Damn it NCSoft =(
If only Anet had a better parent company....
Honestly, I don't blame the Guild Wars team for this =/
Account Hackings - The Source
Lishy
Angel Kiss
Hello dears, Bunny here (author of the icky sticky thread on Aion Source).
I just wanted to stop by and thank Erys for taking the time to make this thread. To be honest I think you summed it up quite nicely. I particularly like the bit about NCSoft having us "believe that after four years, suddenly thousands of people became infected by a real life stupidity virus and stated dealing with RMT or being keylogged simultaneously". That really sums it up from my perspective. I know for a fact that the past two weeks really has been the highest on record for complaints received about Aion players being hacked. Sure, the first few complaints come in and you think "yeah yeah...serves you right you gold buying scumbag", but after the 100th genuine sounding story you do start to doubt and raise questions.
The thing that bothers me most is the fact that the past two weeks have coincidentally (or not) followed the emergence of the NCSoft Master Account website issue and we haven't recieved a response about this from anyone. I don't think people have appreciated yet that Tamat's first response to the issue was completely out of context. There just so happen to be two issues with NCSoft websites and our Tamat rushed forth assuming we were talking about a different problem (one that actually IS cosmetic).
From reading Gaile's comments it seems to me that she has latched on to Tamat's response and arrived at the same wrong conclusion. In a meek effort to try to steer people in the right direction, I have posted the following on her talk page:
Aside from the known issue with the NCSoft Master Account page (as if that isn't enough) much worse accusations have been emerging from the Aion community over the last few days...however I couldn't say how accurate these are first hand (or how long it will be before NCSoft delete posts from the official forums of that nature).
In the meantime all I can do is say keep talking about the issue! Don't stand for this sort of nonesense and don't let it get pushed under the rug. I have it on good authority that there is rather solid evidence of a serious problem here and we all deserve to know what steps are being taken to correct it.
I just wanted to stop by and thank Erys for taking the time to make this thread. To be honest I think you summed it up quite nicely. I particularly like the bit about NCSoft having us "believe that after four years, suddenly thousands of people became infected by a real life stupidity virus and stated dealing with RMT or being keylogged simultaneously". That really sums it up from my perspective. I know for a fact that the past two weeks really has been the highest on record for complaints received about Aion players being hacked. Sure, the first few complaints come in and you think "yeah yeah...serves you right you gold buying scumbag", but after the 100th genuine sounding story you do start to doubt and raise questions.
The thing that bothers me most is the fact that the past two weeks have coincidentally (or not) followed the emergence of the NCSoft Master Account website issue and we haven't recieved a response about this from anyone. I don't think people have appreciated yet that Tamat's first response to the issue was completely out of context. There just so happen to be two issues with NCSoft websites and our Tamat rushed forth assuming we were talking about a different problem (one that actually IS cosmetic).
From reading Gaile's comments it seems to me that she has latched on to Tamat's response and arrived at the same wrong conclusion. In a meek effort to try to steer people in the right direction, I have posted the following on her talk page:
Quote:
|
Originally Posted by Bunny
In the interest of being helpful, allow me to clarify something for the benefit of Gaile and others.
Originally, via this thread, the player community of Aion were raising an issue regarding the NCSoft Master Account Login Page, where it was discovered that the page has the tendancy to log people into other people's NCSoft Master Accounts at random. When this happens, players are able to assume full control of another persons NCSoft Master Account, and any game accounts they happen to hold. This is not a cosmetic issue, it is a genuine issue that appears to be causing many people to loose control of their NCSoft Master account and game accounts alike. Initially, when Tamat (Aion Community Manager) saw the complaint thread, in his haste Tamat replied assuming that the complaint referred to another known problem involving the Aion Online website and forums (a different website). The known problem Tamat is referring to is a separate issue. I cannot stress this enough. Players use their Aion Game Account information to login to the Aion Online website in order to check their broker status or their mailbox. This website has a caching issue, which sometimes causes the wrong Aion Game Account name to appear in the greeting at the top of the page. This in fact IS a cosmetic issue, so if tamat had been replying to the correct problem...his reply would have been correct. What the player community needs is a reply to the original complaint because it will indeed affect Guild Wars and Aion players alike. |
In the meantime all I can do is say keep talking about the issue! Don't stand for this sort of nonesense and don't let it get pushed under the rug. I have it on good authority that there is rather solid evidence of a serious problem here and we all deserve to know what steps are being taken to correct it.
Fay Vert
Quote:
|
Originally Posted by jiggles
I would just like to throw the idea out there that telling every single person possible how to potentially hack GW accounts does not seem like the smartest plan ever...
|
How about they switch off completely the whole ability to change passwords, from anywhere, if you want to change your password then go through support.
Anka Yirannes
Thanks Bunny. Nice to see some input.
I, for one, will not rest until the cold hand of justice has laid the smackdown.
(Oh dear, I believe I got a bit ninja'd there.)
I, for one, will not rest until the cold hand of justice has laid the smackdown.
(Oh dear, I believe I got a bit ninja'd there.)
Kate Monster
I took a bigger step, not screwing around with this account security bs. I crossed this over to the G4TV forums under the MMO report in an effort to find a link to submit an inquiry & request to do a story on this issue. If Anet doesn't want to listen to us..maybe they'll listen to them.
Jaythen Tyradel
Happy New Years indeed. :/
Jensy
This is freaking me out. It's like someone has a million key keychain, and is standing outside your door trying each key >___<
What I would like to see:
1. Ability to unlink accounts. (I'm not holding my breath)
2. Ability to delete old/solved support tickets.
3. Prompt asking for old PW before GW pw can be changed.
It's... really not a lot to ask, right?
What I would like to see:
1. Ability to unlink accounts. (I'm not holding my breath)
2. Ability to delete old/solved support tickets.
3. Prompt asking for old PW before GW pw can be changed.
It's... really not a lot to ask, right?
Tom Swift
Quote:
| It's quite easy. Get GW2...don't link it to anything...never let anyone outside of GW2 know your character names and practice the good habit of strong passwords mixed with never using that email or password anywhere else but GW2...unfortunately us GW 1 players only WISH we hadn't made that mistake. We get a fresh start on GW2. |
Thankfully I never linked to a master account, never had to file a support ticket and never planned on getting GW2 anyway.
Kerwyn Nasilan
Quote:
|
Originally Posted by Jensy
This is freaking me out. It's like someone has a million key keychain, and is standing outside your door trying each key >___<
What I would like to see: 1. Ability to unlink accounts. (I'm not holding my breath) 2. Ability to delete old/solved support tickets. 3. Prompt asking for old PW before GW pw can be changed. It's... really not a lot to ask, right? |
Arduin
http://wiki.guildwars.com/wiki/Feedb...ity_Issue.3 F
A confirmation of Anet being aware of the issue.
Quote:
|
Originally Posted by Gaile @ Wiki
Thank you for sharing the synopsis, Angel, and for the link, Cress Arvein. I have been working on the MHE (Missing Hat Experience) for Wintersday 2010, and so I was not able to devote my attention to the question as fully as I might have done on a normal day (and certainly on a normal work day). I am discussing this issue with Regina so that we can learn more about the concerns and, of course, address them as quickly as possible. -- Gaile 21:11, 1 January 2010 (UTC)
|
zelgadissan
Quote:
|
Originally Posted by Lishy
If only Anet had a better parent company....
Honestly, I don't blame the Guild Wars team for this =/ |
I wonder if ArenaNet could support themselves on their own?
Michael805
Quote:
|
Originally Posted by zwei2stein
Anyhow:
If you manage to steal session or to recover session by accident, it means that target account was logged to plaync recently. So, your protection would be *not* to log in to plaync. |
Zinger314
Quote:
|
Originally Posted by Arduin
http://wiki.guildwars.com/wiki/Feedb...ity_Issue.3 F
A confirmation of Anet being aware of the issue. |
Duh.
Emperor Bush
I hope everyone who got a festival hat gets their accounts hacked, and the hacker destroys their precious little useless hats.
Gargantuan Midget
Can someone re-name this thread 'How to hack' I know its an issue that requires discussion but seriously just telling everyone how to do it, unwise in my mind, I'm certain there are some people out there who will take advantage of the information.
gone
Quote:
|
Originally Posted by Gargantuan Midget
Can someone re-name this thread 'How to hack' I know its an issue that requires discussion but seriously just telling everyone how to do it, unwise in my mind, I'm certain there are some people out there who will take advantage of the information.
|
HellScreamS
erm, the ncsoft offi page is lagging like mad atm for me, and I can barely log in to MY account. That makes me think there's a bazilion chinese bots logging in and off already... *takes a painkiller overdose*
fishy go moo
I'm semi-pissed. I logged on and was like wtf is this shit. :/ i got a pw reset but they havent given me a freaking email yet
Gargantuan Midget
Fine it may not be hacking name it 'How to get free accounts' or judging by Gaile's response 'Hats are more important than you account'
Juhanah
Quote:
|
Originally Posted by Gargantuan Midget
Can someone re-name this thread 'How to hack' I know its an issue that requires discussion but seriously just telling everyone how to do it, unwise in my mind, I'm certain there are some people out there who will take advantage of the information.
|
If no one know how the bug works, most people wont care. NCSoft will continue deny it, Anet will follow NCSoft judgment, People will still get their account stolen and nothing will ever be done.
Now if the majority of people know it. Yes more account may be stolen but this also mean more people will voice their frustration toward this issue, less people will want to spend their money on NCSoft product and to get it stolen, and NCSoft will look extremely stupid for not fixing it and will loose any bits of credibility and revenue they have left.
genofreek
Quote:
|
Originally Posted by Michael805
In my case, I hadn't logged into my plaync account for (likely) a year or more, and hadn't logged into gw on any account in at least 6 months, yet my account was hacked. It's not sessions being stolen, it's likely the account ID being altered in some way under server stress (which would explain why it only works by logging in/out several times).
|
Jaythen Tyradel
as damaging as this info is, I feel better (albeit not by much, still worried and frustrated by this news) that this has been uncovered NOW instead of after GW2 launch.
Lishy
Screw NCSoft
Anet should use the profits from GW2 to make some awesome offline rpg not limited by the online gameplay Guild Wars has :P
Using an offline game, they would earn more profit than they probably make now due to how much it costs to keep Guild Wars up each month. Once they hit the sky high success, they finally disband from NCSoft and lead there own company, furthering to develop games for the XBOX360 :P
Anet should use the profits from GW2 to make some awesome offline rpg not limited by the online gameplay Guild Wars has :P
Using an offline game, they would earn more profit than they probably make now due to how much it costs to keep Guild Wars up each month. Once they hit the sky high success, they finally disband from NCSoft and lead there own company, furthering to develop games for the XBOX360 :P
Seraphim Angel
Is there a way to un-link your account from thier website?
Stuart444
Update to the last post by Galie on her wiki:
Quote:
| Addendum to my comment above: I do not wish to give the impression that I consider missing holiday hats to be a higher priority than security issues. Anyone who knows me, or thinks about my position, would clearly understand that, for me, hats < security! However, having seen an official response that seemed to dispel the concern -- a response that, in the context made sense to me -- I believed the security concern to have been adequately addressed. I have been researching this at greater depth today, and have sent emails to more than 30 people on a half-dozen teams to alert them to the concern. We'll update when we have more information. |
Carinae
The elephant in the room is the fact that we have seen them do a system-wide rollback, character data and all. So they DO have character backup data, definitively.
They simply don't WANT to do it. To be fair, there is some legitimacy in that stance. It would take a lot of manpower, open the door for exploits, and in general be a headache.
However.......They now have a way (at least for this issue) to determine legitimate hacks! Just read their own logs:
LOGIN: Player123
ACCOUNT OPENED: Player648
BINGO -> Rollback Character
You might lose some stuff, depending on the date of the rollback, but hey, better than nothing.
They simply don't WANT to do it. To be fair, there is some legitimacy in that stance. It would take a lot of manpower, open the door for exploits, and in general be a headache.
However.......They now have a way (at least for this issue) to determine legitimate hacks! Just read their own logs:
LOGIN: Player123
ACCOUNT OPENED: Player648
BINGO -> Rollback Character
You might lose some stuff, depending on the date of the rollback, but hey, better than nothing.
Gargantuan Midget
Quote:
|
Originally Posted by Juhanah
There's no "how to do it". The NCSoft website do it by it self for you or anyone.
If no one know how the bug works, most people wont care. NCSoft will continue deny it, Anet will follow NCSoft judgment, People will still get their account stolen and nothing will ever be done. Now if the majority of people know it. Yes more account may be stolen but this also mean more people will voice their frustration toward this issue, less people will want to spend their money on NCSoft product and to get it stolen, and NCSoft will look extremely stupid for not fixing it and will loose any bits of credibility and revenue they have left. |
I just don't want people to be innocent in thinking this thread will auto save us everyone has been QQing about balancing for months and nothing happened. If the information is even more readily available even if it is on a thread designed to help I just don't think the spike in hacking (or whatever I'm supposed to call it apparently thats wrong) will dissapear as fast as we all want it too.
But I do see what you're saying, a small number more is acceptable if the problem gets solved, for the greater good essentially. I hope you're right and prove me to be wrong I really really do.
zelgadissan
Quote:
|
Originally Posted by Seraphim Angel
Is there a way to un-link your account from thier website?
|
Rhiana Reborn
Well, this sucks. Here's hoping that if I get hacked, they have the decency to not delete my chars. I can reset my password and get my acc back, but I'd hate to have to remake my chars - some of the titles I have were a pain to get.
Also, Please don't expect the Anet team to be at the top of their game - it's the 1st day of the year, and like most of us, they too have offline lives, and I bet that more than one of the people in charge has a hangover bigger than mine.
Happy New Year! (I'd offer you some champagne, but I'm keeping the last bottles for myself. Mmmmmm)
Also, Please don't expect the Anet team to be at the top of their game - it's the 1st day of the year, and like most of us, they too have offline lives, and I bet that more than one of the people in charge has a hangover bigger than mine.
Happy New Year! (I'd offer you some champagne, but I'm keeping the last bottles for myself. Mmmmmm)
fenix
A little delayed, but I can confirm this too.
Was logged into someone elses account on the Aion website the other day...
Was logged into someone elses account on the Aion website the other day...
Fril Estelin
Quote:
|
Originally Posted by Zinger314
Hats > Account Security
Duh. |
Seraphim Angel
Well this is comforting. Its like every time I log on now I'm gonna be like "Hope they didn't get me." I feel like I live in the ghetto and I have to check outside to see if my car is still there.
Edge Igneas
Quote:
|
Originally Posted by Seraphim Angel
Well this is comforting. Its like every time I log on now I'm gonna be like "Hope they didn't get me." I feel like I live in the ghetto and I have to check outside to see if my car is still there.
|
fenix
Stickied for importance.
Rhiana Reborn
Were there deleted posts? The thread just went from 11 pages to 10...
Gargantuan Midget
edit: Apparently my opinion of his intelligence was shared 
fenix
Quote:
|
Originally Posted by Rhiana Reborn
Were there deleted posts? The thread just went from 11 pages to 10...
|
freedom_razor
Quote:
|
Originally Posted by Gargantuan Midget
@ Freedom Razor what are you talking about? Seriously? You actually think if a member of the community finds out how peoples accounts are being stolen they should just sit there and do nothing with that information? Even if everyone at anet and everyone at ncsoft ignore it at least they tried, you're suggesting we just sit here and accept we are going to loose our accounts.
|
@Fenix: can you spare at least this post? It is an answer to someone else who managed to read one of my previous posts.
Tramp
I am still confused and no one answered. So the recent additional character name at login is worthless because they glitch or hack into the NCSoft account, then check out your support emails, and get your character name and information there?
I need to know if I should start to dread logging in again, because I was feeling much better when Gaile said that a minority of people who were hacked did not have the NCSoft account, therefore the NCSoft account was not a problem, but now I concerned again.
I need to know if I should start to dread logging in again, because I was feeling much better when Gaile said that a minority of people who were hacked did not have the NCSoft account, therefore the NCSoft account was not a problem, but now I concerned again.
deluxe
Quote:
|
Originally Posted by fenix
A little delayed, but I can confirm this too.
Was logged into someone elses account on the Aion website the other day... |