![]() |
|
Any recent hacked accounts from Southperry users? - Printable Version +- Southperry.net (https://www.southperry.net) +-- Forum: Maplestory (https://www.southperry.net/forumdisplay.php?fid=15) +--- Forum: Maplestory Discussion (https://www.southperry.net/forumdisplay.php?fid=31) +--- Thread: Any recent hacked accounts from Southperry users? (/showthread.php?tid=20977) |
Any recent hacked accounts from Southperry users? - Fumni - 2010-01-31 DustBunny Wrote:If you want to know what's going on you can PM me. You won't find anything here because Eos, unfortunately, is too unstable to accept that he's wrong. Calling Eos unstable is like thinking soy milk is actually milk. If you're talking about Dan and Mikey, Mardia had more than enough experience with them, and we already know for a fact that they are nothing more than script jockeys, and not the originators of the programs. Their threats should always be accepted as such. Any recent hacked accounts from Southperry users? - Fiel - 2010-01-31 I'm supporting Eos on one measure here (the others he mentioned I have no stance on): Eos Wrote:a discussion about the hackers rather than the hackings, which violates rule H. Pointing fingers at who is doing it will help no one here. It does not matter if this guy/girl is a well known hacker or a script kiddie. The important part is that we know what the hacker(s) are doing so that we, players, can defend against it. Leave the hackers to Nexon after notifying them. We can help defend ourselves. Any recent hacked accounts from Southperry users? - Duelman - 2010-01-31 Quick update: My ticket that I submitted less than a week ago has been responded to by GMnethe. Thanked me for giving them the information, and escalated the ticket status during investigation. Any recent hacked accounts from Southperry users? - OhMyLol - 2010-01-31 I find it quite silly that I'm being attacked as a "script kiddy" when I never even hacked in Mardia, nor has there been proof of me hacking at all also this would imply I know how to work with scripts, and you wouldn't want to be giving unnecessary credit, now would you? Not only do I not know you Eos but this would be the very first time I have ever talked/responded to you. Few things you should know, I've been away from Maple closing on 2 years now, and haven't had any relation to it since, other then a few helpful hands lent out. I'm just curious as to what "Absolute." refers to, it's bugging me, are you saying that it's absolute crap? If so the previous period would make absolute it's own sentence thus making it referred to nothing.. No? While you`re right about a few things mainly vent being filled with Tick ZF kiddies there are some legitimately good hackers in there, and what you think you know is actually complete crap, and you should stop assuming because you`re making yourself look like an ass, just like when you assumed you knew two ripe pineapples about me. To clear some things up, I did not need to wait for "HT hacks" to be released, take that for what you want, but if you`re even the least bit smart you should know what I'm trying to say. Also I didn't use No Delay, I simply hit ko'd it, I did not and do not have the time to spam a key so I took the alternative. This thread guessing at what is happening is pretty funny, and people screaming impossible at things are giving Nexon to much credit. Just to hint at something the list at my current possession includes 55,000 ID's, for anyone who had other ways of obtaining ID's and has the current exploit obviously add onto the numbers. This subject is bad, and you should feel bad for discussing it. Btw LolHighLUKgear. Bye. Any recent hacked accounts from Southperry users? - LittlePrincess - 2010-02-01 So what special things are you guys saying in your ticket to get them to esclate it and pay attention to it? They closed mine in 5 days and gave the standard reply of don't share your account and don't tell people your info and don't download keylogers. Did I just get my account broken into too early (dec 22) and nexon wasn't paying attention yet?
Any recent hacked accounts from Southperry users? - DL83 - 2010-02-01 LittlePrincess Wrote:So what special things are you guys saying in your ticket to get them to esclate it and pay attention to it? They closed mine in 5 days and gave the standard My account was hacked on 12/01 and my ticket was closed instantly. So I filed a BBB report a few weeks ago and their response was that I filed it under the wrong category and to resubmit it under the "Accounts" category. So I did that and I was given the generic "we'll look into it" response and the ticket was escalated. That's where my ticket stands as of right now. Any recent hacked accounts from Southperry users? - Jellyflower - 2010-02-01 Mine was answered by GM Jascol I believe. Not sure when it was moved to escalated but it's been staying that way for the past 2 weeks or so. The ticket was open on Dec 26, 2009. I don't think having the escalated status will do anything in terms of resolve, since the original source of the hacking has not been tracked yet. All I think it does is if there's ever a solution, these tickets will have primary attention in terms of queue. Just think of them as "WANTED" posters if you want. I know someone who has their ticket in escalated status for around or more than a year, due to the wedding glitch (unproper divorce procedure). Nothing was specifically mentioned in the ticket, maybe they have a way (guideline or threshold) for loss NX amount to determine whether some tickets are to be left open or not. Are people these days (as of current) getting hacked even with password at full length and with symbols and such? Just want to determine the level of security with a "really strong" password, since people don't disclose in threads much nowadays. i.e. d#}Q3e=fEk9o / H39dk~'AIo^@ or something along this line (give [not in this case I guess] or take a few characters) Any recent hacked accounts from Southperry users? - Typhoon - 2010-02-01 Jellyflower Wrote:Are people these days (as of current) getting hacked even with password at full length and with symbols and such? As far as I know, nobody who changed their pass recently has been hacked. Recently as in the past few weeks. Any recent hacked accounts from Southperry users? - Molly - 2010-02-02 Haven't seen any pw changers hacked recently Steve but I saw 2 new SW posts by a girl who didn't change hers for 2 years and some Lil sister who never changed hers. I'd love to be able to unlock mine from that character map pw lock cause I ran out of NX for locks ;( Any recent hacked accounts from Southperry users? - street - 2010-02-02 street Wrote:Someone attempted to hack me recently. I usually don't look through my junk mail and today i found a forgot user id email from nexon that was sent on 12-18-09. I never requested for my username during that time or was mapling in general. Today i checked my sleepywood account info and the email i had was not connected to the email i use to register my account. Only site that use to be linked was southperry, not saying sp is the cause but it was the only maple related site that use to have my real email and b-day. Ever since this post which was 12-27-2009 i haven't been hacked. *knock on wood* I never changed my password on my account since i started which was 2 years ago.. I couldn't change my pw cause i forgot the last name i recently changed my pw last week cause i learned how to retrieve the last name. Any recent hacked accounts from Southperry users? - Kortestanov - 2010-02-02 Jellyflower Wrote:As of Jan 17, 2010, I believe Nexon database is being compromised. At first there were hints suggesting leaked database info but this notion was somewhat rejected as there are cases where people have changed their passwords a few days prior of their accounts fell into victims. Further analysis is now pointing to the possibility of leaked password being released as MD5 hashes, since this was what Brazilian MS was using at the time when server files were leaked. Of course we have no way to confirm this other than the programmers themselves at Nexon. So now a few involved people are asking those who were hacked if their responding passwords hashes are logged somewhere in the internet database. Detail is covered in subsequent pages (page 17 onwards I believe) and on other thread in this forum section as well. Bottom line is, use a 'strong' password to protect yourself. 12-character long combined with lower,upper-case, numbers, and symbols is ideal. If you're affected, make sure you submit a ticket through the ticketing system. There's a lot to read on so if you're an active player of any Nexon games, you may want to periodically change your password(s), lock items and equipment, and store unnecessary NX with a non-suspicious character on the same account and put up something for that amount of NX in the WANTED section. This is just some precautionary measures we can take since we don't exactly know what is going on out there.Even if database leaks are the cause of it, a 12 char password isn't needed: The speed of md5 hash cracking via GPU acceleration is about 1 billion hashes per second. The amount of possible passwords for a N chars long password (assuming the hacker doesn't know that it's N chars long and starts from the minimum, 4): for (i=4 to N) { keyspace P i } keyspace is 62 for lowcase letters, highcase letters and numbers, and 72-80 if you add the signs (depending on which signs do you count in the calculation). I took a keyspace of 72 letters, meaning a password with low and high case letters, numbers and simple signs. The number of possible passwords for only a 9 char password is about 3.13 * 10^16. divide that by a billion (10^9), you get about 3.13 * 10^7, meaning 31,300,000 seconds to crack the password. Thats almost a year. No one is going to waste that much time on cracking a password. Any recent hacked accounts from Southperry users? - Molly - 2010-02-03 so, another lvl 200 in Windia down today Any recent hacked accounts from Southperry users? - street - 2010-02-03 Molly Wrote:so, another lvl 200 in Windia down today did they ever change their password? Also who was it? Any recent hacked accounts from Southperry users? - Takebacker - 2010-02-03 Well aint that just a kick in the balls. It's not like they have much to look forward to at level 200 except bossing, and if you take that away they probably won't be back. Any recent hacked accounts from Southperry users? - Jellyflower - 2010-02-03 Kortestanov Wrote:Even if database leaks are the cause of it, a 12 char password isn't needed: I'm not sure what your exposure unit is, is it 1 billion hashes per computer or organized network or what? Let's just say you're right 72^9/10^9 = time to crack a specific passsword, which is around 520 million second (not sure where you get 3.13e16 at), translated to 1.65 years. You're forgetting the fact that they have more than one specific target. If passwords are uniformally and identically distributed and say 2000 users have 9-letter long passwords, so divide that by 2000 and you get 7.22 hours per successful crack. Suddenly it doesn't look as nice. You can also argue that my method will incorporate multiple checkings so in the end it's still as many comparisons as like targetting one target, but using quicksort or whatever efficient method, you can end up with log n or less comparsions instead of n. (Let's say log 2000/log 2) = 11, multiply this to 7.22 hours and you get 79.42 hours, I sure wouldn't feel safe. But each subsequent letter will increase the average crack time by 72x of previous. 10-letter -> 238.26 days 11-letter -> 47 years 12-letter -> 3384 years Bottom-line is, it's 'safer' to have longer passwords and what's stopping you to having them? An old guildmate of mine is presumed hacked as well just today and she hasn't logged on for 7 or 8 months now. Any recent hacked accounts from Southperry users? - Molly - 2010-02-03 street Wrote:did they ever change their password? Also who was it? It was silver405, rins bishop account... No clue if he changed his pw or not just happened to be afking on my mule in the fm and saw the chat. He was logged into another account as it happened early this morning Any recent hacked accounts from Southperry users? - Fumni - 2010-02-03 My friend got hacked again yesterday after getting hacked last month at the same time I did. This time they hacked one of his alternate accounts whose pw/pin he changed in response to being hacked the first time last month. I really wish I knew how these hackers are doing this... Any recent hacked accounts from Southperry users? - Eos - 2010-02-03 Fumni Wrote:My friend got hacked again yesterday after getting hacked last month at the same time I did. This time they hacked one of his alternate accounts whose pw/pin he changed in response to being hacked the first time last month. Just to be absolutely clear on this, the account that was hacked was a separate account from the original, that had had it's password changed after the original was hacked last month, but was still broken into without the intruder having to change any of the (fairly new) info? Any recent hacked accounts from Southperry users? - MissingLink - 2010-02-03 There was a similar report in the SW Q&A thread. (Could be same guy actually). Mule account was hacked (as well as main rehacked) even though password was changed 3 days before. There goes the comforting notion that the hackers only had old info and you were safe if you changed your password. I guess there is still hope that a long and complex password will protect you. Unfortunately the Q&A thread does not ask how long or complicated the password was, only if it was on the hash-reverse sites. Any recent hacked accounts from Southperry users? - Eos - 2010-02-03 MissingLink Wrote:There goes the comforting notion that the hackers only had old info and you were safe if you changed your password. One report is inconclusive, and since this is a secondhand report we can't really assume it's a separate incident. It's not impossible that it's an unrelated coincidence, or that the two events aren't entirely related. What we really need is for everyone who hasn't been hacked yet to change their passes so we can determine if that actually makes any impact. If Nexon had actually encouraged this as they were asked to we'd be in a better position to determine what's happening. |