how can an account become ****?

tsukikohatsuya

i understand that pwi is weary about hackers and ask u to change ur password every now and then. but how can an account become compromised, the only way i can figure out is if u give out the password.

NiightmareXz - Harshlands

If you absolutely did NOT give out your password or any hints about it, you can be **** by going to a hacking website- the botters that spammed "gold sites" for a few weeks would fall under that catergory. Apparently all you had to do was go to the site, but I never tried it just to be safe. Keyloggers is another thing; if someone gets you to download faulty "programs" that includes a keylogger, they can get a "log" of everything you "key" into your computer, thereby getting your password from it. And then you can have horrible anti-virus software so people can just "****" right into your computer and see what you're doing. Kinda scary.

Bubbles - Morai

There are many ways possible, none of which include compromising pwe's database.
That hasn't happened yet, despite what people claim around here.

It can happen by:
people who share accounts with "friends" (usually the case)
people who go to other sites to "buy gold" (pretty much any site that isn't legit)
people who use the same login info for many accounts spread across websites and other games, all it takes is one of those to be **** (usually what happened if it isn't due to sharing accounts)
same goes for when an email gets ****
people who use easy to guess login info, though this shouldn't be a problem due to forum name =/= account name
there could be few cases that involve keyloggers and viruses, but not very likely since people who design those want your bank info, not some silly f2p mmo login info
there is also the possibility of someone giving out their info over unsecured networks, though again, hackers are after things of value not f2p mmos

If someone says they were legitimately ****, it's usually due to their own fault for messing up somewhere and not taking proper precautions.
People are idiots, they'll never admit it. b:surrender

MysticRaine - Sanctuary

I have seen 3 people this am one was able to stop it, 2 was offline and they was **** and the person is changing there password and email to so they cant get the accounts back even... they have been to no websites and have not shared info with anyone. bad enough to get **** even worse to lose the accounts totaly b:angry

Shadowphreak - Lost City

Most popular I've seen is people that sign up for faction message forums. They use the same password in the forums that they do in game, and to get the msg forum usernames/password is easy if you're the admin. (depending on software)

Never use the same passwords for PWI (or anything else that has value) then anything else. Simple.

Alasen - Heavens Tear

Bubbles - Lothranis wrote: »

There are many ways possible, none of which include compromising pwe's database.
That hasn't happened yet, despite what people claim around here.

B.S. I can tel u one person right now that was REALLY ****..... MY guild leader on his old account a year ago. He either got a keylogger or something or this person got into the database itself/traced him or something... targeting him specifically. Cause they were playing ring around the "boot ya off" for 2 hours. This person and my faction leader were force logging each other off for 2 hours b4 my faction leader gave up. An hour later his account was wiped out....... (btw not going to get into it but these RMT [real money traders... the gold selling sites based in china and korea etc etc ] TARGETED me on another game specifically , and got a data miner on my system THE NIGHT i bought a ton of expensive stuff on the AH in another game. And my pc's locked up tighter then a virgin with.... ya anyway. So yes they CAN and WILL find ways to do it. They even for awhile were getting into people's pc's through back doors and taking OVER their game sessions and sellign people's stuff).

Oh ya then the person ran around West arch bragging he **** him, and linking his gear...... and we took Screenshots and we BOTH sent in tickets and i still saw this guy playing months later..... b:surrender

Btw.. THIS statement i keep seeing is one of the dumbest.

"there could be few cases that involve keyloggers and viruses, but not very likely since people who design those want your bank info, not some silly f2p mmo login info"

The RMT's JOB is to make GAME COIN to sell on their sites. And over there in Korea and China (esp Korea... they have a f'ing gov. section to PRMOTOE RMT activity).... they could care less how it's done. THEY MAKE their OWN keyloggers (and virsues they can somehow bypass even the best securuty measures like I have to target specific people] even just to get your friggin MMO ACCOUNT to sell your stuff to get more coins to sell...... so they can get their bag of rice or w/e for the week...... And yes i do know what i'm talking about. I played FFXI for 7 years. RMT were A HUGE problem till they came out with the Keychain dongle thingies like WoW uses too to create a extra random password on YOUR end (since it's a physical thing u have at home) to log in with as well. If PW would implenent that thing i'm sure alot of these hacks would stop but i seriously doubt they would spend the money to produce them.

Ikarium - Dreamweaver

Noone is 'hacking' anyones account. Despite the bold claims here.
Yeah people will get keyloggers, or they shared info, or went to a site they shouldn't have...these claims about it not being the case is BS. Some would rather claim none of that is possible right to the bitter end than admit of doing something stupid or careless. And most of these claims are second or third hand claims made on behalf of others. "I know this guy (who knew a guy..) who really was, and he never shared anything, and he has the best security ever conceived of and blahblahblah".
Noone is getting '****' because noone cares. The keylogger thing goes a bit far as well, because of all the passwords one could track, noone gives a **** about your PWI password, even out of the pool of MMO's that could be used for real money traders. A free to play, years old MMO. You can say its dumb to think that.....but whatever.
This is the same game where people have put account info in world chat. Where people also world chat/common chat email addresses, skype accounts, MSN info, and so on. People account share commonly. People give away accounts when they quit. Not to mention what gets said on vent, or through the linking up with people via facebook, google+ and other ways outside of the game itself.

Overly paranoid about it? Expand your safe, put stuff in it before log off with the secondary password it provides. Oh right...can't be bothered to do that. Its a hassle.

SylenThunder - Twilight Temple

By responding to **** like this

Trump - Raging Tide

no one gets "****"...is the ppl dumb enough to DL herpderp **** and expect everything to be rainbows and unicorns.

Roseary - Sanctuary

Trump - Raging Tide wrote: »

no one gets "****"...is the ppl dumb enough to DL herpderp **** and expect everything to be rainbows and unicorns.

Rainbows and Unicorn download? Count me in! b:victory

Alasen - Heavens Tear

Ikarium - Dreamweaver wrote: »

Noone is 'hacking' anyones account. Despite the bold claims here.
You didn't read anything i said did you?

Yeah people will get keyloggers, or they shared info, or went to a site they shouldn't have...these claims about it not being the case is BS.

ya... on FFXI i guess i imagined being targeted... The ONLY external site we used was the wiki, and i hadn't even got on there for weeks at least. I had run a virus scan the NIGHT before i got ****. And that NIGHT i buy a bunch of expensive things on the AH then shut the pc down a couple hours later and the NEXT morning RMT's on my account trading all my **** to one of their facerolled named toons. My friend gets a GM in game to lock my account down while i run another virus scan and wait on the phone to actualyl talk to SE, and there's the dataminer.... that wasnt' there the night before. Somehow they managed to get it in my pc in the couple HOURS i was on once they saw what i bought that night..... Ya it does happen, without going to ANY site or sharing info or ANYTHING. I have to admit i never thought RMT would target this game, hell u even pay to world chat they dont' like wasting coins they could sell for their bag of rice working in those sweatshops (and no that wasn't a joke, they DO work in sweatshops with like 200 pcs, saw a vid of one once)...... but they've been spamming their coin sellign sites lately and even using WC so.....

snip.

Funny how more "****" threads pop up when RMT show their face on this game..... b:avoid

Ikarium - Dreamweaver

I'm sorry, I forgot we were discussing FF MMO's and Sony. That's like comparing this game to WoW. And I never once disputed that occuring on those games and the need for the dongles in those games. The RMT companies you refer to have a lot more to gain hacking and gaining access to those accounts on those games.

PWI account info is essentially worthless and last I checked this was a PWI forum. The companies you speak of make forutnes selling accounts and coin in those games. Not by "hacking" the occassional PWI account and hoping for the best that someone has a item worth anything not bound they can sell for what would be a fraction of what can be had elsewhere.

Funny how "****" threads and RMT came up after it became well known many people entered their login information for PWI on another site.

Alasen - Heavens Tear

We're discussing accounts being **** on here and i brought up a example of what the real threat to ANY mmo can do...... And if things on here are worthless how come people sell accoutns for alot of money? I'm not saying PW **** is worth much but you dont' know how DESPERATE these rMT are..... and btw it's the same RMT at work on here now as in "those games". I'm not saying there isn't idiots that go to strange sites and put their login **** and get hit...... I'm saying some people ARE getting actually **** on here contrary to freaking idiots that think it can't happen.

Ikarium - Dreamweaver

Alasen - Heavens Tear wrote: »

And if things on here are worthless how come people sell accoutns for alot of money?

You answered your own question. PWI stuff is worthless because you'd have to **** account after account to accumulate enough unbound items to sell to make it worth while at all.
The majority of 'high-end' stuff is auto-bound. Especially with the emphasis on rank gear now.
You would have to sell the account as a whole, which is what these companies would do. I've yet to hear of that happening. Someone would notice their entire account as being gone and locked out, and if sold.....active in the game, where presumably a friend or guild-mate would notice :P Especially where so much is character bound and not account. You would have to actually play the rank9 character that existed already.
People come here complaining one or 2 items missing from inventory or something of that nature.

_Nerox_ - Dreamweaver

tsukikohatsuya wrote: »

i understand that pwi is weary about hackers and ask u to change ur password every now and then. but how can an account become compromised, the only way i can figure out is if u give out the password.

Using SQL injection is one way...

Bubbles - Morai

I really hate the whole "database was ****, that's how my account was ****" nonsense.

Look.
It's really, really, really unlikely pwi's database has been **** without their knowledge.
The databases have rather tight security... There are detailed logs of every action from what I hear, so if such an event were to ever occur it would be easily traceable.

Also, considering pwi's value, there is little gain to be had from a mere player account.
If a rmt wanted to make money, they would simply set up a bunch of accounts and proxies and make veno armies.

That's that.
Any would be hackers for this game, whether rogue or rmt, do not care about individual accounts of little value.
If they truly got access into the system, and were to get one account only, it would be a gm account, not your worthless player account.
Even if they wanted a player account, they would go after an inactive one.

Alasen - Heavens Tear

Ikarium - Dreamweaver wrote: »

You answered your own question. PWI stuff is worthless because you'd have to **** account after account to accumulate enough unbound items to sell to make it worth while at all.
The majority of 'high-end' stuff is auto-bound. Especially with the emphasis on rank gear now.
You would have to sell the account as a whole, which is what these companies would do. I've yet to hear of that happening. Someone would notice their entire account as being gone and locked out, and if sold.....active in the game, where presumably a friend or guild-mate would notice :P Especially where so much is character bound and not account. You would have to actually play the rank9 character that existed already.
People come here complaining one or 2 items missing from inventory or something of that nature.

You've yet to hear.... wow you dont' pay attention much do you? Most of the freaking coin sellign site spammers are **** ACCOUTNS for one thing. Not to mention people like my guild leader i said before that GOT **** ..... Idk how many times i've seen people come on here saying their saw their toon spamming a site or w/e

Love how people like you keep saying it can't happen and dont' have a clue what's happening....

And Bubbles ya i've already said rmt arent' as prevalent on here as anywhere else.... but they ARE coming.... look at the site spamming. And unless your'e damn BLIND the "my account was ****" **** picked up in a big way soon as the rmt started spammign sites. Put two and two together. Only reason i mentioned my guild leader, and then myself on FFXI later.... is people STILL think u can't be straight out ****.

And please.... PW's so f'ing cheap, I SERIOUSLY doubt their security's better then SE or Blizzard.... and RMT (not to mention random pissed off people jsut wanting to **** with the company) have **** straight through THOSE databases.....

Bubbles - Morai

Alasen - Heavens Tear wrote: »

You've yet to hear.... wow you dont' pay attention much do you? Most of the freaking coin sellign site spammers are **** ACCOUTNS for one thing. Not to mention people like my guild leader i said before that GOT **** ..... Idk how many times i've seen people come on here saying their saw their toon spamming a site or w/e

Don't pay attention, eh?
At least I'm not one the one running up wild conspiracies.
I don't doubt that a rmt can have a major impact on a game, however, I doubt they would go around hacking accounts randomly with a small chance of finding an account with decent value on it.
They would be better off making bot armies as I pointed out earlier.
At least I can back up my reasoning.

Love how people like you keep saying it can't happen and dont' have a clue what's happening....

And Bubbles ya i've already said rmt arent' as prevalent on here as anywhere else.... but they ARE coming.... look at the site spamming. And unless your'e damn BLIND the "my account was ****" **** picked up in a big way soon as the rmt started spammign sites. Put two and two together. Only reason i mentioned my guild leader, and then myself on FFXI later.... is people STILL think u can't be straight out ****.

Yes, there is more activity regarding rmt more than before, however, if they're getting account login info it's through other means, not pw's database.

And please.... PW's so f'ing cheap, I SERIOUSLY doubt their security's better then SE or Blizzard.... and RMT (not to mention random pissed off people jsut wanting to **** with the company) have **** straight through THOSE databases.....

Pwe does has its issues, however, being cheap and unsecured is not one of them.
Trust me on this, if pw was as easily exploitable as you make it out to be, not only would this game have been ruined by hackers long ago, the current server files would've also been leaked by now. There is a rather big demand for those from private servers.

Alasen - Heavens Tear

Bubbles - Lothranis wrote: »

Don't pay attention, eh?
At least I'm not one the one running up wild conspiracies.
I don't doubt that a rmt can have a major impact on a game, however, I doubt they would go around hacking accounts randomly with a small chance of finding an account with decent value on it.
They would be better off making bot armies as I pointed out earlier.
At least I can back up my reasoning.
THen start paying attention, I'm not going to dig up how many threads i seen from people saying they got **** and saw their toon doing the coin site spamming.... or people i've seen say it in game.



Yes, there is more activity regarding rmt more than before, however, if they're getting account login info it's through other means, not pw's database.
And you know that how? I'd bet u my damn account PW's security sucks **** compared to SE or WoW and it's been done on there how many times? YOu al keep saying it can't happen and you're full of shet and you know it.


Pwe does has its issues, however, being cheap and unsecured is not one of them.
Trust me on this, if pw was as easily exploitable as you make it out to be, not only would this game have been ruined by hackers long ago, the current server files would've also been leaked by now. There is a rather big demand for those from private servers.So u work for PW and know how good the security is huh? ................. I'm stating facts that've happened and all i'm seeing is conjecture form people that dont' know one way or the other and making shet up.

/10 char

Bubbles - Morai

Alasen - Heavens Tear wrote: »

THen start paying attention, I'm not going to dig up how many threads i seen from people saying they got **** and saw their toon doing the coin site spamming.... or people i've seen say it in game.

A quick search brings up none of said topics.
It doesn't even seem logical, why would you want to use a **** account when lvl 1 chars can perform the same task?

And you know that how? I'd bet u my damn account PW's security sucks **** compared to SE or WoW and it's been done on there how many times? YOu al keep saying it can't happen and you're full of shet and you know it.

And like the idea of random accounts getting **** isn't mroe bs...
Look, I seen people who work on private servers for pw, let's just say that from what I hear from them, the security used for pw is rather more in depth than you would think and there are insanely detailed logs of every server action.
This would more or less include random hackings, if they ever occurred of course.

So u work for PW and know how good the security is huh? ................. I'm stating facts that've happened and all i'm seeing is conjecture form people that dont' know one way or the other and making shet up.

I would say the same about your little make-believe story of magical hackers stealing accounts.
Seriously... if they even had just 5 minutes inside the database... There would more done than just few random accounts stolen.

Ikarium - Dreamweaver

Alasen - Heavens Tear wrote: »

Yes, there is more activity regarding rmt more than before, however, if they're getting account login info it's through other means, not pw's database.
And you know that how?

Probably because I'm pretty sure it was confirmed here a while ago that there was another site that PWI players had entered their info on and had their info stolen from there. And pretty sure even the CM had made a post or two about it. Seem to recall something about that a while ago.

And again, what happened on FF....noone really cares, because noone is disputing with you about that sort of thing happening there. You're arguing with yourself about that. This is PWE and PWI, not SE and FF. Completely different and you can't compare the two. May as well compare FW to WoW since you're at it.

Both of the above render the argument moot. We know where accounts were stolen from (not PWE), and you can't compare apples to oranges except to say they are very different.

*end of thread*

Alasen - Heavens Tear

and if u fracign payed attention in that announcemt alot of people DIDN"T GO TO THAT SITE.

/end of stupid discussion

And the only thing i was still comparing this to SE for was the fact SE DOES have better fracking security then PW does..... o wait... and i still got straight **** on there. b:avoid.... u two are too dense to get what i'm saying apparently.

Btw if you're too naive to think these RMT wouldnt' scout out people and see who's account's worth stealing to sell the whole thing..... lol ****'ing hel they would.

Bubbles - Morai

Alasen - Heavens Tear wrote: »

and if u fracign payed attention in that announcemt alot of people DIDN"T GO TO THAT SITE.

/end of stupid discussion

And the only thing i was still comparing this to SE for was the fact SE DOES have better fracking security then PW does..... o wait... and i still got straight **** on there. b:avoid.... u two are too dense to get what i'm saying apparently.

Btw if you're too naive to think these RMT wouldnt' scout out people and see who's account's worth stealing to sell the whole thing..... lol ****'ing hel they would.

The terrible irony in your posts is that you claim we're too dense to see your point, yet you yourself have no idea what you're even suggesting.

For one, you don't know how much better SE's security is, if it's even better than pwe's at all.
They may very well be at an equal level, I don't know, you don't know, why even bring it up? What happens on one game is irrelevant to another.

If rmt have indeed have gotten a hold of players accounts and are using them for gold selling services, that's one thing, and completely plausible, if not having already happened.
It's another story if said accounts were obtained directly from the database, which is rather unlikely in this point of time.

Tell me this, if you were a robber and you got into a bank, what would you steal?
The few dollars tucked away at the teller's drawer or the massive pile waiting behind the vault? (though in this day and age most money is handled through electronic means anyways)

What you are suggesting is the former, that for whatever reason instead of getting a hold of a decent amount of accounts, these magical rmt hackers are seeming to pick on and off on few accounts, trying to find things worth of value.
If the magical rmt hackers even had access to the database, they could simply spawn as much coins, gold, and various items as needed through gm accounts.
If they are as crafty as you make them out to be, they would be clever enough to avoid being banned or perhaps even detected while doing this. There would be no reason to even attempt to go through player accounts.

Alasen - Heavens Tear

if they're crafty (and desperate) enough to go through the back doors on people's home pc's and Boot them off their own game session then take their toon to town and start trading all their **** to a RMT toon to go sell it...... And did i mention anything about them getting ahold of the database? There's a difference between finding a back door to just access accounts and gettign into the entire database....

And yes I'm just guessing.. i'm guesing on the fact that PW's too damn cheap to even hire enough WORKERS with the THOUSANDS they make a month. You think their security's that great? lmao

And RMT don't target one accoutn here one there.. when they cant' find a way to get coins and they start going after accounts they go after alot of them..... once they scout who to target. Have you even really dealt with them before or u just THINK u have being in other cheap *** games with RMT spaming coin sites in chat? cause THAT"S nothing.

Bubbles - Morai

Alasen - Heavens Tear wrote: »

if they're crafty enough to go through th eback doors on people's home pc's and Boot them off their own game session then take their toon to town and start trading all their **** to a RMT toon to go sell it...... And did i mention anything about them getting ahold of the database? There's a difference between finding a back door to just access accounts and gettign into the entire database....

Accounts = database
Gm accounts = same database

If the magical rmt hackers could mess with accounts freely, they could make gm accounts and spawn what they need without needing to access other databases.
All they need is some knowledge of what item codes to use (easily obtainable) and bam, gold and coin everywhere.

And yes I'm just guessing.. i'm guesing on the fact that PW's too damn cheap to even hire enough WORKERS with the THOUSANDS they make a month. You think their security's that great? lmao

Security or no security, it's definitely well encrypted.
You think it's that easy? Go knock yourself out and try it. Come back with reports of your findings.

And RMT don't target one accoutn here one there.. when they cant' find a way to get coins and they start going after accounts they go after alot of them..... once they scout who to target. Have you even really dealt with them before or u just THINK u have being in other cheap *** games with RMT spaming coin sites in chat? cause THAT"S nothing.

I've heard of rmt's using player accounts for gold spam/botting of course... but for bigger games like wow where it matters most.

However, I haven't heard of too many cases that clearly stated that actual game player account databases were ****.
Like I said in my first post in this thread, there are many ways in which an account can be compromised, none of which involve hacking the main database in which said info is stored.

Alasen - Heavens Tear

i never said they **** the damn database either, idk where the hell you're getting this ****. And btw there's different lvls of security. You dont' know a damn thing you're spouting do you? I dont' even know how to **** and at least i know this ****. It's very likely they can get in on this game or ANOTHER one ... doesn't matter for this argument..... and just get far enough in to see people's LOGIN INFO.. but not far enough to go spoofing GM accounts or coins or **** like you're talking about.

I'll ask again have u actualy dealt with and researched these sweatshop working f'ers or u just guessing on your limited experience with RMT in games?

Bubbles - Morai

Alasen - Heavens Tear wrote: »

i never said they **** the damn database either, idk where the hell you're getting this ****. And btw there's different lvls of security. You dont' know a damn thing you're spouting do you? I dont' even know how to **** and at least i know this ****. It's very likely they can get in on this game or ANOTHER one ... doesn't matter for this argument..... and just get far enough in to see people's LOGIN INFO.. but not far enough to go spoofing GM accounts or coins or **** like you're talking about.

I'll ask again have u actualy dealt with and researched these sweatshop working f'ers or u just guessing on your limited experience with RMT in games?

You're so confusing.
First you say pwe's security has been compromised, now you say you didn't?
You're also bringing up points I've long since covered.
I don't even... b:surrender

Evanera - Heavens Tear

He'll tire himself out eventually. b:chuckle

Alasen - Heavens Tear

No i said it's entirely possible the rmt are hacking people's accounts without them going to sites. THEY DONT" EVEN NEED TO GO THROUGH THE DATABASE TO GET TO YOU. look what happened to me on FFXI if u don't think that's possible..... Idk if u have to get into PW's **** to get somone's IP ..... but that's all they need to trace you and directly send u a virus.

And if u think THAT's B.S. ....... my friend's email got spoofed by some newbie hacker thinking he weas funny using my friend's email to send out **** links. MY friend got his IP address and sent him some virus he had saved from his old days of..... well hacking.... and fried the guy's computer... lolol ALL he needed was the IP... so...

ya.. you dont' even... have a clue. I'll ask you a third time.. have u dealt with RMT before? more then just some chat site spamming in some cheap *** game? I seriously doubt it.

Bubbles - Morai

Alasen - Heavens Tear wrote: »

No i said it's entirely possible the rmt are hacking people's accounts without them going to sites. THEY DONT" EVEN NEED TO GO THROUGH THE DATABASE TO GET TO YOU. look what happened to me on FFXI if u don't think that's possible..... Idk if u have to get into PW's **** to get somone's IP ..... but that's all they need to trace you and directly send u a virus.

And if u think THAT's B.S. ....... my friend's email got spoofed by some newbie hacker thinking he weas funny using my friend's email to send out **** links. MY friend got his IP address and sent him some virus he had saved from his old days of..... well hacking.... and fried the guy's computer... lolol ALL he needed was the IP... so...

ya.. you dont' even... have a clue. I'll ask you a third time.. have u dealt with RMT before? more then just some chat site spamming in some cheap *** game? I seriously doubt it.

You have terrible reading comprehension then if that's why you've been resenting my posts.b:embarrass
I've clearly covered common ways of being **** without involvement from the database.

And if by dealing with rmt you mean being "****" by them, no, I have not.
I'm not an idiot.

Alasen - Heavens Tear

yet u keep insinuating what i'm saying isn't possible....... so.. ya u seem like one to me.

I'm going to bed... u all can keep spouting your ridiculous b.s. that it's impossible to get **** without goign to some site and putting in your login info in a fake field or getting a keylogger (from said site) or some ****. Keep deluding yourselves when u dont' have a friggin clue. b:bye