Jul 2006

02 Jan 2010 at 16:55 - 392
I'll add my $.02.

If in fact this large a number of accounts were hacked in such a short time frame then there is a common denominator, either a website, the Guild Wars servers, or an internal leak was used to acquire the information.

Areanet/NCSoft should be trying to find the common denominator, instead of them and us pointing fingers (wastes of time), or adding a whole slue of security features with may or may not have anything to do with the problem.
If I was Areanet/NCsoft I would be contacting each person that has had their account "hacked" and finding the common denominator. If indeed Lindsay did have her account hacked then that would be the first place to start. Find out from her and the others that had accounts hacked where they have used the same credentials they use to access their GW accounts. The hackers did their homework and until Areanet/NCSoft does their homework the problem will not be even known let alone stopped.
In the last 5 years almost of guild wars I've never heard of such a rash, this is just recent, someone or ones have found a "leak" and it needs to be found and stopped. Chasing tails will not stop this.
I would also add the lag found in certain cities/districts. This sort of lag has never been seen by myself, sure 500ms ping briefly, disconnect here or there, but 5000-40000ms ping for everyone in a city. This sounds like the servers are being overloaded, the question I have is by what....The answers are out there AreaNet/NCsoft, now find them, and then you might have a hope of solving the problem.

Miscreant_Moon

Ascalonian Squire

Join Date: Jul 2009

Somewhere in Ascalon

Me/E

02 Jan 2010 at 17:04 - 393
Well, I can see who just can't let an issue drop. Really, is this like a txt message or IM now? Just write random one-liners and see who can state the same thing over and over and over again. To the posters on the last page, we get what you are trying to say. Really. You can stop. There are a lot of issues in the thread. To the two or three continually pointing at the mods, we get it. You have some issues with them. Bring it to PM's, most of us don't care. The majority of us are happy there is a discussion happening, seems that it was buried for a bit. We get that some are confused. But you're not helping anything. Your making it worse.

Back to some other things that are actually on topic with the whole NCSoft issues. I think we should really let anet know how happy we are that they took action on this. Even if it's true or not, looking at other aion websites they can see what I think some of guru has been missing. They heard us.

I think in the next few days maybe ncsoft might turn up and issue some statement about it. Maybe it will be just fluff but I think this is only going to help future anet and ncsoft games.

glacialphoenix

glacialphoenix

Desert Nomad

Join Date: Jul 2008

Singapore

Royal Order of Flying Lemmings [ROFL]

Mo/

02 Jan 2010 at 17:29 - 394
Quote:
Originally Posted by Miscreant Moon
I think we should really let anet know how happy we are that they took action on this.
This is true. Honestly, I hope the Aion people get the attention they need. We did, but they still haven't. =\ A lot of people aren't very happy with Anet, but Anet did something to help its players; NCSoft didn't. My problem isn't (generally speaking) with Anet, it's with NCSoft.

HellScreamS

Krytan Explorer

Join Date: Aug 2009

wouldn't you like to know?

^yea KFC just subscribed to me for 1 year^

P/

02 Jan 2010 at 17:32 - 395
my intention was to remain anonymous, but since more and more people doubt, I'll let you know that I was curious about this bullshit error. So I tried logging to my ncsoft account last night, the page kept failing to load, and after I refreshed it like 6-7 times in a rage, I've got to a random acct with 2 aion accts, there were 2 diff mails which were almost the same, only one character differing. Closed mozilla and didn't log since then. Just my things I had to say, not gonna reply to quotes like "pics or it didn't happen". Trust me or not, that's what I had to say

Riot Narita

Desert Nomad

Join Date: Apr 2007

02 Jan 2010 at 17:37 - 396
Quote:
Originally Posted by Improvavel View Post
Until someone can provide hard numbers on how many accounts have been hacked this is mere speculation.
No it is fact, we don't need the numbers to know that. Either you don't understand what "speculation" means, or you really haven't read this thread.

Quote:
Originally Posted by Improvavel View Post
If someone can hack into NCsoft database, THEY WILL HAVE ALL OF THOSE ACCOUNTS, not just some.
This proves that indeed, you haven't read this thread. Either that, or you didn't understand what's been posted here.

They haven't "hacked into the NCsoft database", and thereby stolen ALL account details. They haven't done any hacking at all that we know of.

They have repeatedly logged in and out of their own NCsoft master accounts, until they randomly glitched into someone else's account. It's slow, and relies on pure luck. But it's easy and supplies a steady stream of random victims.

There may be other methods we don't know about yet. But at least the one we know about has a band-aid on it now.

Quote:
Originally Posted by Improvavel View Post
This thread gives the impression that the only way or the biggest way of getting hacked is due to the ncsoft site.
That is not my impression, don't really understand why you came away with that.

What this thread points out is one of the most SERIOUS ways we could lose our accounts. "Serious", because there was nothing WE could do to protect ourselves against it. Only ANet/NCsoft could protect us against it.

Quote:
Originally Posted by Improvavel View Post
So why don't we see mass reports of people with NCsoft accounts getting hacked?
We did. Where have you been?

Quote:
Originally Posted by Improvavel View Post
Why do half the accounts being hacked aren't linked to a NCsoft master account? What is the proportion of accounts linked to NCMA to those not linked.
I already told you why. I could post it again... but I suspect you simply won't read it, again.

Quote:
Originally Posted by Improvavel View Post
Are you able to reproduce that bug? Did you create a script that tried to log in thousands of times in a NCMA and got into someone else account?
Read the thread. It has been duplicated.

Quote:
Originally Posted by Improvavel View Post
Do you have data on how many accounts were hacked? How many of those accounts had suffered password changes?
Irrelevant. The problem is real, no matter what the numbers are. It needed to be fixed. It was serious enough that ANet took near immediate action to fix it, after this thread was started.

Do you think A-Net would have made the recent changes - over the holiday period - if there wasn't a critical secuirty issue?

Quote:
Originally Posted by Improvavel View Post
If that is true we are all RED ENGINE GORED ENGINE GORED ENGINE GORED ENGINE GOed, so where are the all RED ENGINE GORED ENGINE GORED ENGINE GORED ENGINE GOed people? Where are all the new posters to this forum asking for help? Or around the internet?
There have been plenty... and there was a noticable increase recently.

Also - many vicitims will have already quit the game and don't even know they've been hacked. Many will simply walk away after they were hacked. Many do not hang out on forums, and even those that do may not be inclined to post about it... and for the remainder, what incentive did they have to post? When the usual response to any "I was hacked" post, was for everyone to tell the poster that they were stupid and deserved it, that they had no PC security, they gave away their details, they bought gold from RMT's, they downloaded dodgy stuff from shady sites, etc etc.

Apollo Smile

Apollo Smile

Wilds Pathfinder

Join Date: Jan 2008

[LORE]

E/Mo

02 Jan 2010 at 19:40 - 397
Cheers ArenaNet: For getting on the ball
Jeers NCsoft: For dropping it

Hopefully they will have this fixed ASAP.

Lord Randy

Pre-Searing Cadet

Join Date: Sep 2009

02 Jan 2010 at 19:40 - 398
Gaile and Regina do not suck at what they do at ANet, Lets look at the past accounts that have been stolen, most that i have seen are known gold buyers, people who stay out of game for weeks don't farm then log in one day with FoW armor and a maxed Zaishen title, It is a known thing that Gold sellers will steal accounts they sold to in order to make more profit, since they will have what they sold back, and real life cash, now top that plan off with people using THE SAME PASSWORD FOR EVERYTHING! you have a recipe for disaster, now when loads of players are buying gold you see loads of people getting the shit they thought they earned stolen, and crying to Arenanet about it.
It is not Gaile and Regina's Fault that someone stole your info from a gold buying site, not theirs if someone got it because you are too stupid to keep your mouth shut about what your info is.
Further more, trolling this subject wont help all it is doing is make the guru community look like worse shit, and by that i mean admins going into GW and promoting the trolling, promoting events to badmouth Anet, its not going to get you anywhere and makes you look like an ass.

Step 1:Gaile and Regina do the job they do
Step 2: You don't like it bitch about you being brick shit stupid
Step 3: Ban people sticking up for Gaile, while you troll the forum here, and get more trolls from the game
Step 4: ?????
Step 5: Profit?!?


Make sense what your doing now? no because IT CANNOT MAKE SENSE! your are beating a dead horse here. And finishing Gaile doesn't not suck at her job, Regina doesn't suck at her job, if you failed to keep info secret, or use same shit for all your stuff you suck. Do not badmouth Gaile and Regina since they are not the ones to blame.

Smarty

Smarty

Krytan Explorer

Join Date: Mar 2008

England

Me/

02 Jan 2010 at 20:23 - 399
Quote:
Originally Posted by Tom Swift View Post
Thankfully, however, we have a gw response team which, even based on the "very few" Regina mentioned, did their job and pressured a security change from NCsoft. Glad I'm not an Aion player.

Many thanks to Regina and Gaile for calling in NCsoft on a holiday - I bet they took a lot of crap for that from the NCsoft people. Glad they were willing to do it for us - you ladies and others at GW deserve a huge raise.
Seconded. It took a while for the message to sink in, but once there was some definite evidence provided then the ANet team were straight onto it. Good job and thankyou.

Now we just have to wait and see what, if anything, NCsoft do to make our master accounts secure. I really don't understand why they haven't already changed it so that the main password reset works the same way as the GW password reset now does.

Jae Onasi

Frost Gate Guardian

Join Date: Jan 2008

Lost Haven

E/Mo

02 Jan 2010 at 21:41 - 400
I greatly appreciate Regina's efforts on our behalf, and I know you are in a very difficult position of dealing with a horrendous PR/security problem.

I purchase things from ANet/NCSoft with the understanding that my account information will be kept secure. I'm not worried about the pixel outfits and gold in my game account. If someone really wants what little crap I have in my chest that badly, well, they're pretty sad people.

However, I'm worried about my Real Life data being kept safe, being an adult with a family to help support. I don't want my real information being in the hands of God-only-knows-who. I was considering buying Aion, but now I'm not going to purchase that game, or any other game associated with NCSoft, until I see serious progress on the security issues being resolved. It's just not worth the risk when there are so many other games out there where I don't have to worry about this kind of problem.