EVE Search - Warning- my accounts hacked- check yours

All Channels

EVE General Discussion

Warning- my accounts hacked- check yours

» Click here to find additional results for this topic using Google

Monitor this thread via RSS [?]

Author	Thread Statistics \| Show CCP posts - 0 post(s)
End Yourself Core Domination	Posted - 2006.08.31 08:36:00 - [1] Edited by: End Yourself on 31/08/2006 08:44:43 Working with admin rights 4tw! Quote: I have petitioned this with CCP, so no doubt I'll get my ISK back, but I'll also have to waste time rebuilding my PC just to be on the safe side. Make sure you also change all other passwords used on that pc. mail, ebay, amazon...... And once you are done with the reinstall you might want to reconsider using an unpriviledged user account to work with. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 16:40:00 - [2] Originally by: ching'sta Thanks for the warning. btw. you can make most trojans look like any type of file .rar .zip .mp3 or whatever it still works like an .exe A trojan horse(not a trojan, trojans were the guys who actually had their city compromised) is by definition something that doesn't look like what it is. Windows uses fileendings to determine if a file is executable or not. You just need to configure the explorer to show them. @taylor04: I recommend you do exactly what ombey is doing: Bite the bullet and reinstall your OS. Just to stick to the picture of the ancient trojan horse: removing it from troja after the greek allready sneaked out and could be hiding everywhere... could be doing whatever they want..... wouldn't have helped the trojans much, would it? --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 16:48:00 - [3] Originally by: taylor04 ALSO WHY THE HELL DID U BAN MY ACCOUNT CCP how are you ment to contact me and ask me questions now ffs!!!!!!!! My educated guess would be that they just read this thread and "somehow" recieved the impression that you do NOT have the situation under control at all. Did you even read this thread?!? Still believe it was just pictures?!? In your situation i would remove the compromised computers internet connection ASAP. Then use another PC(mate's if you only own one) to change the passwords of ALL your accounts. Change passwords of ebay, amazon, icq, email....... Phone your bank and ask them to disable your online banking and send you a new PIN. If you have used your CC since you installed the keylogger contact your CC issuer. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 16:54:00 - [4] Originally by: taylor04 not as easy as said, i have family phtos and stuff id need to burn [also what are the chances of buring the trojan horse with them!] on top of that, it takes a whole ***** day up, and on top of that its probably wise to wait for ccp to confirm whats gona happen With pictures not very high i would say. SCR files are NOT pictures tho. You want to go on using the compromised PC til CCP answers a petition?!? Well good luck, you will need it! Consider the day you will have to spend as learning the hard way. It was you who screwed up and installed the keylogger. Not some leet hacker you couldn't do ** against. Just you who was fooled into installing malware. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 17:46:00 - [5] Originally by: Tain Korore Your example is great, but my incessant need to be correct in details forces me to post. Question the first: Where in the Hell is Troja? Note: For better point impact, do all of the required reading, and call Troy, Troy hehe, you are in the know that names happen to differ as well in different languages though? I just fail to hide my german nationality sometimes. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 19:17:00 - [6] Originally by: nahtoh Ok again for the cheap seats... Download the app called hijackthis and post the log somewhere perhaps in the known issues and workarounds forum? If we can Identiy the entry (if indeed there is one) then we can help everybody that maybe sufering from this attack... I will have a look at the logs and see if I can see anything dodgy in it I reckon a few others would help as well..A full nuke and pave may not be required on your system... We have a helpfull commuity here with a nice range of expertise...why not try and use it? oh, that's cool. err wait... let's say you see something dodgy. and then you remove it. does this mean there aren't any other leftovers?!? The only solution to a compromised system is a reinstall from trusted media. Whoever says otherwise either has no clue or is making profit selling those crappy tools(mcaffee, symantec...) --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 19:50:00 - [7] Originally by: nahtoh It all depends on what it was...the more info we can generate even if its only to help others find out if they are efected by it as well. But hey if you like nuke and paves be my guest... BTW hijackthis is freeware...its got sod all to do with Macffee or Norton, used to to clean my own system and have used it to clean other systems. But like I say if you prefer people to nuke and pave in a panic without knowing what is on their systems (losing perhaps important documents like one other in this thread). The problem is: Whatever you find you will NEVER know that you found all! So removing it will still leave a system you can NOT trust anymore. More info is of course allways nice to help to _diagnose_ a compromised computer. Not to fix it. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 21:13:00 - [8] Originally by: Liegus Edited by: Liegus on 31/08/2006 21:06:04 Originally by: Elexi This isnt a case of lacking common sense etc, the guy didnt just randomly eve mail you hey give me your email address so i can send you a trojan. I spoke to him 4 or 5 times ingame and it got to stage i needed pictures to help him. so i asked him to send em to me he never once even hinted at emailing me pictures. So when they came in a .rar i just opened it without thinking twice and looked at the pictures seriously who asks for pictures then asks them to come unziped?. I didnt run anything that came out of the .rar apart from the 2 pictures. it looked perfectly normal. I even sent him a mail back stating my opinions on the character. I don't understand how opening a (non self-extracting, note the .rar extension) RAR file and viewing two jpegs can cause the execution of arbitrary code, unless you're viewing the jpegs with MSIE. Maybe someone with more currency on security issues can comment? Edit: I'd also like to specifically note that I'm not asking for "ATTATCHMENTS BAD" responses from people who don't know a .rar from an .exe, thanks :p The "jpeg exploit" was caused by a bug in the MS GDI library so it affected alot of MS products and even other programs using that library. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 21:41:00 - [9] Originally by: Sphit Ker Originally by: Kalixa Hihro (...) You should also go to your folder options and uncheck "hide known extensions". People can take a gif, jpg or anything else and name it something.rar.exe. If you have hide known extensions checked, it shows up as something.rar. Unchecked it shows the real story. (...) -Kal This is bugging me. Why would explorer show a file as "file.rar" when it is configured to hide extentions from the user? Wouldn't be just "file" then? /me is confused, again Alright Lets get back on topic Well simply because the file is "file.rar.exe". The extension is ".exe" and is not shown so what you get to see is "file.rar". Naming a jpeg/gif/... to something.rar.exe won't lead anywhere tho. Except the error message when tryin to run it. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 21:44:00 - [10] Originally by: Zanko Quote: I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall. There is your problem....... brain > virusscanner Nothing is worse than believing in ones virus scanner, feeling safe and powering the brain off. Also working with an unpriviledged account should help alot. --- Fighting for peace is like screwing for virginity.
End Yourself Core Domination	Posted - 2006.08.31 21:57:00 - [11] Originally by: Dnaltrop Nogero A solution to avoid downloading pictures to your PC and open yourself to risk, is to ask your prospective customer to post the pictures on a free, web based photo sharing site like Photobucket, Shutterbook, or any similar service. Not like the browser would not be downloading the picture and opening it. Look at the picture using Internet Explorer and the "jpeg exploit" for example would have been used to infect your system. And it's not like other browsers(firefox, opera...) don't have security problems at all. --- Fighting for peace is like screwing for virginity.

COPYRIGHT NOTICE
EVE Online, the EVE logo, EVE and all associated logos and designs are the intellectual property of CCP hf. All artwork, screenshots, characters, vehicles, storylines, world facts or other recognizable features of the intellectual property relating to these trademarks are likewise the intellectual property of CCP hf. EVE Online and the EVE logo are the registered trademarks of CCP hf. All rights are reserved worldwide. All other trademarks are the property of their respective owners. CCP hf. has granted permission to EVE-Search.com to use EVE Online and all associated logos and designs for promotional and information purposes on its website but does not endorse, and is not in any way affiliated with, EVE-Search.com. CCP is in no way responsible for the content on or functioning of this website, nor can it be liable for any damage arising from the use of this website.