![]() |
|
Any recent hacked accounts from Southperry users? - Printable Version +- Southperry.net (https://www.southperry.net) +-- Forum: Maplestory (https://www.southperry.net/forumdisplay.php?fid=15) +--- Forum: Maplestory Discussion (https://www.southperry.net/forumdisplay.php?fid=31) +--- Thread: Any recent hacked accounts from Southperry users? (/showthread.php?tid=20977) |
Any recent hacked accounts from Southperry users? - Fumni - 2010-01-19 DualReaver Wrote:At this point it's us against the hackers, so everyone has come together to fight. Yeah except the hackers are the giant flying saucers in ID4, and we're the F-16's getting swatted effortlessly. Ironically, they brought down the saucers in ID4 with a computer virus. Any recent hacked accounts from Southperry users? - LemonLimes - 2010-01-19 Fumni Wrote:Yeah except the hackers are the giant flying saucers in ID4, and we're the F-16's getting swatted effortlessly. Ironically, they brought down the saucers in ID4 with a computer virus. We're more like primitives hurling rocks at advanced alien aircrafts. We're pretty much helpless against the hackers. There is nothing I can think of that we can do to take the fight to them. We don't have much to go on as far as clues regarding why we're all being attacked and how exactly are they getting our info. Any recent hacked accounts from Southperry users? - Uncouthist - 2010-01-20 Oh dear, it really makes me wonder now if the problem lies in the publisher or the creator of the game. GMS and MSEA getting their arses kicked the same way can be scary.... I wonder what security crap is there in GMS... Any recent hacked accounts from Southperry users? - Phoenix - 2010-01-21 Kevo Wrote:I'm not saying that he's the culprit behind all the hacking. Don't think I ever said anything like that... It's always the quiet one. One more guildie fell victim to whatever is going on today, puts the total count at 12 or 13 in 2 months. I'm sorry, but if that's not out of the normal, then I don't know what is. This one ecko took full credit for lol, even cause some havoc with the Jr's account till we kicked it. Saddens me deeply though, no one deserves this pomegranate. Any recent hacked accounts from Southperry users? - Kevo - 2010-01-21 Phoenix Wrote:It's always the quiet one. Yeah I heard about this one, pretty bad stuff. I believe in Karma, and he'll get his... eventually... Hacking is the same thing as stealing from somebody in real life, although the fact he stole thousands of dollars must be how he gets high... Any recent hacked accounts from Southperry users? - MissingLink - 2010-01-21 The latest statement from 'HIME' on Nexon forums: "Thank you for your information but we actually have what you are trying to post. [the list, hackers manifesto] I'm going to say it again - we are investigating the issue and we are not ignoring anybody. This circular discussion is not productive nor helping the situation. So far in our investigation no evidence has come up showing negligence on our part regarding security. Yes, hackers are annoying and pose threats to people's accounts and enjoyment of the game. Our priority is to protect you. " (Thread locked. If you want to see what else she has written, look at last post of various locked threads.) This is a slight change from earlier posts which had: 'There is no evidence pointing to a security breach on our database.' (I guess that means that there was no flashing red light on the server and a voice saying 'intruder alert.....intruder alert') So they have moved from 'no evidence of security breach' to 'no evidence of negligence' I suppose that is progress. Maybe. Any recent hacked accounts from Southperry users? - Fumni - 2010-01-21 Damn, you beat me to doing the exact same thing, but with a more up to date quote. -Hime- Wrote:I've said it numerous times and I'm going to say it again. There is no evidence pointing to a security breach on our database. Through our investigation (though yet complete) nothing has come up pointing us as the culprit. If it was indeed a security breach, account passwords and pins aren't the only that gets compromised. Our database is comprised of everything including personnel information. These so call hackers could have done much more malicious attacks with a database breach rather than stealing account information. Yes, though it may appear to be a list of accounts going around there are many possibilities of how the list was generated. We're examining all possibilities and working on identifying the root cause of this issue. The part I bolded just really concerns me. What she said is true, but if they really aren't aware of a database breach, then it's just a matter of time at this point. Any recent hacked accounts from Southperry users? - HELOHELO - 2010-01-21 Uncouthist Wrote:Oh dear, it really makes me wonder now if the problem lies in the publisher or the creator of the game. Nope...nexon and asiasoft => lax secuity => outdated anti virus => loopholes for hackers China hackers=> MSEA USA hackers => GMS But USA hackers are mean they posted IDs and PWs in forums, claimed they have access to all accounts. Any recent hacked accounts from Southperry users? - Moonlapse - 2010-01-21 Well at least they are aware. Any recent hacked accounts from Southperry users? - LemonLimes - 2010-01-21 From what I gather from this discussion we are all fairly certain that there has been a breach in Nexon's database. On the other hand, Nexon is being slow to jump to any conclusions as to what is the cause of the hackings. Jumping to any sort of conclusion and then later being proven wrong would look unprofessional. It is both risky and frightening, but I believe this group of database hackers are going to have to make the next move, if Nexon is going to accept our assumptions regarding their database security as fact. Hime's assertion is that if there are hackers infiltrating the database, they would be doing far worse than looting a few hundred accounts. But whose to say all hackers aim that high if they manage to come that far? What if their only purpose is to ruin thousands of players all for the sake of some misguided revenge scheme? I think this Vent group made their intentions pretty clear. Now all that's left is for them to make the next move. Their next move will determine if their threats are for real, and they have in fact breached Nexon's security, or if they're just full of pineapples. Any recent hacked accounts from Southperry users? - Eos - 2010-01-21 LemonLimes Wrote:I think this Vent group made their intentions pretty clear. Now all that's left is for them to make the next move. Their next move will determine if their threats are for real, and they have in fact breached Nexon's security, or if they're just full of pineapples. It is a mistake to immediately believe that the first group that takes credit for this is in fact the one actually doing it, or that "evidence" they have provided is actually the result of their own work or was in fact related to the current hack rather than obtained some other way and falsified to look like a database dump. Anyone can claim to be responsible for this, just to try sound like big scary powerful people rather than the sad little piss ants they truly are. Any recent hacked accounts from Southperry users? - LemonLimes - 2010-01-21 Eosian Wrote:It is a mistake to immediately believe that the first group that takes credit for this is in fact the one actually doing it, or that "evidence" they have provided is actually the result of their own work or was in fact related to the current hack rather than obtained some other way and falsified to look like a database dump. I fully understand that it would be a huge mistake to immediately assume these guys are behind it all. It's not hard to post a list of 150+ random accouts stolen through conventional means such as social engineering. I'm pretty familiar with some of the cheap tricks that script kiddies and amateurs will use to make people believe they are capable of things they clearly aren't. People are led to believe them because, let's face it, most maplers are incredibly gullible (lol keylogged shop items). My stance is merely "Hey, if you guys did it, prove it. And if you cant prove it, shut up". If they happen to be able to prove they can breach the database then the answer to the mystery of the account hackings will be right in front of Nexon's nose. My hunch is that this vent group merely took advantage of the crisis and posted that thread simply to cause even more panic. In any case, if were going to continue going along with the theory that the database has been breached, neither we nor Nexon will be certain until whoever did it makes thier next move. Any recent hacked accounts from Southperry users? - Sarah - 2010-01-21 I hate it so much when Hime says "Please read my posts says not what you think it says." No one ever misunderstands her, she is just a corporate lackey trained to dodge all important issues by claiming "that's not what I meant!!!" when she gets called out on something. God damn that's so annoying. But yeah, what she's said is far more frightening than was at first believed. Good lord. Mostly it just seems like Nexon as usual denying their failures instead of doing something about it. Any recent hacked accounts from Southperry users? - IllegallySane - 2010-01-21 Good news: We know Nexon is investigating this problem. Bad news: They aren't admitting to mistakes. Worse news: Personal information stolen = bad. Really bad. Any recent hacked accounts from Southperry users? - LemonLimes - 2010-01-21 It was pointed out to Hime that even without the possibility of a database breach, that there are too many loopholes a hacker can use to steal and account. All anyone needs to take full control of an account is the email and the birthday, assuming the email can be cracked. Correct me if I'm wrong, but isnt it possible to hack a player knowing only his user name? Regardless, peoples' accounts can be hacked with very little information revealed about them and that is a serious problem to begin with. If I recall, Hime was asked why Nexon removed the security questions we used to have to answer in order to claim ownership of our accounts and change information. She responded in typical fashion by dodging the question. She's trained awfully well it seems. Any recent hacked accounts from Southperry users? - Stereo - 2010-01-21 LemonLimes Wrote:If I recall, Hime was asked why Nexon removed the security questions we used to have to answer in order to claim ownership of our accounts and change information. That would be because they lost/mixed up the questions for accounts made in 2005/2006, so people couldn't use it anyway (unless they'd written down what their question/response was). Any recent hacked accounts from Southperry users? - LittlePrincess - 2010-01-21 LemonLimes Wrote:All anyone needs to take full control of an account is the email and the birthday, assuming the email can be cracked. Correct me if I'm wrong, but isnt it possible to hack a player knowing only his user name? Regardless, peoples' accounts can be hacked with very little information revealed about them and that is a serious problem to begin with. (for all those easily offended - you refers to the hacker - not anyone in particular) If you want to brute fource an account then you can because nexon made it easy for you. They tell you when you get a login vrs pw - "incorrect password" vrs "invalid login" then they tell you when you get the password or pin wrong, "incorrect password" and "incorrect pin." Naturally it's a waste to try this on accounts where you just guessed the login ID becaue there's a good chance it will be a waste of your time (no valuables on the account), but if you get the login ID for an account that you know is worth it then after a few weeks (not that I would even know how long it would take to run a computerized program on nexon's website doing a login + pw) you can log into the account and loot it. Hopefully I'm wrong and that would just take too long, but it seems very inscure to me. Nexon should let you enter the whole thing and then just say, "nope, doesn't match our records." Any recent hacked accounts from Southperry users? - LemonLimes - 2010-01-21 But the account gets banned for a while if you enter the password incorrectly enough times. Any recent hacked accounts from Southperry users? - Eos - 2010-01-21 Stereo Wrote:That would be because they lost/mixed up the questions for accounts made in 2005/2006, so people couldn't use it anyway (unless they'd written down what their question/response was). Throwing them out completely was absurd though, especially when it would've been far more useful to just mass-reset them so everyone had to go enter them again. That would've resulted in accounts being "less secure" for the time it took their owners to add in questions, rather than permanently throwing any pretense of security into the scrap heap. Any recent hacked accounts from Southperry users? - LemonLimes - 2010-01-21 The worst thing about the email and birthday loophole is that it simply doesn't occur to some people to keep such information private. |