Rank 17 Guild entirely messed up by hackers!

Ctb

Desert Nomad

Join Date: Apr 2006

W/

07 Apr 2006 at 19:26 - 81
I have no idea why he posted that link. You can get the same thing here:

https://www.grc.com/passwords

And it doesn't look so suspicious.

That said, i'm not going to use a password that could have easily been recorded on the site that generated it for me. Even if Gibson has no ill intent, that doesn't mean nobody in his company does. :\

Str0b0

Desert Nomad

Join Date: Feb 2006

North Carolina

N/Me

07 Apr 2006 at 20:04 - 82
Quote:
Originally Posted by Tufty
That sucks ! How do they steal accounts? How do I protect mine?
Hackers rely on human stupidity to do what they do. They rely on you to download keyloggers and trojans or they rely on you to have an unsecure password. So to protect yourself download no "add on" programs and make sure to utilize every character space they give you for your password and make your password an arrangement of numbers and letters with at least one capital and one lowercase letter.

Quote:
Originally Posted by Draygo Korvan
Phpbb is safe enough. While it only hashes with MD5, as was said earlier, even if they could see the database they wont be able to guess at the passwords.
MD5+SHA1+Salt action is key, but that wont save you from HTML injection.
Phpbb is also vulnerable to SQL injections. It's nothing that can't be fixed by tweaking the code a little and securing it up but if you just slap it on a server and do nothing more than add a template for looks then you're leaving yourself wide ass open to lots of nasty attacks.

Army_11b

Army_11b

Pre-Searing Cadet

Join Date: Apr 2006

USA

FoW Fissure's Of Darkness

W/Mo

07 Apr 2006 at 20:11 - 83
I know of whom has did this, not only to this one but several other's. I Have been threatened that if i did reveal I would be "Hacked" myself. Being a logical compuer genious, I think I would rather take the risk and prevent anymore incident's like this effecting GW to go on. I have the Vent Info, player name's and even the website where he is using a program called SC Key Logger Pro Discuised as a Farming Bot to gain information about other peoeple's accounts and god knows what else. Funny thing is he did not even mask the program or embed it, and he call's himself a hacker? I do have the website but will not post it to prevent anymore accidental downloading of the program. Scammer's should be banned from the GW community without chance of getting a second chance. Hacker's do not brag about being a hacker and very seldom commit these kind of act's. If you ask me he is just a n00b script kiddy that wish's he could earn the name "Hacker" Good luck Guld War's Friends, and please beware of future download's.

~ Dracale



Quote:
Originally Posted by Maxiemonster
This is the story:

I was playing HA, and all of the sudden, someone starts spamming "Rank 17 Guild recruiting!", so I thought "This can't be right", so I asked why a Rank 17 guild would randomly recruite, and asked of this was a lame joke, but apperiantly it wasn't. I got an invite (since I was guildless), and I saw alot of random people were invited, so I knew something was wrong.

I asked the guy who invited (who had a friend who also helped) me what was going on, and he didn't reply for a while. When I asked again, he told me he hacked someone's account, which was apperiantly the account of one of the Officers in that guild, and he kicked all excisting members, and invited new ones, randomly.

I'm glad they didn't hack the Guild Leader's account, since this way, he still has the upper hand, though, this is pretty serious in my opinion. I obviously got the names of the 2 hackers (if it's not the same guy), and the account of the Guild Leader (so I can explain this to him). I'm reporting these guys immidiatly, in case these guys can get an IP track, so they can get a ban, which I really hope is possible.

So again, watch out with every way you might get hacked, so this is what happens. This is the most serious way of hacking I've seen untill now (since obviously, these guys stole every single item on the accounts as well).

Carinae

Carinae

Forge Runner

Join Date: Jun 2005

Inside

Fifteen Over Fifty [Rare]

07 Apr 2006 at 21:36 - 84
Recording: Please enter your credit card number.

You: Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep

Recording: Please state your password.

You: bigboy

Recording: Please repeat password.

You: BIGBOY



EDIT: This is from an American commercial, that seemed appropriate.

Sir Skullcrasher

Sir Skullcrasher

Furnace Stoker

Join Date: Jun 2005

California

15 over 50 [Rare]

W/Mo

07 Apr 2006 at 21:39 - 85
wow, this thread has made me paranoid, i have changed my password to max 20 digits!

Lord Iowerth

Lord Iowerth

Wilds Pathfinder

Join Date: Sep 2005

Atlanta, GA (#guildwarsguru FTW!)

Biscuit Of Dewm [MEEP]

R/Mo

07 Apr 2006 at 22:23 - 86
Quote:
Originally Posted by Carinae Dragonblood
Recording: Please enter your credit card number.

You: Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep Beep

Recording: Please state your password.

You: bigboy

Recording: Please repeat password.

You: BIGBOY

EDIT: This is from an American commercial, that seemed appropriate.
That commercial is awesome, but IMHO the best line from it is "For a shinier credit card, say 'yes'"

anyway, back on topic ... has anyone heard back from ANet re: this unscrupulous fellow and whether or not the guild will be able to participate in championships should another of the top 16 back out? Or is this considered by ANet to be a "non-issue" since nobody has dropped, as far as i know?

xRustyx

xRustyx

Banned

Join Date: Jan 2006

Bermuda Triangle

W/

08 Apr 2006 at 01:07 - 87
When all is said and done. The crumbs still lay dormant.