Is Pwi Safe Anymore?

blueelephant69 · August 2014

so i dont know if its happening on any other servers other than Archosaur but a large amount of people are being ****, they are gaining access to there emails and the user and password's. this has happened to over 30 people in the last week, a few undoubtedly came from a phishing site but the majority of them have NOT got to those sites,they havent given there info out, these people are from all over the world. people are losing emp tomes nw necks rings large amount of coins ANYTHING that is tradeable and PWI STILL havent done anything about it, i would like a response from sparkie or anyone that could shed some light on this matter, are people going to get reimbursed or are u simply going to say ' THEY ALL GAVE THERE INFO OUT ' to cover your tracks? because maybe im being paranoid but to gain access to a vast majority of peoples emails users and passwords they wud have to have access to a member of your staffs accounts. i emplore you to do something about this and trace these bastuds that are hacking your loyal members.

As posted on my faction's forums:

Quote:
As some of you are aware, a number of players' accounts on Archosaur server have been accessed by a malicious third party in the past few days. I know there was a phishing scam going through world chat the other day and some players fell victim to that. However, a number of players who never accessed the phishing site have had their accounts logged into and valuable items stolen. It appears someone is targeting players' email accounts as well.

I recommend everyone change your passwords and enable a safe code (obviously don't use the same password for both). I would also suggest changing the email associated with your account to a new one that is not used for anything else online.

Shortly after this started, I received an email from "[redacted]" on an email account I have only used for correspondence with a couple PWI players offering to sell all kinds of end game gears. The only way he would have that email address is by getting it from compromising one of my friends' emails.

Also at least one player's PayPal account was also compromised. The associated email address on that account was changed to "[redacted]".

It appears this is more broad in scope than I initially thought so I am posting this here so you all can be aware and protect yourselves.
Note that I reported the phishing site to the web host and it was removed the same day. At least some of the ongoing problems are a result of the phishing effort that occurred on Monday. The scammers used their newly obtained accounts to "borrow" items from those players' friends as well. However, I don't think this is the whole story.

Recently, PWE sent emails to a number of players informing them that their security had been breached and certain accounts may be at risk. Those players were forced to reset their passwords. It is possible that breach involved more data than PWE realized, or the attacker(s) had enabled a backdoor allowing them to regain access to PWE's computers in the future.

A keylogger is another good possibility, but of the players I know whose accounts were accessed, none have found a keylogger on their system. Another possibility is data has been obtained from a game-related third party site (such as shivtr or enjin) that revealed players' email addresses and passwords and that data could have been used to access players' email addresses to reset PWI passwords or access their accounts directly if they use the same username and password on multiple sites.

Regardless of whether you think there is a threat currently, it doesn't cost you anything to update your login and safe code passwords or to enable safety lock. GO DO IT.

^^ ty AstralRage

LuckingFoco - Raging Tide · August 2014

I believe it is. But one can never be too careful. Change passwords often and make them complex with uppercase, lowercase, and numbers at least, and the maximum amount of keys available.

Don't use the same password for different things.

Trust no site that says it comes from PWI unless you know for a fact it comes from PWI. DO NOT especially go to cheap gold selling sites, or sites that have 3rd party botting or information on hacks

Don't use private servers ever. They can be plagued with bad people and malicious code.

Don't share account info with anyone, not even a friend or relative.

Don't boast what you have, I.e. don't wc you just made ten billion coins. Good for you but keep your mouth shut.

Bind everything of value - most anyone can do is NPC it.

Lastly, trust NO ONE. You can have in game friends, but don't divulge any personal info that could be used as security questions. In other words dont be an open book.

99 times out of 100 one of the above scenarios caused someone to get ****.

shhitsasecret22 · August 2014

Please everyone change your passwords on both your email and your game account often I know it sucks but its the only way to keep us safe. And PLEASE pwi fix your issues. Someone has to have compromised out accounts for this to be happening some of use spend lots of money on your game PLEASE keep our money safe. b:thanks

nbreaking · August 2014

PWI staff (and volunteers):
Mods: have no access to that information so, it couldn't be one of them.
CM, GM and above: Can have whatever they want ingame, why would they "****" accounts?

Putting aside the conspiracy theory, people get "****" for several reasons:

- Shady phishing sites that promise gold, coins, items, etc.
- Friends (either internet ones or real life ones) that know your password (or if they know you well, might actually guess your password).
- Easy password recovery (example: they know your username, they recover your password to your email. They don't know your email's password either so, they decide to try and recover your email's password by inputting your "Recover password questions". On these questions, there are a lot of people that put stupid stuff thinking it won't matter like "What was your childhood's dog name? Answer: Dog" or something like that).

I have been around about 6 years (2 years inactive in this period) and I have never been ****.

I trust PWI with my information and I do think they take good care of it even though I dislike the company behind it.

Anyway, that's my point of view, would like to see what others think. b:pleased

EDIT: Just saw LuckingFoco's post, add all of those to my post xD
And also, another thing. If PWI wanted to "****" your account, why would they target your char and not your bank account? Same thing if PWI was THAT easy to **** into, why would the hacker really bother with your char? If they can **** your account, they could **** their way into your real life info so... I just don't think people are actually getting ****. Just my opinion.

shhitsasecret22 · August 2014

nbreaking wrote: »

PWI staff (and volunteers):
Mods: have no access to that information so, it couldn't be one of them.
CM, GM and above: Can have whatever they want ingame, why would they "****" accounts?

Putting aside the conspiracy theory, people get "****" for several reasons:

- Shady phishing sites that promise gold, coins, items, etc.
- Friends (either internet ones or real life ones) that know your password (or if they know you well, might actually guess your password).
- Easy password recovery (example: they know your username, they recover your password to your email. They don't know your email's password either so, they decide to try and recover your email's password by inputting your "Recover password questions". On these questions, there are a lot of people that put stupid stuff thinking it won't matter like "What was your childhood's dog name? Answer: Dog" or something like that).

I have been around about 6 years (2 years inactive in this period) and I have never been ****.

I trust PWI with my information and I do think they take good care of it even though I dislike the company behind it.

Anyway, that's my point of view, would like to see what others think. b:pleased

There are Shady people everywhere you never know. Yes there are shady website but people are saying they have never ever accessed them so explain that. Im not bashing PWE put come on cant you keep our accounts safe.

LuckingFoco - Raging Tide · August 2014

shhitsasecret22 wrote: »

There are Shady people everywhere you never know. Yes there are shady website but people are saying they have never ever accessed them so explain that. Im not bashing PWE put come on cant you keep our accounts safe.

Lol of course the first thing someone is going to say is "I never..." (insert any of the above scenarios and more than likely in this case 999 times out of 1000 they are full of chit)

bowgataboppa · August 2014

I think you can expect the same level of swift action to this problem as you see to PWI's moderation of world chat. b:shutup

shhitsasecret22 · August 2014

Im just saying its the internet anything can be compromised can Pwi assure us their firewall is save that someone outside has not **** in to our servers?

nbreaking · August 2014

shhitsasecret22 wrote: »

There are Shady people everywhere you never know. Yes there are shady website but people are saying they have never ever accessed them so explain that. Im not bashing PWE put come on cant you keep our accounts safe.

My only explanation is: They are lying.
There are several reasons why one would lie about this. These are listed from the one that is more probable to happen to the one that is least probable to happen (imo at least).

- Getting the said item that was "stolen" back. (Which they never had in the first place)
- Getting attention. (Yes, I am going there, seen it before)
- The pure kick of it. (Yes, believe it or not, some people actually have fun lying)

About there being shady people everywhere, I agree, and believe me, I do not consider PWE a "pure, angelical" type of company, but in these cases, I don't believe PWE in general or PWI's team has anything to do with it.

PWE/PWI is more the kind of company that does things in a different manner when they want to steal from you.

But like I said in my previous post and I am repeating on this one: This is just my opinion on the matter. b:pleased

blueelephant69 · August 2014

well if they have nothing about it then i want to know what they are going to do about it, 5 of my friends ive known for years have been scammed, they have never given there account info out or would be stupid enough to go to a phishing site, suddenly people are getting booted left right n centre n having all there items stolen... now i know PWE's easy way out is to say ' u all gave your info out ' im hoping they actually sort something out considering its the people that have played for years n stayed loyal that are being scammed. b:shutup

WistaKitty - Archosaur · August 2014

There has been alot of hacking going around on arch server. Mostly its happening to the people that are stupid enough to go fall for the free rewards on a certain site, i don't remember how the url goes but its has pwi's name in it. Then the hackers go on the accounts and pm the toons friend's list. They will either tell them to go to that site or ask them if they can borrow a certain item that friend has. So people if someone tells/asks you this do not do it. Dont be stupid, think about it first.

blueelephant69 · August 2014

but shouldnt pwe be doing something about that? tracing there ip's and banning them? its about time they lift up there finger n actually do something

Slivaf - Dreamweaver · August 2014

LuckingFoco - Raging Tide wrote: »

Don't use the same password for different things.

^ I was **** once and that was likely the reason for mine, plus it was an insanely weak password.

nbreaking wrote: »

CM, GM and above: Can have whatever they want ingame, why would they "****" accounts?

*snip to shorten*

EDIT: Just saw LuckingFoco's post, add all of those to my post xD
And also, another thing. If PWI wanted to "****" your account, why would they target your char and not your bank account? Same thing if PWI was THAT easy to **** into, why would the hacker really bother with your char? If they can **** your account, they could **** their way into your real life info so... I just don't think people are actually getting ****. Just my opinion.

While this scenario is unlikely for the most part it is still VERY possible for this to happen.

That is:

GM/Admin/Cm etc wants a little extra money, how to do that one might ask one self, hmm I know! i'll sell off the character information to others of inactive chars/that have tradeable stuff! *Finds a blackmarket site precedes to sell in active account/renames it, and no one will ever be the wiser unless that inactive person comes back.* Though as I said that is unlikely, I am sure there are safe guards/limits to just how many people have unrestricted access to our password, that way they don't have to look far if this becomes a major/recurring/suspected issue.

--

Further more there are more ways to get '****' then the ways listed by luckingfoco/nbreaking, though those are the easiest ways to become a victim.

If someone really wants into your account to sell off your gear/character on the blackmarket, then they will find a way, some people can do what is known as bruteforcing. (Essentially a script that automatically tries number & letters variations cap or otherwise until they find the correct entry into your account... that is why numbers letters, and silly little symbols are safer, it makes it much harder for a bruteforce to work its way in, not to mention the changing of your password often, doing that may very well prevent a brute force from accessing your account.)

Not to mention the database that holds our passwords could be penetrated by a true hacker, especially with how poorly coded pwi is at times.

HOWEVER as I said with the mod bit, both of these are rather impractical it is far easier for a 'hacker' to just create a fake website with promises of this or that, and get tons of info quicker, so yea do as LuckingFoco suggested above, all of those steps DO help keep you safe, a bit of friendly advice apply that information for EVERY site possible, especially the important ones like your bank account/ebay/paypal/games... etc.

EDIT: Considering how difficult it is to be '****' through actually not being stupid/visiting bad sites/having weak passwords, I would have to say pwi is safe still, just be smart, vigilant and change your password often.

ksfe · August 2014

changing pw dont seem to work. ive changed my pw like 2 days ago. and gotten **** lastnight.. on 3 different accounts.. the gear codes been all changed all 3 emails been messed with couldnt access them.. this dont seem like any normal hacker.. if it was one person it wouldnt be so wide.. someone in the pwi staff is doing this. and pwi reply to anything to do with lost/**** stuff "please continue playing with whatever is left over" those that seem very helpful to you guys???... in other words what they're saying is to continue playing... get good gear again and wait to be **** again..... this got to stop.

mechabeastmc666 · August 2014

blueelephant69 wrote: »

so i dont know if its happening on any other servers other than Archosaur but a large amount of people are being ****, they are gaining access to there emails and the user and password's. this has happened to over 30 people in the last week, a few undoubtedly came from a phishing site but the majority of them have NOT got to those sites,they havent given there info out, these people are from all over the world. people are losing emp tomes nw necks rings large amount of coins ANYTHING that is tradeable and PWI STILL havent done anything about it, i would like a response from sparkie or anyone that could shed some light on this matter, are people going to get reimbursed or are u simply going to say ' THEY ALL GAVE THERE INFO OUT ' to cover your tracks? because maybe im being paranoid but to gain access to a vast majority of peoples emails users and passwords they wud have to have access to a member of your staffs accounts. i emplore you to do something about this and trace these bastuds that are hacking your loyal members.

The majority of people DO give their info out, to their Best friend, or Girlfriend/Boyfriend or to a trusted person who would "Never in a hundred years do them any wrong"

Bottom line is, If you give your info Out, to Anyone for Any Reason whatsoever, you deserve to have your account **** with no Hope of getting your items back. It could have been Prevented if your account was **** Via you sharing the info.The pass-word sharing goes on alot more than what people realize. It's almost like it's legal now the way people do it on my server. Then they have the nerve to whine about it.

blueelephant69 · August 2014

mechabeastmc666 wrote: »

The majority of people DO give their info out, to their Best friend, or Girlfriend/Boyfriend or to a trusted person who would "Never in a hundred years do them any wrong"

Bottom line is, If you give your info Out, to Anyone for Any Reason whatsoever, you deserve to have your account **** with no Hope of getting your items back. It could have been Prevented if your account was **** Via you sharing the info.The pass-word sharing goes on alot more than what people realize. It's almost like it's legal now the way people do it on my server. Then they have the nerve to whine about it.

lol i know a few of them personally and we have know each other for years , people can keep saying they gave there info out, but reality is that they didnt. some that i dont know WERE phsishing sites, that pwe shud be modding chat anyway right? but some of them are loyal players and good friends and the fact that they might quit, its just such BS. i want sparkie to answer to this thread.

LuckingFoco - Raging Tide · August 2014

I wouldn't think hackers would use a bruteforce technique on an MMO. While possible, as you said not really probable. That tends to be more aimed at banks, governments, credit card companies, large billion dollar merchants, etc.

Way too much trouble for a few thousand dollars in virtual items. I do agree, its more than likely a phishing site, a fake PWI site but also as I said, add a 3rd party bot download site, or a private server site.

Bob has been using that awesome bot program. Bob tells his friend George about it. George downloads it and tells Frank and Louie they should try because they are making lots of coin. George being Franks bestie in game logs into Franks account so he can buff his awesome bot.

Louie tells Jim, but Jim thinks about it and says, naw, auto culti is good enough.
Two weeks later Bob has been ****. It's PWI's fault I haven't ever given any info to anyone. I never use any programs or go to bot sites Bob says.

George panics. But too late George finds everything missing. Damn bob, but its PWIs fault!! I never dun nothin wrong, and along comes Frank crying dey stoled my stuf!!

Louie finding out about all his friends getting ****, says its PWIs fault. He has lots of friends getting **** and none have evvvver gone to any bad site. It's PWIs fault, but Louie changes his password, updates his malware and virus definitions, and for the moment is safe.

See spot run

Slivaf - Dreamweaver · August 2014

ksfe wrote: »

changing pw dont seem to work. ive changed my pw like 2 days ago. and gotten **** lastnight.. on 3 different accounts.. the gear codes been all changed all 3 emails been messed with couldnt access them.. this dont seem like any normal hacker.. if it was one person it wouldnt be so wide.. someone in the pwi staff is doing this. and pwi reply to anything to do with lost/**** stuff "please continue playing with whatever is left over" those that seem very helpful to you guys???... in other words what they're saying is to continue playing... get good gear again and wait to be **** again..... this got to stop.

To be honest that is rather unlikely it sounds more like you downloaded a keylogger.

How to remove it

Please note that as it says in that video comments below, not all keyloggers have the winlogon.exe that is described in the video.

EDIT: Indeed all too true LuckingFoco.

EDIT 2: I gotta say though I think a few hackers would prefer to risk getting away with hacking an mmo and go for 'small' bucks I'd think it would be easier to get away with it/not have fbi knocking on your door.

(What I am saying there is this: A hacker gets account info from a bank/etc where actual money isl, they are far more likely to check into that/go after it more and not rest until the have the perpetrator brought to justice, whereas if they **** a person account in an mmo they often go unreported/unnoticed and thus are far more likely to avoid that knock at the door.)

blueelephant69 · August 2014

either way if it is a phishing site pwi shud be doing somethin about it yes? keyloggers i dont know anything about really, is there nothing pwe can do about that, if not they shud at least reimburse the people who got scammed.

nbreaking · August 2014

Best and most truthful story I have heard in a while LuckingFoco b:laugh

What Silvaf said is what makes most sense in your case ksfe, it's really easy to make/download a keylogger (in case you don't know what it is, it's a program that "records" everything you type (sometimes what you click aswell) and sends it to another computer without you even noticing it's there) and send it to someone else.

LuckingFoco - Raging Tide · August 2014

Slivaf - Dreamweaver wrote: »

To be honest that is rather unlikely it sounds more like you downloaded a keylogger.

Yeah sounds exactly like a keylogger to me.

blueelephant69 · August 2014

it isnt just one person though its like 30+ with the exception of a few going on phishing sites, will pwe reimburse these people?

AstralRage - Archosaur · August 2014

As posted on my faction's forums:

As some of you are aware, a number of players' accounts on Archosaur server have been accessed by a malicious third party in the past few days. I know there was a phishing scam going through world chat the other day and some players fell victim to that. However, a number of players who never accessed the phishing site have had their accounts logged into and valuable items stolen. It appears someone is targeting players' email accounts as well.

I recommend everyone change your passwords and enable a safe code (obviously don't use the same password for both). I would also suggest changing the email associated with your account to a new one that is not used for anything else online.

Shortly after this started, I received an email from "[redacted]" on an email account I have only used for correspondence with a couple PWI players offering to sell all kinds of end game gears. The only way he would have that email address is by getting it from compromising one of my friends' emails.

Also at least one player's PayPal account was also compromised. The associated email address on that account was changed to "[redacted]".

It appears this is more broad in scope than I initially thought so I am posting this here so you all can be aware and protect yourselves.

Note that I reported the phishing site to the web host and it was removed the same day. At least some of the ongoing problems are a result of the phishing effort that occurred on Monday. The scammers used their newly obtained accounts to "borrow" items from those players' friends as well. However, I don't think this is the whole story.

Recently, PWE sent emails to a number of players informing them that their security had been breached and certain accounts may be at risk. Those players were forced to reset their passwords. It is possible that breach involved more data than PWE realized, or the attacker(s) had enabled a backdoor allowing them to regain access to PWE's computers in the future.

A keylogger is another good possibility, but of the players I know whose accounts were accessed, none have found a keylogger on their system. Another possibility is data has been obtained from a game-related third party site (such as shivtr or enjin) that revealed players' email addresses and passwords and that data could have been used to access players' email addresses to reset PWI passwords or access their accounts directly if they use the same username and password on multiple sites.

Regardless of whether you think there is a threat currently, it doesn't cost you anything to update your login and safe code passwords or to enable safety lock. GO DO IT.

Xainou - Sanctuary · August 2014

People still fall for these sites?... sigh

blueelephant69 · August 2014

Xainou - Sanctuary wrote: »

People still fall for these sites?... sigh

yes a few DID, BUT some are being **** from some other source that havent visisted this site, 3 of my friends were **** last night, all tomes nw necklaces rings etc... coin, everything was taken, 2 days ago my friend, nw necklace emp tome nw rings everything taken, no-one knows what is going on , as ive been these peoples friends for years i can vouch that A - they are not dumb enough to visit a phishing site and B - not stupid enough to give out info. i want some answers from Sparkie to see what he can sort for these people that have been result to a malicious attack on them.

MochiBean - Archosaur · August 2014

AstralRage - Archosaur wrote: »

As posted on my faction's forums:

Note that I reported the phishing site to the web host and it was removed the same day. At least some of the ongoing problems are a result of the phishing effort that occurred on Monday. The scammers used their newly obtained accounts to "borrow" items from those players' friends as well.[/B]

They are also creating accounts with names similar to other players. I know someone has made one pretending to be my husband to borrow items. There's also one going around pretending to be me sending links to people in the same faction. The names looking really close like they'll leave out an i of use a lowercase L instead of I. A few people even say they were talking to them and they were pretty convincing. Luckily no one has given them anything or gone to the sites. But whoever is doing this is trying pretty hard. Seems like every few days they are pretending to be someone new.

Not really sure what I can do about this though. We have warned everyone in our faction and asked for ss of the convos. But most usually forgot to take a ss. I hope they catch who's doing this soon.

AstralRage - Archosaur · August 2014

I am currently getting harassed hardcore from another player's compromised gmail account trying to get me to go to another phishing site. I have reported the new phishing site. It is on the same web host as before but a different domain.

mntainr · August 2014

blueelephant69 wrote: »

so i dont know if its happening on any other servers other than Archosaur but a large amount of people are being ****, they are gaining access to there emails and the user and password's. this has happened to over 30 people in the last week, a few undoubtedly came from a phishing site but the majority of them have NOT got to those sites,they havent given there info out, these people are from all over the world. people are losing emp tomes nw necks rings large amount of coins ANYTHING that is tradeable and PWI STILL havent done anything about it, i would like a response from sparkie or anyone that could shed some light on this matter, are people going to get reimbursed or are u simply going to say ' THEY ALL GAVE THERE INFO OUT ' to cover your tracks? because maybe im being paranoid but to gain access to a vast majority of peoples emails users and passwords they wud have to have access to a member of your staffs accounts. i emplore you to do something about this and trace these bastuds that are hacking your loyal members.

If you can, check to see how many are merchants and how many are not. This info might help lead to the methods or source and help prevent future ****.

Merchants have alot to lose, so much more than others that they will make every effort in learning how to secure their account. Non merchant often are much more relax about account security therefore are more likely to make a mistake.

blueelephant69 · August 2014

mntainr wrote: »

If you can, check to see how many are merchants and how many are not. This info might help lead to the methods or source and help prevent future ****.

Merchants have alot to lose, so much more than others that they will make every effort in learning how to secure their account. Non merchant often are much more relax about account security therefore are more likely to make a mistake.

alot of them are merchants lol people have pretended to be me as well , they are impersonating officers from TW factions trying to get peoples infomation or to go to a phishing site, we have people being **** left right and centre, people going on all these phishing sites. someone really wants to **** up arch server , maybe they will be happy when the server dies n they have no1 left to scam or **** lol. as im sure thats there income irl..lol.

blueelephant69 · August 2014

AstralRage - Archosaur wrote: »

I am currently getting harassed hardcore from another player's compromised gmail account trying to get me to go to another phishing site. I have reported the new phishing site. It is on the same web host as before but a different domain.

yes a few of my friends are getting random emails from peoples emails ssaying to visit sites or to give them gold or items lol. how they got there emails is beyond me...

Is Pwi Safe Anymore?

Comments

Categories