Hacked List

[sn0wXz]

Just putting this out there, but it looks like whoever is doing the hacking is somehow able to change the security question and pin....I find that rather odd.

Well, considering it only takes access to the ingame account to change either, I think thats not too odd. I don't recall if you have to enter the past secret question answer to enter a new one, or if its just the subpass. It's hard to say if the subpass security feature is even relevant at all considering the situation.

updated

o_o. You didn't add kkr1424 or Eridor, I wouldn't have mentioned it if they didn't actually get hacked. Lol, I spent a good hour or so talking to each of them about it, and trying to convince them to send ID to GMs for the necessary requirements to get the account unblocked after the person who took the gear intentionally sub-pass blocked the account. I guess it no longer can be reset, and is permanent now, where a while back it was like 48 hour temp block if I recall correctly.

[Dkmopper]

Well, considering it only takes access to the ingame account to change either, I think thats not too odd. I don't recall if you have to enter the past secret question answer to enter a new one, or if its just the subpass. It's hard to say if the subpass security feature is even relevant at all considering the situation.



o_o. You didn't add kkr1424 or Eridor, I wouldn't have mentioned it if they didn't actually get hacked. Lol, I spent a good hour or so talking to each of them about it, and trying to convince them to send ID to GMs for the necessary requirements to get the account unblocked after the person who took the gear intentionally sub-pass blocked the account. I guess it no longer can be reset, and is permanent now, where a while back it was like 48 hour temp block if I recall correctly.

from my perspective is that the guy would either get your chars packet info by, you clicking on their shop or trading with them or some type of interaction. then after that they would probably go on the cabal site to breach ur shet get ur email, and if its like hotmail or yahoo ( known to always be exploitable) they hack your email ( which been happening to everyone who got hacked ) reset your otps. after that they just reset your stuff to w/e.




what do you think snow sounds reasonable? lol or not possible

[sn0wXz]

from my perspective is that the guy would either get your chars packet info by, you clicking on their shop or trading with them or some type of interaction. then after that they would probably go on the cabal site to breach ur shet get ur email, and if its like hotmail or yahoo ( known to always be exploitable) they hack your email ( which been happening to everyone who got hacked ) reset your otps. after that they just reset your stuff to w/e.




what do you think snow sounds reasonable? lol or not possible

If they had a packet logger, knew how to decrypt the packets, build and then re-encrypt the packets with a time-stamp and such, then it would be possible to exploit trade functions, and shops yes. Its not likely at all though, but then again neither is a database breach but its looking somewhat sketchy at the moment. If a person could send packets to the server and have them accepted I highly doubt they would be taking other peoples stuff, as you can imagine what they could do with...Taking others gears for alz would be pointless if you could do all the aforementioned tasks of having the server accept a packet thats constructed via a user and not the games assembly algorithm/encryption process.

Packet editing, and accessing the database via sql injection into the server are completely different. If they were accessing the DB I would expect to see a few things happening now, that are currently not happening; for example "mass hackings" with random/indiscriminate stripping of gear. The 30-35 current known cases doesn't give much credence to a db leak. It doesn't make much sense at the moment because the numbers are pretty low when scaled to the size of the db/number of active accounts.

It does raise a question about the possibility of a ingame exploit through a design flaw to obtain access to accounts that have possibly interacted in certain ways with the "hacker", or met certain conditions. It doesn't sound reasonable that they would go through a ingame exploit, then find your full email from the website (which is partly censored), and then on-top of that "hack" a email provider for that password? I'm willing to bet not everyone whos been stripped shared the same password with cabal as they did their main email, so no its not very probable at all. Just one instance of the 3 wouldn't be plausible at all, but it is possible; I don't think all of these players being stripped had anything to do with compromising their own account. There is too many for a random keylogger, but too few for a database leak at the moment... Falling in the middle there would suggest there is some exploit for sure we all know that, but I doubt anyone is breaching email providers and the cabal server, Lol. They do seem to be getting passed authorization though, regardless if they are actually using the real passwords/subpass's or just bypassing it somehow.

Pointless to speculate because unless we get official word, we are all just beating a dead horse. GMs could input their opinions on the matter but given they are representing EST's position, you'll probably get the policy walk-around, dealing with each case as isolated incidents that may or may not be related; with no official statement about the on-going stripping of gear. I realize there is a certain point of carelessness and lack of account management on the users' part, but I don't believe the 30 + listed on the main page actually compromised their own accounts within the same short time-span.

[NiteViper]

HandsomeFS(venus) - 2/1/12

[Dkmopper]

If they had a packet logger, knew how to decrypt the packets, build and then re-encrypt the packets with a time-stamp and such, then it would be possible to exploit trade functions, and shops yes. Its not likely at all though, but then again neither is a database breach but its looking somewhat sketchy at the moment. If a person could send packets to the server and have them accepted I highly doubt they would be taking other peoples stuff, as you can imagine what they could do with...Taking others gears for alz would be pointless if you could do all the aforementioned tasks of having the server accept a packet thats constructed via a user and not the games assembly algorithm/encryption process.

Packet editing, and accessing the database via sql injection into the server are completely different. If they were accessing the DB I would expect to see a few things happening now, that are currently not happening; for example "mass hackings" with random/indiscriminate stripping of gear. The 30-35 current known cases doesn't give much credence to a db leak. It doesn't make much sense at the moment because the numbers are pretty low when scaled to the size of the db/number of active accounts.

It does raise a question about the possibility of a ingame exploit through a design flaw to obtain access to accounts that have possibly interacted in certain ways with the "hacker", or met certain conditions. It doesn't sound reasonable that they would go through a ingame exploit, then find your full email from the website (which is partly censored), and then on-top of that "hack" a email provider for that password? I'm willing to bet not everyone whos been stripped shared the same password with cabal as they did their main email, so no its not very probable at all. Just one instance of the 3 wouldn't be plausible at all, but it is possible; I don't think all of these players being stripped had anything to do with compromising their own account. There is too many for a random keylogger, but too few for a database leak at the moment... Falling in the middle there would suggest there is some exploit for sure we all know that, but I doubt anyone is breaching email providers and the cabal server, Lol. They do seem to be getting passed authorization though, regardless if they are actually using the real passwords/subpass's or just bypassing it somehow.

Pointless to speculate because unless we get official word, we are all just beating a dead horse. GMs could input their opinions on the matter but given they are representing EST's position, you'll probably get the policy walk-around, dealing with each case as isolated incidents that may or may not be related; with no official statement about the on-going stripping of gear. I realize there is a certain point of carelessness and lack of account management on the users' part, but I don't believe the 30 + listed on the main page actually compromised their own accounts within the same short time-span.

Well from wat i said aas a scenario from nexon, and it was like some cookie swapping or w/e on site. And a base32 exploit?

They probably cant do a " mass hacking " because it requires some type of interaction in game first before anything happens

[Rowe]

You didn't add kkr1424 or Eridor,

my bad Sn0w didnt see you list those names in your last long msg. But fixed and updated properly.

P.S i assumed it was merc... or was it venus.

[IBladE]

[Trungung Lege]

D1H3 January 26,2012
Merc

Whole account and gear stolen
800m in alz

[shutupson]

No this is what happens when u bring globals to an na server. You allowgenius fobs to take over .

you act like a fa.g you know that, nice reasoning.

[solymar]

lets make it clear we shouldnt have merged, yes the globals brought a lot gears for us to buy. but they also brought their hacks along with them -,- now every1 getting hacked.
not being racist againist them since some my buds r globals too but ya >_>


( didnt get hacked yet )