2009-01-27, 01:04 AM
(This post was last modified: 2009-01-27, 01:09 AM by KajitiSouls.)
bio9205 Wrote:In MSEA, some China hackers got hold of Asiasoft's database of passwords (Yes, every single account. Scary, eh?) and hacked into almost every account. Those who didnt change their passwords were doomed.
Another time, hackers would scroll a gawdleh item, decode the entire item, place a tracker inside, and sell it in the FM for a really cheap price like 1 mesarz. When someone buys it, all the hacker needs to do is track the item, and somehow (i have no idea how) get the password, and the account is hacked. Sweet, no?
These are TRUE. Not just speculations.
Damn, MSEA's pw hash function must really suck or something (if they didn't use a one-way function at all, MSEA needs to reconsider their security). A dictionary attack should really only be able to recover roughly 70% of the passwords at best.
The only way I can even remotely see the 2nd hack being deployed is if the hacker tracked the unique instance of that item via some ID number. Other than that, it's pretty much not possible.
I personally am a victim of social engineering. Nothing definitive can be made out of the incident unfortunately.

