Pages: 1 2 :: [one page] |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Selly McTrade
|
Posted - 2009.09.08 06:47:00 -
[1]
Just a warning to everybody on the forums. I've had 3 of my 5 accounts hacked and are currently inaccessible. Viewing info through Capsuleer I've had 3 bil isk removed from one of my characters. I also cannot reset the passwords for these accounts, I'm guessing they've changed the email information. I have petitioned this.
I barely, BARELY click any links on the forums, the last thing I downloaded was the latest Eve Fitting Tool and the only links I follow are eve related, steering clear of "sexy satelite etc etc" posts.
Moral of the story, don't use these forums and think you're safe from douche hackers.
I trust CCP will get onto this issue quicksmart.
|
Akita T
Caldari Caldari Navy Volunteer Task Force
|
Posted - 2009.09.08 06:57:00 -
[2]
You're only the second person I know of to report "he did nothing wrong (as far as he knew)" in order to have his accounts hijacked (not hacked, hijacked, it's a big difference), and the FIRST person I heard of had pretty good reasons to believe his girlfriend might have had installed some form of keylogger on his computer. Ok, maybe you can count a third one, because one guy did say he thinks somebody might have "bruteforced" his (self-admittedly extremely WEAK password) after he _posted_ his account name (because he purchased a character, and he didn't just convo the other guy with the account name, choosing to post it on the forums instead). Maybe you just downloaded EFT from one of the non-official mirrors instead of going to one of the official ones (as in, posted by the creator of the piece of software in his forum thread) ? Or maybe you could have logged in to the fake EVE-site after one of the phishing e-mails claiming "there might have been a problem with your account" ?
So... really... think hard... are you ABSOLUTELY SURE you don't fall in any of the above categories ?
_
Info about our corp | Beginer's ISK making guide | Manufacturer's helper |
Miss CutieTrader
Sandline International Trading Corp Pandemic Legion
|
Posted - 2009.09.08 07:04:00 -
[3]
Edited by: Miss CutieTrader on 08/09/2009 07:05:13
Originally by: Akita T You're only the second person I know of to report "he did nothing wrong (as far as he knew)" in order to have his accounts hijacked (not hacked, hijacked, it's a big difference), and the FIRST person I heard of had pretty good reasons to believe his girlfriend might have had installed some form of keylogger on his computer. Ok, maybe you can count a third one, because one guy did say he thinks somebody might have "bruteforced" his (self-admittedly extremely WEAK password) after he _posted_ his account name (because he purchased a character, and he didn't just convo the other guy with the account name, choosing to post it on the forums instead). Maybe you just downloaded EFT from one of the non-official mirrors instead of going to one of the official ones (as in, posted by the creator of the piece of software in his forum thread) ? Or maybe you could have logged in to the fake EVE-site after one of the phishing e-mails claiming "there might have been a problem with your account" ?
So... really... think hard... are you ABSOLUTELY SURE you don't fall in any of the above categories ?
Last I checked you wasnt GM Akita.
I might be wrong....but I dont really think any of us got the right to question the OP. I might take u wrong tho. Just saying ,he was nice and posted us some information to learn from, not to question his actions.
|
Gin G
Halls Of Valhalla
|
Posted - 2009.09.08 07:07:00 -
[4]
my suspicious slightly insane paranoid scenes are telling me to run another spybot S+D and another full scan with avast today just in case the one half hour ago missed anything
to the op THANK YOU VERY MUCH now i cant even download some donkey movies
Please refrain from editing a moderator's warning. Zymurgist |
Cassiopeia Draco
|
Posted - 2009.09.08 07:13:00 -
[5]
As Akita said, unles EFT was downloaded from the offical site/mirror, then that may be where you got the keylogger/packet sniffer from.
Something that you should do is compare the Checksum on the Zip you downloaded, with the one that EFT's creator publishes if its not the same thats your problem.
If you did download from an unoffical mirror, can you publish details so that the community can be made aware the issue, and let EFT's creator know, so he can warn people on the EFT thread.
|
Sleepkevert
Amarr Rionnag Alba Against ALL Authorities
|
Posted - 2009.09.08 07:19:00 -
[6]
Originally by: Miss CutieTrader Last I checked you wasnt GM Akita.
I might be wrong....but I dont really think any of us got the right to question the OP. I might take u wrong tho. Just saying ,he was nice and posted us some information to learn from, not to question his actions.
That should be Gms job.
We don't got the right to question op, but unless someone else used that pc, the op picked up that logger somewhere. Good thing about virusses is that they don't magicly appear when you keep a pc idle behind a firewall.
What we could really learn from is where he might have picked it up or did to get the logger. That way, no-one will make the same mistake again.
No hard feelings op? _
Add your own line! |
Akita T
Caldari Caldari Navy Volunteer Task Force
|
Posted - 2009.09.08 07:22:00 -
[7]
Edited by: Akita T on 08/09/2009 07:25:51
Originally by: Miss CutieTrader Last I checked you wasnt GM Akita
Last I checked, EFT was pretty damn clean, and a slew of people use it almost constantly, none with problems. Last I checked, nobody I know had their account compromised. Last I checked, my account was ok too, and I do a lot of the stuff the OP claims he hasn't done (but I'm the only person who ever uses this machine, I'm damn sure of that, and I only use this machine for EVE). Last time I checked, I still haven't claimed I'm a GM, but nevertheless, whatever I just said wouldn't clash with what a GM might have thought (but would probably refrain from saying). And you know what else a GM/dev would say ? THAT POSTING ABOUT IT IN THE FORUM WILL DO NO GOOD, AND THAT YOU SHOULD JUST PETITION AND WAIT.
Originally by: Miss CutieTrader Just saying ,he was nice and posted us some information to learn from, not to question his actions
What he posted amounts to "I couldn't have gotten infected from any other place except EFT". And the ONLY way we can draw any USEFUL conclusions is if WE DO question his actions. You know, just to determine where the heck else he might have been infected or where he might have leaked his password or god knows what else.
_
Info about our corp | Beginer's ISK making guide | Manufacturer's helper |
Selly McTrade
|
Posted - 2009.09.08 08:00:00 -
[8]
Originally by: Akita T You're only the second person I know of to report "he did nothing wrong (as far as he knew)" in order to have his accounts hijacked (not hacked, hijacked, it's a big difference), and the FIRST person I heard of had pretty good reasons to believe his girlfriend might have had installed some form of keylogger on his computer. Ok, maybe you can count a third one, because one guy did say he thinks somebody might have "bruteforced" his (self-admittedly extremely WEAK password) after he _posted_ his account name (because he purchased a character, and he didn't just convo the other guy with the account name, choosing to post it on the forums instead). Maybe you just downloaded EFT from one of the non-official mirrors instead of going to one of the official ones (as in, posted by the creator of the piece of software in his forum thread) ? Or maybe you could have logged in to the fake EVE-site after one of the phishing e-mails claiming "there might have been a problem with your account" ?
So... really... think hard... are you ABSOLUTELY SURE you don't fall in any of the above categories ?
I downloaded eft through the first mirror. I don't respond to "we need your details again" emails as I know they're bogus, no company I know of or have had experience with, emails their customers asking for their details. I have gone to a couple of links which were eve related jpegs. All I'm saying is, don't think you're safe using the forums just clicking on eve related topics.
I'm the only individual who uses this PC, and I also was the only individual who knew the passwords. Nobody even knew my usernames.
Funnily enough the "hijackers" are actually online as we speak, I managed to change passwords and have them sent to my regular email, as to salvage 2 accounts. I get the passwords in the mail, I check to make sure the accounts work, I go back to my email and the eve password mails have been deleted, they're now in my frikken gmail account. So they end up changing the password and email on one of the 2 remaining accounts, I now have 1 account left which I've changed the email and password on. It also happens to be the account with no isk on it.
I'm currently doing everything from my laptop, as I havn't used it in 6 months. I've gone through all my major online cash handling services and changed the passwords on those as well.
I just today got an iPod touch, and downloaded Capsuleer from the app store on itunes. I input the limited api data after logging in to my main character on the eve page through the ipod using safari. It logged in fine, then I went to log into eve on my main PC and I got "incorrect username/pass".
|
Selly McTrade
|
Posted - 2009.09.08 08:07:00 -
[9]
Hijackers email address, yes apparently they don't care about accounts with no assets, or isk. Password changed. 2nd account restored.
Email: [email protected]
|
Akita T
Caldari Caldari Navy Volunteer Task Force
|
Posted - 2009.09.08 08:09:00 -
[10]
Edited by: Akita T on 08/09/2009 08:11:03
Originally by: Selly McTrade I downloaded eft through the first mirror. I don't respond to "we need your details again" emails as I know they're bogus, no company I know of or have had experience with, emails their customers asking for their details. I have gone to a couple of links which were eve related jpegs. All I'm saying is, don't think you're safe using the forums just clicking on eve related topics.
I'm the only individual who uses this PC, and I also was the only individual who knew the passwords. Nobody even knew my usernames.
Funnily enough the "hijackers" are actually online as we speak, I managed to change passwords and have them sent to my regular email, as to salvage 2 accounts. I get the passwords in the mail, I check to make sure the accounts work, I go back to my email and the eve password mails have been deleted, they're now in my frikken gmail account. So they end up changing the password and email on one of the 2 remaining accounts, I now have 1 account left which I've changed the email and password on. It also happens to be the account with no isk on it.
I'm currently doing everything from my laptop, as I havn't used it in 6 months. I've gone through all my major online cash handling services and changed the passwords on those as well.
I just today got an iPod touch, and downloaded Capsuleer from the app store on itunes. I input the limited api data after logging in to my main character on the eve page through the ipod using safari. It logged in fine, then I went to log into eve on my main PC and I got "incorrect username/pass".
What makes you think your problems started with anything you might have gotten from the EVE forum anyway (and in particular, what makes you think it was EFT, because by the looks of it, that's what you seem to suspect, and not much else) ? I mean, other than "that's the only thing I did that I suspect might be the problem" ? Also, sounds to me you have more than just EVE-related issues, sounds as if even (some of) your email accounts got compromised (or did you mean you deleted those emails yourself?). Are you sure this thing didn't START with your email account getting compromised first, and the so-called "hackers" didn't simply request a password reset themselves ?
_
Info about our corp | Beginer's ISK making guide | Manufacturer's helper |
|
Garia666
Amarr T.H.U.G L.I.F.E
|
Posted - 2009.09.08 08:11:00 -
[11]
we have a corp member whcih was an director who emptyed our corp wallet and all our corp assets.. its been petitioned.. after @1st tought we where robbed . it seems that the account was hacked aswell. there 3 petitions going on and 1 email to support..
However it takes very long for ccp to react.
www.garia.net |
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.08 08:22:00 -
[12]
Edited by: Glengrant on 08/09/2009 08:23:24 Selly,
thanks for the warning and all the infos provided. It's in all our interests in narrowing down how those bastards got at your credentials. Tha sux - you have my sympathies.
I'd like to know * what browser where you using? * if Firefox - are you usig the noscript extenssion? * if IE? What version? And is it at default security settings? * I assume you are on windows - XP? Vista? 7? * Do you use the same password for other accounts besides EVE? * Would you say your password was weak (word in dictionary, or somehow related to your person) - or strong (nothing personal, includes silly chars, etc...)?
You could identify or rule out EFT by sending your download file (if you still have it) and ask them to compare with their own version.
I hope you can restore your accounts to their former glory quickly.
--- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
Selly McTrade
|
Posted - 2009.09.08 08:36:00 -
[13]
Originally by: Akita T Edited by: Akita T on 08/09/2009 08:11:03
Originally by: Selly McTrade I downloaded eft through the first mirror. I don't respond to "we need your details again" emails as I know they're bogus, no company I know of or have had experience with, emails their customers asking for their details. I have gone to a couple of links which were eve related jpegs. All I'm saying is, don't think you're safe using the forums just clicking on eve related topics.
I'm the only individual who uses this PC, and I also was the only individual who knew the passwords. Nobody even knew my usernames.
Funnily enough the "hijackers" are actually online as we speak, I managed to change passwords and have them sent to my regular email, as to salvage 2 accounts. I get the passwords in the mail, I check to make sure the accounts work, I go back to my email and the eve password mails have been deleted, they're now in my frikken gmail account. So they end up changing the password and email on one of the 2 remaining accounts, I now have 1 account left which I've changed the email and password on. It also happens to be the account with no isk on it.
I'm currently doing everything from my laptop, as I havn't used it in 6 months. I've gone through all my major online cash handling services and changed the passwords on those as well.
I just today got an iPod touch, and downloaded Capsuleer from the app store on itunes. I input the limited api data after logging in to my main character on the eve page through the ipod using safari. It logged in fine, then I went to log into eve on my main PC and I got "incorrect username/pass".
What makes you think your problems started with anything you might have gotten from the EVE forum anyway (and in particular, what makes you think it was EFT, because by the looks of it, that's what you seem to suspect, and not much else) ? I mean, other than "that's the only thing I did that I suspect might be the problem" ? Also, sounds to me you have more than just EVE-related issues, sounds as if even (some of) your email accounts got compromised (or did you mean you deleted those emails yourself?). Are you sure this thing didn't START with your email account getting compromised first, and the so-called "hackers" didn't simply request a password reset themselves ?
Well for starters, I'm not pointing the finger at EFT, I'm just listing the things I've been doing on the eve forums, and warning people not to be careless, or expect they won't be targeted. Also, is it not natural to assume that seeing as the forums have been inundated with bots / spam and keyloggers, and also other posters crying that they've been hacked/hijacked that I would have somehow infected myself with a keylogger by visiting the eve forums ? I can't expect these isk thieves are uploading keyloggers to google.com, or digg.com or any other random non-eve related website, not directly linked through the eve forums, to hijack eve accounts, not that it's impossible, just unlikely.
I was using the same password for my gmail as my eve accounts. They deleted those 'changed eve password' emails so I wouldn't change them again. I only managed to salvage that 2nd account as I had copied the changed password to a text file. Both are now changed and are associated with different email adresses. I'm still missing 3 accounts.
Lastly, I play eve in my spare time, when I'm not working, or sleeping... I rarely visit sites non-related to eve, unless it's my internet banking site or email. I tend to visit my alliance forums, corp forums, ineve.net occasionally, evesurvival etc etc Now unless the isk spammers are targetting alliance/corp forums, I think it reasonable to suspect the official eve forums of the link to the originating keylogger. Am I wrong ?
|
Selly McTrade
|
Posted - 2009.09.08 08:42:00 -
[14]
Originally by: Glengrant Edited by: Glengrant on 08/09/2009 08:23:24 Selly,
thanks for the warning and all the infos provided. It's in all our interests in narrowing down how those bastards got at your credentials. Tha sux - you have my sympathies.
I'd like to know * what browser where you using? * if Firefox - are you usig the noscript extenssion? * if IE? What version? And is it at default security settings? * I assume you are on windows - XP? Vista? 7? * Do you use the same password for other accounts besides EVE? * Would you say your password was weak (word in dictionary, or somehow related to your person) - or strong (nothing personal, includes silly chars, etc...)?
You could identify or rule out EFT by sending your download file (if you still have it) and ask them to compare with their own version.
I hope you can restore your accounts to their former glory quickly.
I'm using firefox 3.0.13 Windows 7 trial I have Outpost Firewall Pro installed I was using the same password for my gmail/eve accounts (dumb I know, but I was lazy, and I'm now paying for it) Password was average strength, combination of randomized letters, and 1 number (this doesn't matter though if they've just recorded my keystrokes, multiple uses of the same set of letters/numbers would indicate a pattern of use ie a password.)
|
Selly McTrade
|
Posted - 2009.09.08 09:05:00 -
[15]
Edited by: Selly McTrade on 08/09/2009 09:15:15 Hijackers email address, yes apparently they don't care about accounts with no assets, or isk. Password changed. 2nd account restored.
Email: Removed
Edit: I'm sure I posted this already but it's not in the thread anymore.
|
Blane Xero
Amarr The Firestorm Cartel
|
Posted - 2009.09.08 09:11:00 -
[16]
Selly thats because YOUR NOT SUPPOSED TO POST THAT. _____________________________________ Haruhiist since December 2008
Originally by: CCP Fallout :facepalm:
|
Zartanic
|
Posted - 2009.09.08 09:13:00 -
[17]
Edited by: Zartanic on 08/09/2009 09:14:00 Thanks for all your information. I think some were compromised by opening an EVE related link sent to them by friends (or maybe spoofs of friends) rather than anything to do with this site.
Also, could you please confirm you don't use NoScript with Firefox?
Hope you get your stuff back soon.
EDIT: In another game I played several people were hacked from one Guild I was in. This is because that Guilds own forums were hacked and the passwords were the same as the game login and in some cases even their email.
|
Selly McTrade
|
Posted - 2009.09.08 09:16:00 -
[18]
I do not use NoScript
|
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.08 09:18:00 -
[19]
And regarding your mail account - you might want to check if mails have been sent from it (assuming you still/again can access it). --- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.08 09:28:00 -
[20]
Edited by: Glengrant on 08/09/2009 09:33:43
Originally by: Selly McTrade I'm using firefox 3.0.13 Windows 7 trial I have Outpost Firewall Pro installed I was using the same password for my gmail/eve accounts (dumb I know, but I was lazy, and I'm now paying for it) Password was average strength, combination of randomized letters, and 1 number (this doesn't matter though if they've just recorded my keystrokes, multiple uses of the same set of letters/numbers would indicate a pattern of use ie a password.)
Thanks for the infos. Randomized letters and a number is way above average IMHO.
It matters insofar as with a non-trivial password we can assume some a keylogger.
Without noscript a cross-side script might have caught your gmail password - and that in turn might explain the eve access.
It would be good if we could rule out your EFT (or just as well identify it as the culprit).
And let me recommend the noscript extension (besides upgrading to FF 3.5). It disables javascript by default and lets you enable it per trusted web site. I have a dozen or so web site that get JS enabled- everything else gets temporary access for a subset of sites at best. That together with XSS protections should take care of most browsing vulnerabilities. Except for social hacking - but you sound like you are aware of that. --- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
|
gfldex
|
Posted - 2009.09.08 09:33:00 -
[21]
Originally by: Selly McTrade I was using the same password for my gmail as my eve accounts.
Did you use the same login details anywhere else?
|
Cpt Tofutiger
|
Posted - 2009.09.08 09:36:00 -
[22]
Originally by: Sleepkevert
Originally by: Miss CutieTrader Last I checked you wasnt GM Akita.
I might be wrong....but I dont really think any of us got the right to question the OP. I might take u wrong tho. Just saying ,he was nice and posted us some information to learn from, not to question his actions.
That should be Gms job.
We don't got the right to question op, but unless someone else used that pc, the op picked up that logger somewhere. Good thing about virusses is that they don't magicly appear when you keep a pc idle behind a firewall.
What we could really learn from is where he might have picked it up or did to get the logger. That way, no-one will make the same mistake again.
No hard feelings op?
http://en.wikipedia.org/wiki/Blaster_worm
|
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.08 09:53:00 -
[23]
And what else besides EVE do you use on that machine?
I'm so interested because you sound like somebody who did most things right - above average certainly (firewalled, non-trivial pw, no IE, no wild clicking, no blind downloading). So if they could get at your accounts - then the bad guys can get at most accounts here. --- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
Selly McTrade
|
Posted - 2009.09.08 10:35:00 -
[24]
I use evemon, steam, msn, ventrilo, few games, daemon tools. Concerning those jpegs I mentioned earlier, it was a picture of a rokh with a sail, from that guy building a rokh yacht, I also downloaded the wormhole map pic, and possibly the influence map, but I can't remember when I got that.
I've told my alliance mates to blow me up if they see me, and they have so far lol... he undocked in a badger and they popped him. He admitted to being a stolen toon as well, of which the transcripts have been sent to CCP through the petition system. I'm just waiting for the client to download to my laptop so I can get online and "talk" to him. I figure if I get the toon back without loss of SP I'll be happy, but loss of assets will hurt a bit, capital skillbooks, dread, thannie.
|
Haramir Haleths
Caldari Nutella Bande
|
Posted - 2009.09.08 11:16:00 -
[25]
Never, really never click any links or download any stuff from this forums with your gaming computer. Thats what your Job Computer is made for
|
Elisat
|
Posted - 2009.09.08 12:13:00 -
[26]
Originally by: Haramir Haleths Never, really never click any links or download any stuff from this forums with your gaming computer. Thats what your Job Computer is made for
this... i forum ***** at work... and play at home... just to avoid temptation... i pulled the vid card from my work machine so i can't run eve even if i wanted to...
|
Selly McTrade
|
Posted - 2009.09.08 12:46:00 -
[27]
Quick update;
I've a petition response.
Also the hijacker contacted me ingame asking for 3bil isk to have my account returned and threatening me with skill point loss. I'm just sitting here watching my mains account balance go up and down as the guy sells my stuff and transfers the isk to an unknown destination.
Quick question, when I get a petition response, do I add another message to that petition to respond, or do I start a new petition ? I've done both so far, hoping to get a quick resolution, seeing as this guy is currently active and selling.
|
Taedrin
Gallente The Space Bar South The Compass
|
Posted - 2009.09.08 13:26:00 -
[28]
TBH, it sounds like a drive-by infection you picked up from an advertisement from an otherwise innocent website. Even firefox has vulnerabilities which can be taken advantage of. In fact, even no-script + adblock has vulnerabilities (please consider that no-script seems to update twice a week patching some bugs.
The end result is that there is no way to be 100% protected from these things happening unless you unplug your computer from the internet.
|
Akita T
Caldari Caldari Navy Volunteer Task Force
|
Posted - 2009.09.08 13:39:00 -
[29]
Originally by: Selly McTrade Quick question, when I get a petition response, do I add another message to that petition to respond, or do I start a new petition ?
Add to the old petition, usually, as it should get attention faster than a fresh petition. However, I would have expected them to "ban pending investigation" much sooner...
_
Info about our corp | Beginer's ISK making guide | Manufacturer's helper |
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.08 13:52:00 -
[30]
Edited by: Glengrant on 08/09/2009 13:52:57
Originally by: Selly McTrade Quick update;
I've a petition response.
Glad to hear that.
Originally by: Selly McTrade Also the hijacker contacted me ingame asking for 3bil isk to have my account returned and threatening me with skill point loss.
String him along with agreeing to that and that you're workig on getting an account online and the isk ready for payment. That'll take hours of course - with d/l new client and 3 bn and whatnot. Meanwhile negotiate for less than 3bn ("Man - plz don't kill my hard-earned SP - but you just cleaned me out - gotta borrow the isk", etc...). (and let's hope he's too busy stealing stuff and doesn't read this thread ;-) ). Basically play for time while CCP follows the money trail and pawns his *ss.
Originally by: Selly McTrade I'm just sitting here watching my mains account balance go up and down as the guy sells my stuff and transfers the isk to an unknown destination.
Unknown to you/us - but CCP can see what's going on. As they are aware of this now and you can inform them when you last logged on - everyting noow getting transferred is tainting those accounts.
I'd expect CCP to restore your stuff (insofar as the transfers can be reversed - money at least - dunno abput assets refined etc...). Restoring SP should also be no major problem for them (I hope).
And look forward to seeing the chars vanish that your stuff was transfered to. :-)
Originally by: Selly McTrade Quick question, when I get a petition response, do I add another message to that petition to respond, or do I start a new petition ? I've done both so far, hoping to get a quick resolution, seeing as this guy is currently active and selling.
You add a messsage to the original petition. You know that you can access petitions via web - not just EVE client? Te redundant petition will be closed.
--- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
|
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.08 14:03:00 -
[31]
Originally by: Taedrin TBH, it sounds like a drive-by infection you picked up from an advertisement from an otherwise innocent website. Even firefox has vulnerabilities which can be taken advantage of. In fact, even no-script + adblock has vulnerabilities (please consider that no-script seems to update twice a week patching some bugs.
It's true - no software is safe - there's only safer - no safe. But while a drive by infection is *possible* it's an unlikely scenario. It happened a lot when ActiveX was still widespread and IE left to languish before MS was forced to compete again. Even MS is cleaning up its act recently (too late for me - I switched to Linux years ago - partly for some extra protection).
Originally by: Taedrin The end result is that there is no way to be 100% protected from these things happening unless you unplug your computer from the internet.
That's the sad truth.
--- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
|
Chribba
Otherworld Enterprises Otherworld Empire
|
Posted - 2009.09.08 14:05:00 -
[32]
Ummm if he's accessing your account doing stuff right now, why not file a petition to have CCP deactivate the account right now before you lose more things?
Win a Wyvern mothership for 10M ISK |
|
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.08 15:28:00 -
[33]
If he wrote a petition telling CCP that his account got hacked - and then needs to write another one explicitly asking CCP to do the obvious I'd be shocked.
--- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
Selly McTrade
|
Posted - 2009.09.09 03:55:00 -
[34]
Update:
Well, I have my accounts back, minus a lot of assets. Skill points are intact thankfully. The low-sec system I was based out of is completely clear of any assets, and there was a lot of stuff there, something like 30 ships, modules of all kinds, including faction gear. Will keep haselling CCP to check the transaction records on my main, I've yet to see any isk refunded on this character.
I even lost my navy raven faction fit in my mission hub 30 jumps away from home :(
Could've been worse though.
Thanks to the GM's involved for getting back my accounts, very much appreciated.
|
Shaemell Buttleson
Euphoria Released
|
Posted - 2009.09.09 09:27:00 -
[35]
Edited by: Shaemell Buttleson on 09/09/2009 09:29:00
Originally by: Selly McTrade Quick update;
I've a petition response.
Also the hijacker contacted me ingame asking for 3bil isk to have my account returned and threatening me with skill point loss. I'm just sitting here watching my mains account balance go up and down as the guy sells my stuff and transfers the isk to an unknown destination.
Quick question, when I get a petition response, do I add another message to that petition to respond, or do I start a new petition ? I've done both so far, hoping to get a quick resolution, seeing as this guy is currently active and selling.
WTF. Petiton the account that's been hijacked if it is a case of a genuine hack and not an account share CCP will freeze it and they can do bugger all anyway!
If CCP allready know about it however and are not freezing it it means they can't be sure who's account it is.
PS I got all my stuff back that had been taken including ISK taken from the corp wallet. CCP are very thorough about returning stuff that got legitimately stolen!
|
T'Amber
ships of eve
|
Posted - 2009.09.09 11:37:00 -
[36]
Originally by: Gin G my suspicious slightly insane paranoid scenes are telling me to run another spybot S+D and another full scan with avast today just in case the one half hour ago missed anything
to the op THANK YOU VERY MUCH now i cant even download some donkey movies
I would suggest that combination of programs to everyone. Avast + Spybot combo is as solid as you can get.
-T
Click!
|
Buckaroo Kamakazee
|
Posted - 2009.09.09 16:40:00 -
[37]
Originally by: Shaemell Buttleson Edited by: Shaemell Buttleson on 09/09/2009 09:29:00
Originally by: Selly McTrade Quick update;
I've a petition response.
Also the hijacker contacted me ingame asking for 3bil isk to have my account returned and threatening me with skill point loss. I'm just sitting here watching my mains account balance go up and down as the guy sells my stuff and transfers the isk to an unknown destination.
Quick question, when I get a petition response, do I add another message to that petition to respond, or do I start a new petition ? I've done both so far, hoping to get a quick resolution, seeing as this guy is currently active and selling.
WTF. Petiton the account that's been hijacked if it is a case of a genuine hack and not an account share CCP will freeze it and they can do bugger all anyway!
If CCP allready know about it however and are not freezing it it means they can't be sure who's account it is.
PS I got all my stuff back that had been taken including ISK taken from the corp wallet. CCP are very thorough about returning stuff that got legitimately stolen!
SO, what all did you get stolen that you got back? I am being told that all I will get back is the isk that hacker got for selling my items (at greatly undervalued levels)
|
Shigsy
Neo Spartans Laconian Syndicate
|
Posted - 2009.09.09 17:40:00 -
[38]
One of my accounts got hacked, no keylogger found etc. Whoever it was, was complete fail though. They self destructed my carrier for insurance but didn't check assets and left my revelation alone. They also got me podded a couple of times and I lost carrier V and fighters V
But yeah, not all account hackers used keyloggers to do it apparantly THIS SIGNATURE IS SMALLER THAN 24000 BYTES Join "C&P" ingame! |
Bish Ounen
Gallente Best Path Inc. Ethereal Dawn
|
Posted - 2009.09.09 18:01:00 -
[39]
The same thing JUST happened to one of my Alliance leadership, Ty Rone.
Ty Rone got his account hijacked, and while he was trying to get it back the hijackers emptied his accounts and assets, stole ISK and assets from the Alliance and corp, and then, just to add insult to injury, used it for RMT.
Naturally, his account was permabanned and is slated for deletion with NO recourse for him. 4 year old character too. He's so disheartened that he's formally quit EvE. Thankfully for the Alliance and Corp we have plenty more assets and ISK to replace what was stolen, but it was a complete wipeout for Ty Rone.
CCP needs to have a better system for dealing with hijacked accounts. Not sure how that would work, but there HAS to be a better system than the one we have. As it stands basically the hijackers got away with everything, and Ty Rone got the shaft. It's wrong and unethical and CCP needs to fix it. Fix the Wardec System! Upgrade the Probing System! |
Bish Ounen
Gallente Best Path Inc. Ethereal Dawn
|
Posted - 2009.09.09 18:06:00 -
[40]
Originally by: Shigsy One of my accounts got hacked, no keylogger found etc. Whoever it was, was complete fail though. They self destructed my carrier for insurance but didn't check assets and left my revelation alone. They also got me podded a couple of times and I lost carrier V and fighters V
But yeah, not all account hackers used keyloggers to do it apparantly
Often they will go after corp or alliance message boards. These often are weak and have known exploits. If you use the same password on there that you use in game and someone gains admin access to the message board you can suddenly find yourself without assets or a character to log in with.
Your EvE game password should be unique to the game, at least 12 characters long, use caps and lowercase, and be Alpha-Symbol-Numeric. (letters, symbols, and numbers). Better to have to write it on a post-it note stuck to your monitor than to lose EVERYTHING in game because you were too lazy to have a good solid unique password. Fix the Wardec System! Upgrade the Probing System! |
|
jason hill
Caldari Clan Shadow Wolf Curatores Veritatis Alliance
|
Posted - 2009.09.09 18:12:00 -
[41]
dunno if this is gonna help anyone But my account got hacked ... an no i wasnt surfing dodgy links ... i got most of my stuff back (thanks ccp) ... what i currently am doing is putting my password into a text file (notepad) and cutting and pasting it in .now i dunni if this is any safer But !at least its summat ..and yes i have up to date antivirus /firewall
destroy everything you touch |
Capt Fossil
Gallente
|
Posted - 2009.09.09 22:21:00 -
[42]
Why doesn't CCP INSTANTLY freeze an acount that has been petitioned as hijacked????
WHY? WHY?
Should be a special petition category that get's top priority.
On another note, I am from now on taking the time to report EVERY single macro I find. Yeah, all you bot mission runners, miners out there, I am now your worst enemy.
Why?, cause it's the same group of dishonest RMT's, either buying or selling.
|
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.10 10:05:00 -
[43]
Originally by: Selly McTrade Update:
Well, I have my accounts back, minus a lot of assets. Skill points are intact thankfully. The low-sec system I was based out of is completely clear of any assets, and there was a lot of stuff there, something like 30 ships, modules of all kinds, including faction gear. Will keep haselling CCP to check the transaction records on my main, I've yet to see any isk refunded on this character.
I even lost my navy raven faction fit in my mission hub 30 jumps away from home :(
Could've been worse though.
Thanks to the GM's involved for getting back my accounts, very much appreciated.
Glad to hear you got your accounts back.
Re no assets restored - yeah - sux - but was to be expexted. I'm sure you'll get your isk back though. That part is relatively easy. Establish time frame from where account got hijacked to when it was returned and reverse all isk transfers - that's relatively easy. We know that info gets journaled anyway.
But after stuff is reprocessed I assume that no records are kept about past stages - so the info is simply no longer there that this isk that came from selling those minerals used to be that wonderful ship and all its T2 gear.
What I would try in your case is pick that one best ship and petition to restore it in exchange for percentage of returned isk. But the chances are low. I'm sure they can create a new ship and fitting out of thin air - but as they probably can't verify that you actually had that particular ship and fitting this would be open to abuse and therefore reasonable to deny. --- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.10 10:17:00 -
[44]
Originally by: Bish Ounen The same thing JUST happened to one of my Alliance leadership, Ty Rone.
Ty Rone got his account hijacked, and while he was trying to get it back the hijackers emptied his accounts and assets, stole ISK and assets from the Alliance and corp, and then, just to add insult to injury, used it for RMT.
Naturally, his account was permabanned and is slated for deletion with NO recourse for him.
I see nothing natural about that.
Originally by: Bish Ounen 4 year old character too. He's so disheartened that he's formally quit EvE. Thankfully for the Alliance and Corp we have plenty more assets and ISK to replace what was stolen, but it was a complete wipeout for Ty Rone.
CCP needs to have a better system for dealing with hijacked accounts. Not sure how that would work, but there HAS to be a better system than the one we have. As it stands basically the hijackers got away with everything, and Ty Rone got the shaft. It's wrong and unethical and CCP needs to fix it.
I would like to have more details on this one (unlikely after he quit and rules forbid discussing petitions).
But it's clearly in nobodies interest - especially CCPs - to loose 4 year old accounts.
So - my guess is they suspected him of really doing RMT himself. Or he simply gave up too soon - instead of patiently keep working at the petitions or escalating to a higher GM.
That GMs would just delete an account after hijacking without having reason to think it was not a hijacking makes no sense to me. From their point of view it's not easy either - RMTers will claim that their account was hijacked of course.
But a sudden clean-out coming from a different IP range (possibly other country) and the petition being started by him (instead of CCP noticing a RMT sale) should go a long way to make it plausible that it was a hijacking. --- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
Glengrant
TOHA Heavy Industries
|
Posted - 2009.09.10 10:27:00 -
[45]
Oh - and in your case I would make a list of chars that your money went to and occasionally check if the names are still around or if they are ever online. ;-)
OTOH the hijacker might have deleted the char himself in order to hide his tracks.
Hm - that makes me get the idea that Trial period accounts should have limits on money transfers. New players wouldn't have billions to move around. CCP could have a max on individual transfers plus another max on daily transfers. And when a total of - say - 50m (adjust based on what average trial player makes in a couple weeks) has been reached - activate another limit of 1m per day or some such. Trial player then gets a nice message about this being an anti-abuse measure and that paid for accounts have no such limit - apologies for the inconvenience.
Would at least help to raise the cost and hassle of business for the bastards. --- Save the forum: Think before you post. ISK BUYER = LOSER EVE TV- Bring it back! Laptop, NVidia7900GS, Ubuntu 8.04, WINE |
Zartanic
|
Posted - 2009.09.10 11:06:00 -
[46]
I think you cant transfer ISK to a trialist anyway. Anyway they use real accounts using the hacked account of from stolen credit cards.
|
Reincarnator
Amarr Smallville Industries Inc.
|
Posted - 2009.09.10 11:09:00 -
[47]
Originally by: Glengrant
Hm - that makes me get the idea that Trial period accounts should have limits on money transfers.
Isn't something like that already in place?
Originally by: Hango
Please refrain from posting if you have something to contribute. Thank you. -Hango
Sig'd |
gfldex
|
Posted - 2009.09.10 11:09:00 -
[48]
Did you find the attack vector yet?
|
Zartanic
|
Posted - 2009.09.10 11:23:00 -
[49]
Originally by: gfldex Did you find the attack vector yet?
Somehow that's deeply profound but I haven't got a clue what it means.
|
Dakron Argile
Caldari
|
Posted - 2009.09.10 11:52:00 -
[50]
Originally by: Zartanic
Originally by: gfldex Did you find the attack vector yet?
Somehow that's deeply profound but I haven't got a clue what it means.
I'm assuming it was addressing the OP, to find out if the origin of the account hijacking was ever discovered.
"Those who dream by day are cognizant of many things which escape those who dream by night." -E.A. Poe |
|
ketharth
|
Posted - 2009.09.10 12:06:00 -
[51]
Similar happened to me - stopped playing eve due to work in 2006 - came back and couldnt get account to log on with correct password etc. get message account is perm banned.
Create new account and check and some time 3 months after I stopped playing someone hi jacked the account and used it.
Main toon is from the day eve started up and someone has the character up for sale.
raised a petition re the account and after almost a month still waiting for any responce.
never account shared or used same account name/password and seems weird to me it was 3 months after I stopped playing and removed eve from my PC that it got hacked.
I cannot see how anyone could use a virus/keylogger to hack something that that long after the account was stopped and due to me being in a diff country with the PC never turned on got access to the account other than hacking the eve DB.
going back to under a mill skill points when used to 50+ mill is harsh but i still hope to get the old account (hopefully with main still on it) back.
And as I work in IT in the security area yes I know this PC is as secure as possible.
|
Naj Ymoch
|
Posted - 2009.09.10 12:09:00 -
[52]
Stop haxxing my MainFrame!!!!!!!1
|
|
|
|
Pages: 1 2 :: [one page] |