Pages: [1] 2 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 1 post(s) |
|
GM Grimmi
|
Posted - 2009.04.17 13:02:00 -
[1]
EVE players are now under attack by ISK selling hackers who are attempting to break into thousands of accounts. From the information we currently have it looks like they are using key-logger/phishing/trojan lists with usernames and passwords from other games. Successful break-ins result in assets being liquidated and all the ISK being sold off to other players.
Anyone who has accounts on other games with the same username and password as for EVE should change their password immediately.
We urge all players to regularly change their passwords and to make sure their passwords are as secure as possible, preferably with capital letters and numerals mixed in and not too short either.
GM Grimmi
Lead Game Master
EVE CSS |
|
Shinnen
Caldari Northern Intelligence PuPPet MasTers
|
Posted - 2009.04.17 13:06:00 -
[2]
Edited by: Shinnen on 17/04/2009 13:06:55 I'm scared :(
CCP really need to implement some new security measures... at least let us "save" the password in the box like old times, so we don't have to type it and risk being keylogged.
Plus, if there are things that you don't like about Eve, click HERE because it will help. |
Blane Xero
Amarr The Firestorm Cartel
|
Posted - 2009.04.17 13:54:00 -
[3]
Originally by: Shinnen Edited by: Shinnen on 17/04/2009 13:06:55 I'm scared :(
CCP really need to implement some new security measures... at least let us "save" the password in the box like old times, so we don't have to type it and risk being keylogged.
Wouldn't do a damn thing to help your security. And infact would ause more insecurities for hackers to go after (Decrypting wherever the pass is stored, if it even gets encrypted. The keylogger would still pickup the keys being entered when the client started etc) ______________________________________________ Haruhiist since December 2008
|
Sparkfist Dread
|
Posted - 2009.04.17 14:02:00 -
[4]
well they could very easily switch to RSA token authentication. Im pretty sure Blizzard offers that for WoW
|
Concorduck
Gallente
|
Posted - 2009.04.17 14:28:00 -
[5]
Originally by: Sparkfist Dread well they could very easily switch to RSA token authentication. Im pretty sure Blizzard offers that for WoW
I'll take 10 thanks. -----------------------------------------
Originally by: Crumplecorn Contact the CSM about it, voting themselves into disbandment wouldn't be pushing the boundaries of absurdity for them.
|
Ezekiel Sulastin
Gallente Shiva Morsus Mihi
|
Posted - 2009.04.17 14:32:00 -
[6]
I'd pay for a Paypal/WoW type token ... ----
|
LaVista Vista
Conservative Shenanigans Party
|
Posted - 2009.04.17 14:38:00 -
[7]
Originally by: Ezekiel Sulastin I'd pay for a Paypal/WoW type token ...
I'd go for a yubikey which would let me log into EVE
|
Iamien
Caldari Stargate SG-1 Sev3rance
|
Posted - 2009.04.17 15:29:00 -
[8]
Or the certificate like item I suggested HERE.
|
Gone'Postal
Void Engineers
|
Posted - 2009.04.17 16:59:00 -
[9]
Give the players more options then FFS.
Username and password ain't as secure as it was..
Originally by: masternerdguy
Officer mods arent spread out because the bpos are innacesible to 99% of eve.
|
Cat o'Ninetails
Rancer Defence League
|
Posted - 2009.04.17 19:38:00 -
[10]
hi cat here
i had an idea kinda based on the Gone'Postals idea which is to add something clickable and randomly ordered (thwarting key and mouseloggers) and generic such as "favorite colour" or number which is part of the login procedure.
it would be an extra step yes, but i also quite like my assets lol! i also think it could be quite easy to do its just one more click when logging in
i might also suggest temp-banning for a few hours accounts that have say 3 failed attempts
that or give us a cool usb key lol
visit my blog for my adventures
|
|
Dr Karsun
Gallente Empire News The Security Council
|
Posted - 2009.04.17 21:24:00 -
[11]
Edited by: Dr Karsun on 17/04/2009 21:24:14 Makes me feel funny, because I don't play any other mmo :P
But seriously, didn't have trojan or in fact any virus for a long, long time, it's just a matter of good anti-virus software and your safe (a network-monitoring thing like mks-vir is good). Just blocks off every single application that tries to use the internet untill you allow it to. Even if I had a trojan, it would have to get approved first... Not likely that I would allow a funny program I didn't install get access to the net.
I suggest - people stop downloading so much erotic movies, it really IS the biggest seed of viruses, trojans, etc ;) ------------------------
|
Agent Known
Apotheosis of Virtue
|
Posted - 2009.04.17 21:42:00 -
[12]
OH NOES!!! The RL greed of people shows itself...
Seriously though, use A STRONG PASSWORD for your games and such. NEVER use the same password for stuff, especially game accounts and bank accounts.
Also, being mindful of what you do on the Internet is a great way to keep yourself from being infected in the first place. imo, it's loads cheaper buying ETCs and selling them in the game than buying the ISK, since 1) it's legal, and 2) you won't get it taken from you, and 3) well, what's this about again?
tl;dr: pay attention to what you're doing, or you may find yourself -1 EVE account. Obviously what I say isn't always what my alliance thinks. I hate to break it to you, but this is in fact my signature.
Proud ally of CVA |
Jim McGregor
|
Posted - 2009.04.18 11:57:00 -
[13]
Edited by: Jim McGregor on 18/04/2009 12:02:42
Switch to some kind of public/private key system. Passwords are useless these days.
---
Originally by: Roguehalo Can you nano Titans?
|
Dr Karsun
Gallente Empire News The Security Council
|
Posted - 2009.04.18 12:29:00 -
[14]
Originally by: Agent Known OH NOES!!! The RL greed of people shows itself...
tl;dr: pay attention to what you're doing, or you may find yourself -1 EVE account.
Well, I pay attention to what I'm doing, I got a long password (both letters and numbers and caps in some places) so I'm not really afraid. And my password is not same for anything else, eve has got it's own password.
And besides that, I'm poor :P So who'd want to hack my account, haha :P
And even if I did want to buy isk (that's where most people get robbed, when buying isk as I've heard, I haven't got the money. I easily pay for my sub but anything more wouldn't be possible really. Besides... What for? It's not like I need to buy isk. Probably if I was desperate to buy isk, I'd sell one of my subs as a plex. The rates that the isk seelers offer aren't really good, I checked on allegro.pl (sort of a polish ebay), you don't gain much compared to plex selling. ------------------------
|
flashfreaking
LFC Executive Outcomes
|
Posted - 2009.04.18 21:11:00 -
[15]
Well, the moment they let us use SSH keys, I'll be all ears, until then, use some comon sense.
|
Nimaeta
|
Posted - 2009.04.19 20:33:00 -
[16]
My (main) account got hacked that day. It's been permanently banned, and nobody has logged on to my pilot ever since my last login.
Yet still it is permanently banned due to that the account has been compromised/hacked.
I've sent a petition with my national identity scanned in, is this all i can do to reimburse ? i havent had a response in 2 days and i dont want to reach 7 days, because according to the rules, those accounts won't get reimbursed .........
Anyhow, is this all i can do ?
|
mazzilliu
Caldari Sniggerdly Pandemic Legion
|
Posted - 2009.04.19 20:35:00 -
[17]
Periodic forced password changes, password blacklists, and minimum standards of password security for ingame accounts(one capital letter, one mumber, min 10 character length etc) is the best way to prevent this sort of attack.
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1045803 VOTE FOR ME FOR CSM |
Arjurian
|
Posted - 2009.04.20 10:36:00 -
[18]
A friend of mine who's only recently started playing has been hit with one of these "Banned!" account messages at log-in recently, and he's pretty disheartened by it (he'd only JUST started playing a week or so before). As it stands, he hasn't had any communication with anyone from CCP accounts, even after petitioning to try and find out what was going on close to a week or so ago without getting a response. :-/
Naturally, he's a bit bewildered - he's unsure if he did something against the Terms of Service without realizing it, for instance, and is worried that if he's been banned permanently for something he didn't realize he was doing wrong (which is doubtful, I should add - he's broke and barely just out of the tutorials). I've been really enjoying having a bud to fly around with in the game the past little bit - it's brought me back to the game after a couple of years away - but the situation for him is basically that he has no idea what's going on, he's just been banned with no notice and no information on what to expect, so he's basically on the edge of just calling it a day (he just got his first cruiser after some hard work, but if that's just gone he won't start again, basically). :-/
On his behalf, then, I'd like to ask a couple of questions and hope that maybe an answer or two (even if they're necessarily vague) might show up - and they'd be greatly appreciated. =)
** Are these bans permanent? The word "Banned!" seems an awful lot more ominous than "Suspended", so even though it says there's pending investigation he's basically worried that the time he's already spent playing just flat-out won't be coming back (which would make him stop playing entirely, of course).
** By the sounds you guys must be a bit swamped with them right now, but do you have a rough guess (weeks, a month or two?) about how long restoring accounts to a playable state might take?
** Is his account time still ticking down while in this banned state?
Many thanks in advance for any answers you might be able to give to clarify some of this stuff. =) In his own words, he really loves the game, but because nobody at all has been in touch with him (no email, petition, etc) he's about halfway to just assuming everything's gone forever, and he has no recourse or reason for it. =) In fact, I'd suggest that if you guys could possibly see your way clear to firing off a "This is the situation" email to the people who have been banned for the above reason (whether my bud's actually one of them or not I honestly don't know), it would probably put quite a few minds at ease. =)
Cheers! =)
- Arjurian
|
Xing Pao
|
Posted - 2009.04.20 16:20:00 -
[19]
CCP, when you encourage and fully condone bots and macroing to make isk for sale for real money you knew it would devolve into this...and worse.
Players can buy isk in probably 30 mins yet it takes you weeks to answer a customer's problem?
Your customers are the ones suffering, while you design nifty new 1 billion+ isk cruisers for pvp to further the need for pvpers to buy isk. Your ratio of trit in capital construction has produced a much lower income for miners of low-sec and 0.0 ore, and this furthers the need for isk buying.
Why design the game to push people into buying isk, then act like you are shocked and horrified that it's going on? There is really only one answer don't you think???
|
Freezehunter
Gallente O.W.N. Corp OWN Alliance
|
Posted - 2009.04.21 19:58:00 -
[20]
Originally by: Dr Karsun Edited by: Dr Karsun on 17/04/2009 21:24:14 I suggest - people stop downloading so much erotic movies, it really IS the biggest seed of viruses, trojans, etc ;)
Dude, just call it ****...
And yes, you are right :) _________________________________________________ Be smart! |
|
Freezehunter
Gallente O.W.N. Corp OWN Alliance
|
Posted - 2009.04.21 21:01:00 -
[21]
Edited by: Freezehunter on 21/04/2009 21:05:35
Originally by: Xing Pao CCP, when you encourage and fully condone bots and macroing to make isk for sale for real money you knew it would devolve into this...and worse.
Players can buy isk in probably 30 mins yet it takes you weeks to answer a customer's problem?
Your customers are the ones suffering, while you design nifty new 1 billion+ isk cruisers for pvp to further the need for pvpers to buy isk. Your ratio of trit in capital construction has produced a much lower income for miners of low-sec and 0.0 ore, and this furthers the need for isk buying.
Why design the game to push people into buying isk, then act like you are shocked and horrified that it's going on? There is really only one answer don't you think???
QFT...
THis guy is right CCP, i mean what the ****?
I know MANY guys that buy ETC's and sell them for isk, and own motherships, and capital ships and t3 cruisers and ****, JUST BECAUSE THEY BOUGHT THE ISK VIA THE ******ED ETC system...
$ > ETC > ISK is the most ******ed and unfair idea you have ever had...
I mean what the ****, i can only afford ONE account and ONE main, so i make ISK the normal way...
Guys around me that have been playing for WAY LESS TIME THAN ME all have lots of ships and go PVP all day and lose super expensive ships and modules, while i have to buy completely CRAP ships because i make ISK the normal, FAIR way while THEY just basically CHEAT and BUY their isk VIA ETC...
IT's **** like this that sometimes makes me wanna say **** you CCP i'm gonna play another MMO that is more fair towards the normal, player, and doesn't give advantages to the crazy ****ing ritch player that can just BUY his in game money instead of WORKING for it like the normal player does...
I mean seriously, it's like having wallhacks or aimhacks or speedhacks in an online FPS game...
If this **** keeps up in the future, or gets worse, i am leaving this game that i've been playing FAIRLY for the past 3 years...
If Eve is supposeed to be so "harsh and unforgiving" at least make it a ****ing LEVEL PLAYING FIELD for EVERYONE, don't just give advantages to some just because they fill your wallets you ingrate ****s...
Sorry about all the swearing but you know i am right CCP!
P.S.: Most of the guys that i said fill your wallets don't even fill YOUR wallets, they fill the wallets of ETC selling sites... + they basically don't even give YOU any money to play the game because they use time codes from someone else... AND YET YOU GIVE THEM THE UPPER HAND...
|
Shazrun
|
Posted - 2009.04.22 17:08:00 -
[22]
Okay, So I believe my CC was involved in this, as I have 2 new charges to my account that were not me, and seem to insist that people started new accoutns. thats $40 of my hard earned money down the drain, because CCP couldnt keep their security on lock down.
|
Rilwar
22nd Black Rise Defensive Unit
|
Posted - 2009.04.22 22:00:00 -
[23]
Originally by: Shazrun Okay, So I believe my CC was involved in this, as I have 2 new charges to my account that were not me, and seem to insist that people started new accoutns. thats $40 of my hard earned money down the drain, because CCP couldnt keep their security on lock down.
So don't use your CC to buy ISK and they won't get the # ololol.
Good thing your account name / pass have nothing to do with your CC #
---O-H--S-H-I-T---
|
Siri Blue
Gallente Arachnea Phoenix Battalion Hoodlums Associates
|
Posted - 2009.04.23 00:52:00 -
[24]
How about more effectively hunting, banning and IP banning ISK sellers and their farmers? At the same time I wouldn't mind some counter-hacking either to blow their damn servers
People for Stuff Raffle - No ISK needed
|
ceaon
Gallente
|
Posted - 2009.04.24 23:10:00 -
[25]
Originally by: GM Grimmi EVE players are now under attack by ISK selling hackers who are attempting to break into thousands of accounts. From the information we currently have it looks like they are using key-logger/phishing/trojan lists with usernames and passwords from other games. Successful break-ins result in assets being liquidated and all the ISK being sold off to other players.
Anyone who has accounts on other games with the same username and password as for EVE should change their password immediately.
We urge all players to regularly change their passwords and to make sure their passwords are as secure as possible, preferably with capital letters and numerals mixed in and not too short either.
copy DAoC way to deal whit this 1 password for account management 1 password for game log in 1 password for forums
that will secure more the issue but wait u CCP spam this threads now and then to get customers afraid of hacking and make nothing for this issue on last 2 years or more u dont bring an proof of this ..... and also no proof that CCP is working to improves the system just words
btw ***** vagina .... why the forum filter is sexist ?
|
faxtarious
Minmatar Kai-Zen inc.
|
Posted - 2009.04.25 16:02:00 -
[26]
Edited by: faxtarious on 25/04/2009 16:02:39 it's weird... been playing this game non stop for 3 consecutive year and i've never had account security issues... and i use the usual EvE side application like EvEmon and EFT.
Never got any mysterious "Ban".
How do I do it ??? I must be special i guess
The answer is common sense people... simple Have you ever noticed how the dumb ones always fall for those MSN messenger viruses..and get their Hotmail hacked... it,s simple...don't execute the .exe app that promises heaven and hearth with glittery winsauce...there is no such thing as a .exe ap that offers heaven and hearth.
|
Bodrul
Caldari Tadakastu-Obata Corporation The Honda Accord
|
Posted - 2009.04.25 18:44:00 -
[27]
a good place to generate passwords
http://www.goodpassword.com/
WIN 200 Mill ISK, FREE ENTRY |
|
Chribba
Otherworld Enterprises Otherworld Empire
|
Posted - 2009.04.27 12:04:00 -
[28]
Moar security features on our accounts pls. At least a log-page so we can see login attempts and take actions if needed/worried!
|
|
Vaerah Vahrokha
Minmatar Dark-Rising
|
Posted - 2009.04.28 11:08:00 -
[29]
Quote:
Have you ever noticed how the dumb ones always fall for those MSN messenger viruses..and get their Hotmail hacked... it,s simple...don't execute the .exe app
It's Darwin's laws at work.
Originally by: Chribba Moar security features on our accounts pls. At least a log-page so we can see login attempts and take actions if needed/worried!
This. Plus, I am baffled at how much more important ventures like i.e. IRL credit cards "issues" are easily dealt with with effective simplicity, while video games are stuck in the years 1970 security speaking.
|
Brather
Gallente Valiant Exploration and Mining Corporation
|
Posted - 2009.04.28 12:30:00 -
[30]
here is one quick thing that might help both ccp and the clients in this matter
Implement a last logon show info line at the login window:
have it say your last logon was from : insert ip here at: insert time here
most people will recognize their ip and if then see a problem then they can take the needed action
also make it so eve does not accept same username/passwords combos. heck it should be that the username cannot be part of the password .
|
|
|
|
|
Pages: [1] 2 :: one page |
First page | Previous page | Next page | Last page |