As morally correct as you may find such a statement, this is utter idiocy, this is something a politician who knows nothing about the internet might suggest (or, otherwise order). Any infantile script kiddie could run a phishing redirect or use a SQL injection script to take encrypted password tables for later decryption. To be fair, most "hacked accounts" are NOT the result of such cyber attacks, most accounts are still lost to bruteforce and lucky (or, usually, easy) guesses.
Now, how practical does it sound to go and "put the Lizard Squad, Anonymous and Kim Dotcom not only out of business, but also behind bars"?
Anybody who undertakes such a task now or in the future, is in for a rude awakening....
Go visit Vinnie Omari and Kim Dotcom in jail. Do not pass Go and collect $200 and ask who is in for a rude awakening. It is getting quicker and quicker for hackers to get tracked down by the day. Anonymous has been anonymous for an eternity since fewer and fewer 80 year masked kids are stupid enough to get tricked into doing the crimes for them.
The utterly idiocy is a lot of those who claimed they are "hacked" are in fact not hacked and they knew it. They either told somebody their passwords or they just pretended to be hacked in the hope of taking advantages from the developers.
...
Well it said my account had been logged into from a different location. Now, to even get to my email, you have to have a text message code that is sent to my phone. My phone was with me, it never went off. I had my husband keep logging me in and booting them, while I changed my password. In that process I took a screen shot of the hacker in party with me, and him mailing everything he possibly could from my account to his, and such giving me his @handle. But not before he cleaned out my guild bank, my personal bank, shared ban k and my inventory. They rerolled my toon no problem, and I am grateful for that. I got my inventory back, and my personal bank back, but nothing on my shared bank not my guild bank. I somewhat understand the guild bank, but again I am the only one with access to it. But my shared bank, which is still on MY account, which I purchased extra slots for, they would not reroll back.
... One thing that we have changed on my account recently was my @handle though. When I first made my account, a very very long time ago, I didn't know my login and @handle were the same thing, so I made it the same. My account was made BEFORE I needed to put @whateveremail to log in at. So far since my @handle changed, I have not had a problem. But my friends account and my brothers account, this was not the case for them.
5. Are the offenders/hackers being identified & punished through Auction House/Mail transaction records or any other means? (I personally think if the company could come out and say they are actively punishing people for doing illegal activities then it will naturally lessen these activities) (Devs)
How were you able to change your @handle? Is that by creating a totally new Account or is there a specific way to request Support to change same/similar Account ID, @handle, & Email?
All I can say is that support is aware of my findings. As for valuables and money.. I think it was Charonous who was the first on these forums to prove that email access was not required to hack an account thanks to his decent mailprovider who was kind enough to search the logs after he got hacked. They came back with no proof of access from anywhere during the time period he got hacked. Since then I basically stopped spending money, stopped buying mats from the AH and put myself invisible except to friends.
Would you be so kind as to dig a bit for that post so we could read? Is the person still around this forums?
Could you provide a step by step process on how to become invisible except to friends?
(Updated) Prevention
In Game
Keep all valuables on the Character, Personal Inventory, & Personal Bank (recoverable); Do not keep valuables in Shared Bank or Guild Bank (not recoverable).
Do not use bots/third party software.
(Speculation)
Play mostly on Tuesday - Thursday as character Rollback is on Thursday Maintenance; if you play most during weekends there's a larger gap for break in that could result in more items being lost.
I disagree. I was also hacked once. I have excellent PC/firewall security. I am 90% sure it was some sort of in-game issue because of the circumstances around the hack timing - occurred within a week of an in-game trade with another player (stranger). What was interesting about the trade was that it took the seller about 2 minutes to finally allow the trade, after several messages from me! I am thinking there might be some sort of glitch or third-party software that works within the game.
After this incident, I refused to participate in any in-game trading with people I don't know. This occurred back in Feb 2014 - have never been hacked again across all of my accounts (I have a few) since then.
Online
Use different In Game Password, Email Password, & Forum Password.
Do not click on any link from any website that requires you to enter your passwords and personal information, and that include your guild's site.
most important is to ensure the machines you trust with your login info aren't compromised with malware. this includes stuff like tablets you do gateway on and any secondary machines you have. also never, ever ever let your browser store your password for anything. Especially if you use chrome. compromised websites as well as locally installed malware can read all the info needed for a hijack including the IP/mac to use for spoofing you in one convenient location. Or you could do what I do and have the browser save a fake/incorrect password as a honeypot. Also running on a non admin account is a good way to help block malware from getting on your machine.
Especially since they are saved as plain text. Good password keepers should at least be encrypted, though passwords can still be guessed if they're not also hashed and salted. Though something you can do is use something like lastpass where you just need 1 password to keep a record of passwords for everything. I use it for a lot of websites that I'm not too bothered about. Payment and email ones I don't bother though.
chrome://settings/passwords (in url field)
You can click show and see it for yourselves
...
a good tip to prevent hacking is to never acctually type your password and mail into the fields. I have all my mails and passwords written on a word-document on my desktop and i copy-paste inn that information every time i am logging into game, arc or forum - anything that concerns the game.
This will at least keep you safer from keyloggers who use the tactic as to see what you write, wich is a common hackinstyle.
...
All of the rest of the tips here are valid...except the copy paste one from word (copy paste would be caught by a decent keylogger also). Just seems odd that when I got hacked...I didn't get any emails or anything about another PC accessing my account or anything...
Most accounts that get breached and looted, aren't because of some sophisticated trojan a hacker cleverly hid on your computer. It's usually the little things that result in lost accounts, using an easy password, allowing page redirects on your browser (tough to notice if you aren't attentive, makes you an easy phishing target) and gaining notoriety in the game you're playing. People lose far more accounts to this sort of stuff (especially getting to know people in-game) than to phishing and brute-force attempts.
One other thing, PHP based forum software (like this) is vulnerable to SQL injection type attacks but it's not possible to get away with unencrypted data.
good luck with getting it rolled back. it says somewhere there's no guarantee it CAN be rolled back or that all of your items will be returned. my sons account was hacked and he reported it twice within 5 minutes. even after providing the IP information from who the hacker was and numerous emails, his account was finally reinstated after about a week but all that was there after rollback was the stuff that was bound to him, everything was gone forever.
Account hacked and PW/Cryptic is not following through... (2014-01-02; Joined: Aug 2013) How Long Does an Account Rollback Usually Take? (2014-11-12; Joined: Jun 2014) A lesson for all (2014-12-21; Joined: Jul 2014) Is it possible to retrieve what i had lost? (2014-12-24; Joined: May 2014) Problem , more ppl having it! Need talk staff now (2015-01-01; Joined: Nov 2014) What happend to my characters (2015-01-02; Joined: May 2013) How to request account restore when account gets hacked? (2015-01-10; Joined Feb 2013) Hacked again, will support rollback my account a 2nd time? (2015-02-09; Reddit)
0
Options
zebularMember, Neverwinter Moderator, NW M9 PlaytestPosts: 15,270Community Moderator
edited February 2015
It's one thing to present a thread as a true guide to remaining safe on the internet than it is to provide "reports" of individual account compromises. For such in public media are third party reports that have no grounds as factual evidence, since such individual issues are only handled through Support, not on public media. Posting such things, as some sort of "evidence" and with such an undertone, is just trolling the devs and/or company.
The forums are not the place to discuss these incidents in a third party manner. Thread closed.
Folks, please use Support (or email customerservice@perfectworld.com) if one feels their account may be compromised. Thanks!
Safe travels,
Archmage Zebular of Mystryl PWE Community Moderator
[ RoC | ToS | Support ]
Comments
Go visit Vinnie Omari and Kim Dotcom in jail. Do not pass Go and collect $200 and ask who is in for a rude awakening. It is getting quicker and quicker for hackers to get tracked down by the day. Anonymous has been anonymous for an eternity since fewer and fewer 80 year masked kids are stupid enough to get tricked into doing the crimes for them.
The utterly idiocy is a lot of those who claimed they are "hacked" are in fact not hacked and they knew it. They either told somebody their passwords or they just pretended to be hacked in the hope of taking advantages from the developers.
Could you share with us what happen to the identified intruder? (I asked this question before below)
How were you able to change your @handle? Is that by creating a totally new Account or is there a specific way to request Support to change same/similar Account ID, @handle, & Email?
Would you be so kind as to dig a bit for that post so we could read? Is the person still around this forums?
Could you provide a step by step process on how to become invisible except to friends?
(Updated)
Prevention
In Game
- Keep all valuables on the Character, Personal Inventory, & Personal Bank (recoverable); Do not keep valuables in Shared Bank or Guild Bank (not recoverable).
- Do not use bots/third party software.
- (Speculation)
- (Speculation)
OnlinePlay mostly on Tuesday - Thursday as character Rollback is on Thursday Maintenance; if you play most during weekends there's a larger gap for break in that could result in more items being lost.
(Updated)
Incidents
How Long Does an Account Rollback Usually Take? (2014-11-12; Joined: Jun 2014)
A lesson for all (2014-12-21; Joined: Jul 2014)
Is it possible to retrieve what i had lost? (2014-12-24; Joined: May 2014)
Problem , more ppl having it! Need talk staff now (2015-01-01; Joined: Nov 2014)
What happend to my characters (2015-01-02; Joined: May 2013)
How to request account restore when account gets hacked? (2015-01-10; Joined Feb 2013)
Hacked again, will support rollback my account a 2nd time? (2015-02-09; Reddit)
The forums are not the place to discuss these incidents in a third party manner. Thread closed.
Folks, please use Support (or email customerservice@perfectworld.com) if one feels their account may be compromised. Thanks!
Safe travels,
Archmage Zebular of Mystryl
PWE Community Moderator
[ RoC | ToS | Support ]
[ Support Center • Rules & Policies and Guidelines • ARC ToS • Guild Recruitment Guidelines | FR DM Since 1993 ]