| Pages: 1 2 3 4 [5] 6 :: one page |
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
|
Chribba
Otherworld Enterprises
Otherworld Empire
   |
Posted - 2006.08.31 20:47:00 -
[121]
 Originally by: Ombey
Originally by: branodn lee
you shouldnt bad mouth people with your alt. why not use a main.
lol feeling pwned yet? gee.
Sorry about your loss, am sure you will get it back tho, keep up the great work!
Will do my best to ensure that no similar content gets placed on EVE-Files, so I got another one to add to the list, thanks.
EVE-Files | EVE-Search | Monitor this Thread |
|
DropZone 187
|
Posted - 2006.08.31 20:49:00 -
[122]
Originally by: Elexi
This isnt a case of lacking common sense etc, the guy didnt just randomly eve mail you hey give me your email address so i can send you a trojan. I spoke to him 4 or 5 times ingame and it got to stage i needed pictures to help him. so i asked him to send em to me he never once even hinted at emailing me pictures. So when they came in a .rar i just opened it without thinking twice and looked at the pictures seriously who asks for pictures then asks them to come unziped?. I didnt run anything that came out of the .rar apart from the 2 pictures. it looked perfectly normal. I even sent him a mail back stating my opinions on the character.
And that makes it all perfectly justifiable in your little world?
So let me ask you this - why did you trust him/her? After that, go re-evaluate how you place trust in others. Afterall, you do play Eve and should follow the simple credo of DTA (Don't Trust Anybody)
Not trying to be intentionally harse in a personal way but I see this all the time from the user community and the only way to affect the necessary behavioral changes is to make sure they realize it is indeed their own fault.
You wouldn't give your car/home keys to a complete stranger on the street which is actually a more personal trust contact than any online interaction due to the fact that there is a physical presence involved.
|
Findail
Band of Builders Inc.
Firmus Ixion
|
Posted - 2006.08.31 20:58:00 -
[123]
Edited by: Findail on 31/08/2006 20:59:43
Originally by: Kalixa Hihro
Virus scanners only recognize _known_ viruses in their signature subscription. A trojan != virus. Viruses destroy files. A trojan impersonates them.
Neither spyware removal or virus scanners will see this if it's new and unknown to the companies.
What probably happened is the rar file installed a keylogger or eve trojan which sent everything you typed to them, since the password is not stored on your computer.
As this is extremely illegal and dangerous stuff (in real life), I suggest you contact your local police department and report the incident. You should also contact the SANS institute and report it. Send them a copy of the RAR file so they can disseminate it to the spyware companies. They may have also stolen other creds, including credit card numbers, the id/pw to your bank etc. Anything you type on your computer is at risk until whatever this is is identified, to understand the risk, and removed.
You should also go to your folder options and uncheck "hide known extensions". People can take a gif, jpg or anything else and name it something.rar.exe. If you have hide known extensions checked, it shows up as something.rar. Unchecked it shows the real story.
Download and install ethereal (a packet sniffer) or get an IT pro you know to do it, and see if your computer is sending stuff to strange places. Note the IP's and include them in the police report. While sniffing the network, don't do anything. Turn off any internet applications etc, to minimize the noise. Run a trace for a while. Then start eve up and run a trace while that's happening. Save the traces and give them to the police on CD.
-Kal
This is excellent advice (except the bit about installing stuff)
If you want to monitor what a machine is up to, do it from a different box.
What laws apply will depend on the country you're in, but almost all countries now have computer privacy laws in place.
You should also be talking to your service provider. If they are doing data accounting on traffic, there's a very good chance that the netflow data they use will be available. That data tells you what traffic went where, and when, right down to individual packet level.
The correct thing to do with the affected machine is ensure the HDD remains unaltered. i.e. remove the HDD and replace it with a new one. Give the compromised disk to law enforcement officials and let them do their job. It will, in all likelyhood, still contain info on where the stolen data was sent to
|
Liegus
|
Posted - 2006.08.31 21:04:00 -
[124]
Edited by: Liegus on 31/08/2006 21:06:04
Originally by: Elexi
This isnt a case of lacking common sense etc, the guy didnt just randomly eve mail you hey give me your email address so i can send you a trojan. I spoke to him 4 or 5 times ingame and it got to stage i needed pictures to help him. so i asked him to send em to me he never once even hinted at emailing me pictures. So when they came in a .rar i just opened it without thinking twice and looked at the pictures seriously who asks for pictures then asks them to come unziped?. I didnt run anything that came out of the .rar apart from the 2 pictures. it looked perfectly normal. I even sent him a mail back stating my opinions on the character.
I don't understand how opening a (non self-extracting, note the .rar extension) RAR file and viewing two jpegs can cause the execution of arbitrary code, unless you're viewing the jpegs with MSIE.
Maybe someone with more currency on security issues can comment?
Edit: I'd also like to specifically note that I'm not asking for "ATTATCHMENTS BAD" responses from people who don't know a .rar from an .exe, thanks :p
|
End Yourself
Core Domination
|
Posted - 2006.08.31 21:13:00 -
[125]
Originally by: Liegus
Edited by: Liegus on 31/08/2006 21:06:04
Originally by: Elexi
This isnt a case of lacking common sense etc, the guy didnt just randomly eve mail you hey give me your email address so i can send you a trojan. I spoke to him 4 or 5 times ingame and it got to stage i needed pictures to help him. so i asked him to send em to me he never once even hinted at emailing me pictures. So when they came in a .rar i just opened it without thinking twice and looked at the pictures seriously who asks for pictures then asks them to come unziped?. I didnt run anything that came out of the .rar apart from the 2 pictures. it looked perfectly normal. I even sent him a mail back stating my opinions on the character.
I don't understand how opening a (non self-extracting, note the .rar extension) RAR file and viewing two jpegs can cause the execution of arbitrary code, unless you're viewing the jpegs with MSIE.
Maybe someone with more currency on security issues can comment?
Edit: I'd also like to specifically note that I'm not asking for "ATTATCHMENTS BAD" responses from people who don't know a .rar from an .exe, thanks :p
The "jpeg exploit" was caused by a bug in the MS GDI library so it affected alot of MS products and even other programs using that library.
---
Fighting for peace is like screwing for virginity.
|
Dnaltrop Nogero
|
Posted - 2006.08.31 21:14:00 -
[126]
There is not much to add about antivirus software, trusting only those people close enough to allow you to wrap your hands around their throat, etc etc...
Ounce of prevention is worth a pound of cure.
A solution to avoid downloading pictures to your PC and open yourself to risk, is to ask your prospective customer to post the pictures on a free, web based photo sharing site like Photobucket, Shutterbook, or any similar service.
If your prospective customer refuses to do such a simple thing, there's a good chance that they are running a scam.
Or there is the small chance that they're just lazy and easily annoyed.
But I'd rather offend a lazy, irritable, honest person, than get run through the wringer anyday.
Much luck to you in getting your ISK and Accounts back.
~~~~
Men often decieve themselves in believing that by humility, they can overcome insolence.
She's not your satellite, she doesn't miss you.
|
Kitchi
Minmatar
|
Posted - 2006.08.31 21:17:00 -
[127]
Ouchie
For future reference, http://www.imageshack.us/ is your friend
---------------------
"Somebody sent us up the bomb"
"We get signal"
"What"
"Main screen turn on"
"5m or i pod u, lol"
"What you say"
"wtf omg lag" |
Sphit Ker
|
Posted - 2006.08.31 21:23:00 -
[128]
Originally by: Kalixa Hihro
(...)
You should also go to your folder options and uncheck "hide known extensions". People can take a gif, jpg or anything else and name it something.rar.exe. If you have hide known extensions checked, it shows up as something.rar. Unchecked it shows the real story.
(...)
-Kal
This is bugging me. Why would explorer show a file as "file.rar" when it is configured to hide extentions from the user? Wouldn't be just "file" then?
/me is confused, again
Alright Lets get back on topic
|
Zanko
Gallente
International Brotherhood
9th Fleet
|
Posted - 2006.08.31 21:28:00 -
[129]
Quote:
I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall.
 There is your problem.......
|
End Yourself
Core Domination
|
Posted - 2006.08.31 21:41:00 -
[130]
Originally by: Sphit Ker
Originally by: Kalixa Hihro
(...)
You should also go to your folder options and uncheck "hide known extensions". People can take a gif, jpg or anything else and name it something.rar.exe. If you have hide known extensions checked, it shows up as something.rar. Unchecked it shows the real story.
(...)
-Kal
This is bugging me. Why would explorer show a file as "file.rar" when it is configured to hide extentions from the user? Wouldn't be just "file" then?
/me is confused, again
Alright Lets get back on topic
Well simply because the file is "file.rar.exe". The extension is ".exe" and is not shown so what you get to see is "file.rar".
Naming a jpeg/gif/... to something.rar.exe won't lead anywhere tho.  Except the error message when tryin to run it.
---
Fighting for peace is like screwing for virginity.
|
Sphit Ker
|
Posted - 2006.08.31 21:44:00 -
[131]
ok. so next time I see an extention I will switch to paranoid mode.
|
End Yourself
Core Domination
|
Posted - 2006.08.31 21:44:00 -
[132]
Originally by: Zanko
Quote:
I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall.
There is your problem.......
brain > virusscanner
Nothing is worse than believing in ones virus scanner, feeling safe and powering the brain off.
Also working with an unpriviledged account should help alot.
---
Fighting for peace is like screwing for virginity.
|
End Yourself
Core Domination
|
Posted - 2006.08.31 21:57:00 -
[133]
Originally by: Dnaltrop Nogero
A solution to avoid downloading pictures to your PC and open yourself to risk, is to ask your prospective customer to post the pictures on a free, web based photo sharing site like Photobucket, Shutterbook, or any similar service.
Not like the browser would not be downloading the picture and opening it.
Look at the picture using Internet Explorer and the "jpeg exploit" for example would have been used to infect your system. And it's not like other browsers(firefox, opera...) don't have security problems at all.
---
Fighting for peace is like screwing for virginity.
|
Infinity Ziona
Sebiestor tribe
|
Posted - 2006.09.01 02:23:00 -
[134]
Who thinketh someone is this thread doth protest too much??? 
If your going to hack peoples accounts you need to learn a little bit about pyschology Taylor04.
Click Me
|
Niraco79
Gallente
|
Posted - 2006.09.01 04:52:00 -
[135]
get in touch with eachothers and file a petition to the POLICE. this is a felony. Information stored on your computers like PASSWORDS are your intelectual property. A password hacking is a felony.
________________
THE MEGA NOOB |
Haveljian
|
Posted - 2006.09.01 18:08:00 -
[136]
http://bannable-offenses.blogspot.com/
|
thatguyinpc
|
Posted - 2006.09.01 19:16:00 -
[137]
Edited by: thatguyinpc on 01/09/2006 19:16:59
Originally by: DropZone 187
Edited by: DropZone 187 on 31/08/2006 19:47:49
Edited by: DropZone 187 on 31/08/2006 19:47:10
Originally by: Ombey
Originally by: Grey Area
Get yourself a decent virus scanner...if it can't pick up an .exe file as obvious as that, whatever you are using now is pointless.
Try AVG free...it's (as the name suggests) free, and it captures pretty much everything. The company that makes it is called GriSoft...if I can find a link I'll post it.
I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall.
Well it is quite ovious that you are wrong and that you don't.
Just because you got scammed irl by a vaporware company doesn't mean that you are secure - in fact it is that false sense of security that is potentially more damaging.
Honestly, you got what you deserve.
Snore.
Yep I gotta comment here,
These guys are the victims of a crime. The criminal is the one at fault. To blame them is like blaming a murder victim for not wearing full body armor and helmet to walk to the local corner store.
They took what they thought (and I also believed) to be reasonable precautions by having virus scanners etc.
Rather than throwing out the statement ôgo read up on safe computer practicesö why not provide a link.
Guy
|
Dracho Demor
|
Posted - 2006.09.01 19:40:00 -
[138]
While we are on the topic of trojans, have a look here:
http://www.pc-help.org/security/scrap.htm
It's an old oversight in Windows which leaves you open, even if you tell Windows to show all filextentions, which you will realize that it doesn't.
For those not willing to read that (long) page, you can see what it's about by turning off the hiding of extentions, make a new textfile, rename it to have a .shs extention, then see what happened to the extention... Then just remember that this file, if made correctly can install something on your computer, then open the textfile you thought it would be...
I got one once, and only running Windows NT with proper (non admin rights) saved me).
|
Nymos
Celtic Anarchy
Black Reign Syndicate
|
Posted - 2006.09.01 19:46:00 -
[139]
wow, how many alts do you have, taylor? i only know tiffany tripp (cov ops alt) and vel kyri (the alt you used to loot the pos ship array of my old corp). yes, you're one trustworthy person, not. new hobby of yours? 
--
|
Johnathan Roark
Caldari
Quantum Industries
Prime Orbital Systems
|
Posted - 2006.09.01 20:13:00 -
[140]
Originally by: nahtoh
Originally by: taylor04
Originally by: End Yourself
Originally by: ching'sta
Thanks for the warning.
btw. you can make most trojans look like any type of file .rar .zip .mp3 or whatever it still works like an .exe
A trojan horse(not a trojan, trojans were the guys who actually had their city compromised) is by definition something that doesn't look like what it is. Windows uses fileendings to determine if a file is executable or not. You just need to configure the explorer to show them.
@taylor04: I recommend you do exactly what ombey is doing: Bite the bullet and reinstall your OS. Just to stick to the picture of the ancient trojan horse: removing it from troja after the greek allready sneaked out and could be hiding everywhere... could be doing whatever they want..... wouldn't have helped the trojans much, would it?
not as easy as said, i have family phtos and stuff id need to burn [also what are the chances of buring the trojan horse with them!]
on top of that, it takes a whole ******* day up, and on top of that its probably wise to wait for ccp to confirm whats gona happen
Pretty remote TBH...If you know what your doing that is...
This is not a CCP issue. You installed a bit of malware on your system...many posters on this thread have listed a number of pretty good apps to clean this up for you before you have to take the nuke and pave approch to your machine.
Now I don't know how techie you are...But you could for instance run a hijack this scan and then post in on perhaps the known issues board.
I would bewilling to look over it for you and see what I could dig up for you and I reckon others would be just as helpful...
Hijack this is for browser hijacks. You need to run anti virus software and probably find a good trojan horse scanner. I suggest using several different ones to make sure you get everything. Backup anything that you want to keep reformat your drive and reinstall windows. When you restore your files that you backup, leave the computer off the internet and run antivirus scans again before reconnecting.
Corporation Management Improvement |
Johnathan Roark
Caldari
Quantum Industries
Prime Orbital Systems
|
Posted - 2006.09.01 20:22:00 -
[141]
Originally by: Liegus
Edited by: Liegus on 31/08/2006 21:06:04
Originally by: Elexi
This isnt a case of lacking common sense etc, the guy didnt just randomly eve mail you hey give me your email address so i can send you a trojan. I spoke to him 4 or 5 times ingame and it got to stage i needed pictures to help him. so i asked him to send em to me he never once even hinted at emailing me pictures. So when they came in a .rar i just opened it without thinking twice and looked at the pictures seriously who asks for pictures then asks them to come unziped?. I didnt run anything that came out of the .rar apart from the 2 pictures. it looked perfectly normal. I even sent him a mail back stating my opinions on the character.
I don't understand how opening a (non self-extracting, note the .rar extension) RAR file and viewing two jpegs can cause the execution of arbitrary code, unless you're viewing the jpegs with MSIE.
Maybe someone with more currency on security issues can comment?
Edit: I'd also like to specifically note that I'm not asking for "ATTATCHMENTS BAD" responses from people who don't know a .rar from an .exe, thanks :p
Recently ( 2 to 3 months ago), there was a security hole in how windows handled rendering of images that could allow malious code to be ran. A security update was released shortly after this was discovered, so if your system is up to date, it should be fine unless someone found something new.
Also, I hope CCP turn the proper data over to the proper authories so charges can be brought against those using malious code against people ingame.
Corporation Management Improvement |
Mathra
Brutor tribe
|
Posted - 2006.09.01 22:47:00 -
[142]
Edited by: Mathra on 01/09/2006 22:51:26
I, too, have been stuck by this trojan. Petitioned it and hope that CCP will get to it right away, as it's a pretty darn urgent matter, to say the least.
That's the last time I'm trusting anyone but the people I really know... F**king bastard, trying to do him a favor and this is what I get...
Now I'm off to change all my passwords.
And FYI: I've "tested" the trojan on a few computers with different antivirus softwares and have yet to find a single one that actually stops it, at all.
EDIT: and to all you wise-asses who think you're so clever and think this could never have happend to you: get a grip. My computer is fully up to date and everything's running smoother than a baby's bottom, this is some serrious ****, treat it that way.
|
Enkidu Uruksen
|
Posted - 2006.09.01 23:39:00 -
[143]
I've been running the market uploader from http://eve-central.com without much nervousness. However, this thread reminded me of what I should know as a software pro: you really don't know much about people out there, nor about how well their websites are protected. I'm reminded of the ftp server for linux that was replaced a few years back on the official distribution computer with a hacked version.
How many of us look carefully at the source code of the things we run to make our Eve life easier? I'm thinking of ship fitters, POS spreadsheets, character skill monitoring programs, and so on. Can you really the source that you got it from? (For those who don't know, spreadsheets can include macro viruses and other nastyware.)
|
Plutoinum
German Cyberdome Corp
Veritas Immortalis
|
Posted - 2006.09.02 00:00:00 -
[144]
Edited by: Plutoinum on 02/09/2006 00:02:10
Originally by: Enkidu Uruksen
How many of us look carefully at the source code of the things we run to make our Eve life easier? I'm thinking of ship fitters, POS spreadsheets, character skill monitoring programs, and so on. Can you really the source that you got it from? (For those who don't know, spreadsheets can include macro viruses and other nastyware.)
Always download it from the official source or from an official mirror that doesn't look 'shady.'
Since such criminal activity can get expensive or bring you to jail, the programmers, who work on a great tool and have a regular site probably don't dare to add trojans.
Btw. I'd like to analyize that trojan, what he exploited and especially how and where he transfered the login infos, maybe it reveals, who it was, but I'd get vm-ware first to take a first look in a rather safe environment. Don't want to lose my stuff just because I'm too curious. 
|
nahtoh
Caldari
Bull Industries
|
Posted - 2006.09.02 00:24:00 -
[145]
Originally by: Johnathan Roark
Hijack this is for browser hijacks. You need to run anti virus software and probably find a good trojan horse scanner. I suggest using several different ones to make sure you get everything. Backup anything that you want to keep reformat your drive and reinstall windows. When you restore your files that you backup, leave the computer off the internet and run antivirus scans again before reconnecting.
Hijack this does more than detect browser hijacks...Its got a couple of very nifty features built in.
Of coutres you are assuming that that teh virgin install of the ATV software has upto date definations there...
=========
"I am not saying there should be capital punishment for stupidity, but why can`t we just take the safety labels off everything and let the problem fix its self |
PRO TECH
|
Posted - 2006.09.02 00:44:00 -
[146]
i use PREVX from http://prevx.com which warns you of any new programs that are trying to run as well as using avg free, never had a problem since ( fingers crossed i never will again )
|
Uggster
Caldari
Shinra
Lotka Volterra
|
Posted - 2006.09.02 00:44:00 -
[147]
Originally by: Felysta Sandorn
Thanks for the warning mate, sorry to see this kind of thing happen... Out of all the scum on EVE, this has to be the worst... Hacking someone's account to steal ISK! It's disgraceful and I hope the offender(s) get banned and you get all your stuff back! :)
It's not even really an "eve" thing, it's pretty close to beating up a pirate in RL cos he blew your ship up sort of crap.
Low.
|
Sergeant Spot
Black Eclipse Corp
Band of Brothers
|
Posted - 2006.09.02 02:04:00 -
[148]
This is a real life crime, and deserves a real life conviction, for vandlism probably.
As for the utter morons trying to blame the victim....
--it does not matter if the victim was foolish, it is still a real life crime. NO level of foolishness EVER makes the victim the primary person at fault, NOT EVER.
--it does not matter if the victim was trusting, it is still a real life crime. NO level of being trusting EVER makes the victim the primary person at fault, NOT EVER.
--it does not matter if the victim was greedy, it is still a real life crime. NO level of greed EVER makes the victim the primary person at fault, NOT EVER.
etc....
No matter what you say, regardless of ANY twisted justification you use, a criminal is ALWAYS the PRIMARY one to blame for his criminal acts. ALWAYS. No amount of stupidity, greed, trust, stupidity, etc, etc... EVER make the victim the PRIMARY person to be blamed.
*snip*
This type of comment has no place in a signature, please remain courteous - Pirlouit
|
Skrypt
Gallente
Shinra
Lotka Volterra
|
Posted - 2006.09.02 02:16:00 -
[149]
Originally by: Sergeant Spot
This is a real life crime, and deserves a real life conviction, for vandlism probably.
As for the utter morons trying to blame the victim....
--it does not matter if the victim was foolish, it is still a real life crime. NO level of foolishness EVER makes the victim the primary person at fault, NOT EVER.
--it does not matter if the victim was trusting, it is still a real life crime. NO level of being trusting EVER makes the victim the primary person at fault, NOT EVER.
--it does not matter if the victim was greedy, it is still a real life crime. NO level of greed EVER makes the victim the primary person at fault, NOT EVER.
etc....
No matter what you say, regardless of ANY twisted justification you use, a criminal is ALWAYS the PRIMARY one to blame for his criminal acts. ALWAYS. No amount of stupidity, greed, trust, stupidity, etc, etc... EVER make the victim the PRIMARY person to be blamed.
I agree. This is what matters. This is a crime and needs to be dealt with accordingly.
___________
|
nahtoh
Caldari
Bull Industries
|
Posted - 2006.09.02 02:28:00 -
[150]
Originally by: Sergeant Spot
This is a real life crime, and deserves a real life conviction, for vandlism probably.
As for the utter morons trying to blame the victim....
--it does not matter if the victim was foolish, it is still a real life crime. NO level of foolishness EVER makes the victim the primary person at fault, NOT EVER.
--it does not matter if the victim was trusting, it is still a real life crime. NO level of being trusting EVER makes the victim the primary person at fault, NOT EVER.
--it does not matter if the victim was greedy, it is still a real life crime. NO level of greed EVER makes the victim the primary person at fault, NOT EVER.
etc....
No matter what you say, regardless of ANY twisted justification you use, a criminal is ALWAYS the PRIMARY one to blame for his criminal acts. ALWAYS. No amount of stupidity, greed, trust, stupidity, etc, etc... EVER make the victim the PRIMARY person to be blamed.
No argument there...Its the guy that done it thats to blame...
But the victims did not have to help quite as much though...
=========
"I am not saying there should be capital punishment for stupidity, but why can`t we just take the safety labels off everything and let the problem fix its self |
| |
|
| Pages: 1 2 3 4 [5] 6 :: one page |
| First page | Previous page | Next page | Last page |