Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Any recent hacked accounts from Southperry users?
Jellyflower Wrote:As of Jan 17, 2010, I believe Nexon database is being compromised. At first there were hints suggesting leaked database info but this notion was somewhat rejected as there are cases where people have changed their passwords a few days prior of their accounts fell into victims. Further analysis is now pointing to the possibility of leaked password being released as MD5 hashes, since this was what Brazilian MS was using at the time when server files were leaked. Of course we have no way to confirm this other than the programmers themselves at Nexon. So now a few involved people are asking those who were hacked if their responding passwords hashes are logged somewhere in the internet database. Detail is covered in subsequent pages (page 17 onwards I believe) and on other thread in this forum section as well. Bottom line is, use a 'strong' password to protect yourself. 12-character long combined with lower,upper-case, numbers, and symbols is ideal. If you're affected, make sure you submit a ticket through the ticketing system. There's a lot to read on so if you're an active player of any Nexon games, you may want to periodically change your password(s), lock items and equipment, and store unnecessary NX with a non-suspicious character on the same account and put up something for that amount of NX in the WANTED section. This is just some precautionary measures we can take since we don't exactly know what is going on out there.
Even if database leaks are the cause of it, a 12 char password isn't needed:
The speed of md5 hash cracking via GPU acceleration is about 1 billion hashes per second.
The amount of possible passwords for a N chars long password (assuming the hacker doesn't know that it's N chars long and starts from the minimum, 4): for (i=4 to N) { keyspace P i }
keyspace is 62 for lowcase letters, highcase letters and numbers, and 72-80 if you add the signs (depending on which signs do you count in the calculation).

I took a keyspace of 72 letters, meaning a password with low and high case letters, numbers and simple signs. The number of possible passwords for only a 9 char password is about 3.13 * 10^16. divide that by a billion (10^9), you get about 3.13 * 10^7, meaning 31,300,000 seconds to crack the password. Thats almost a year. No one is going to waste that much time on cracking a password.
Reply


Messages In This Thread
Any recent hacked accounts from Southperry users? - by BDRyan - 2010-01-18, 01:09 AM
Any recent hacked accounts from Southperry users? - by Kortestanov - 2010-02-02, 02:33 PM

Forum Jump:


Users browsing this thread: 4 Guest(s)