Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Any recent hacked accounts from Southperry users?
I have noticed that it appears man of the accounts that have been hacked were made prior to the europiean ip block date. I know that does not help in figureing out whats going on, but it might be an idea to store valuable items on accounts made after that date (around May 2007).

Just a thought, and may or may not be related at all.
Reply
Hope4 Wrote:I have noticed that it appears as if most of the accounts that have been hacked were made prior to the europiean ip block date.
(someone remind me of exactly when that was).

Doubt that's relevant or related, honestly.
Most things can be said to occur after an arbitrary point, but it doesn't mean they're correlated.


LocationCut Off
BrazilJune 25th, 2008
VietnamJune 25th, 2008
EuropeMay 23, 2007
Reply
Hope4 Wrote:I have noticed that it appears as if most of the accounts that have been hacked were made prior to the europiean ip block date. I know that does not help in figureing out whats going on, but it might be an idea to store valuable items on accounts made after that date (around May 2007).

My account was made on Oct. 1 2007 so this scenario can't be right.
Reply
Kalovale Wrote:Same old reply: start a serious list and make Nexon notice, leave your account on for 24/7 and hope they don't have DC hacks.

Actually, I've been keeping a list of people who have been hacked since the server upgrade. I was hacked on Dec 3. I knew that something had to be really wrong, because my computer was clean, and I never shared my info. So after it happened to me, I started combing forums to find others who had been hacked just since the server upgrade. Currently my list has 403 people on it. I listed the website I was on, the ign, world and level. Of course, it has to be just the tip of the iceberg, judging by all the stripped characters in rankings. I did notice that nobody from Galicia reported being hacked. And, it really looked to me like there were a lot of stripped immigrants.
Reply
Im reading this thread since start and it was scaring me all the time... being sitting duck as someone said. But after today i feel just little bit relieved.
Today someone got hacked and i was chatting with a friend of mine about this.
So he started to tell me not so use sleepywood forums (dont wanna bash or something but just read to the end). And me reading both sw and sp forums about recent hackings got my attention why not.
He came out with answer that recently admin of sw got hacked who aperently had acces to all of birthdays and info on your profile. So they have info about your bday... maybe first and last name and your mail... all gotten thorugh that admin account. I dont know how this theory stands from view of a having acces to that database but someone would say... its just a forum and doesnt need some encrypted data.
He said that this info is from a reliable source... but i say theory becouse there is no actual proof of that.
So my question is... is there anyone of you that couldnt got hack that way? And if there is anyone who could get hack this way?
(still doesnt explain random hackings of mules imo but it could be a good guess?)
Reply
MarkoM Wrote:So my question is... is there anyone of you that couldnt got hack that way? And if there is anyone who could get hack this way?
(still doesnt explain random hackings of mules imo but it could be a good guess?)

My SW info wouldn't have provided access to the account that was hacked. Also wouldn't explain why they didn't have to change my pass or pin.
I was one of the people targeted in the SW attacks; I was banned, renamed and various other things by the person who took over.
It's not having what you want - It's wanting what you've got.
Reply
[Nevermind. Post deleted because this might encourage any possible lurking hackers to avoid what I said regarding Nexon's site for any reason.]
Reply
MarkoM Wrote:Im reading this thread since start and it was scaring me all the time... being sitting duck as someone said. But after today i feel just little bit relieved.
Today someone got hacked and i was chatting with a friend of mine about this.
So he started to tell me not so use sleepywood forums (dont wanna bash or something but just read to the end). And me reading both sw and sp forums about recent hackings got my attention why not.
He came out with answer that recently admin of sw got hacked who aperently had acces to all of birthdays and info on your profile. So they have info about your bday... maybe first and last name and your mail... all gotten thorugh that admin account. I dont know how this theory stands from view of a having acces to that database but someone would say... its just a forum and doesnt need some encrypted data.
He said that this info is from a reliable source... but i say theory becouse there is no actual proof of that.
So my question is... is there anyone of you that couldnt got hack that way? And if there is anyone who could get hack this way?
(still doesnt explain random hackings of mules imo but it could be a good guess?)

Sleepywood (nor any other forum) has my DOB or last name. A DOB is not necessary to register to use Sleepywood (or any forum I have registered with aside from Nexon's).

Also the hacker did not have my last name or pw as my pw was not changed, the hacker only changed the pin which means he knew the the login & pw (since pin crackers are so fast you don't need the pin).
Reply
Has anyone been hacked (not by keyloggers or the usual) after 1/13/09?
Reply
I've had my account for at least 3 years.

You can add me to this list.

My browsing history is almost exclusively the following sites:

southperry
gmail
youtube
tvtropes
8-bit theater
and my school's website.


I'm the only one to ever use this laptop (cept my wife to go on gaia)
I've got antivirus stuffs and spybot s&d.



I happened to be on my bishop (alt account) so I got to see it happen right before my eyes. Since I saw this, i instantly tried to get to the internet. But being a laptop, it took a while. So I got to see them go through my DW (lvl 60), then my aran (lvl 91), (internet browser FINALLY decided to acknowledged that I clicked on it), then they got to my corsair(lvl 125). I managed to change my password while they were on my corsair. So they didn't hit my buc (lvl 131). Oh yeah, they changed my pin too. I was able to reset it.

Most important things I lost were

an U/H 13 att SCG
they dropped EVERY helm I had, even maple helms I wasnt wearing
23 PoTs
Tons of accuracy gear (brown dana, lvl 30 warrior gloves with 23 acc)
50m(ish) mesos
Tons of maple gear


but this won't get me down. I'm gonna pick back up right were I left off. I'll build my way back up.


But... if I didn't do anything to get keylogged (I checked) and asking me "did you go to a possible scamming site?" will just make lol... then how exactly did I get hacked?

And does that mean, even with my pw changed... won't I just get hacked again?
Reply
No one really knows how it's occurring. Changing your password/pin and reclaiming the account seems to keep them off. All the same I'm not playing my hacked account any longer. To me 1/3 pieces of pertinent information is now public knowledge to whomever is doing this, and I wont risk it again.

The facts as I gather right now

*older players with no prior history of ever being compromised before
*hits are random, with no logic visible as of yet between creation date/level/popularity/class/etc
*knowledgeable players that dont visit questionable sites, that are fairly concientious about internet security
*running virus/malware protections, all scans are coming up clean
*accounts are looted - in most cases untradables are left alone - with the exception of very valuable ones that are scissored off.
*many people have multiple accounts of which only one was hacked - works against the keylogged idea.
*in some cases / not all account emails have been compromised - hotmail/msn in particular
*nexon is leaving tickets open and escalated with no further response
*hackers are leaving some valuables at times - either indicating lack of space, or just moving quickly and not being thorough.

Many of these "facts" dont correlate with being keylogged. Many of them don't correlate with a database leak either. But being that nexon will probably never tell us what's up, im not sure we'll ever get the answers to our questions. And the sheer volume of people reporting makes me think social engineering is out - even though many logins/usernames/passwords were unique to only ms, and wouldnt be found elsewhere
Reply
Wigum Wrote:No one really knows how it's occurring. Changing your password/pin and reclaiming the account seems to keep them off. All the same I'm not playing my hacked account any longer. To me 1/3 pieces of pertinent information is now public knowledge to whomever is doing this, and I wont risk it again.

The facts as I gather right now

*older players with no prior history of ever being compromised before
*knowledgeable players that dont visit questionable sites, that are fairly concientious about internet security
*running virus/malware protections, all scans are coming up clean
*accounts are looted - in most cases untradables are left alone - with the exception of very valuable ones that are scissored off.
*many people have multiple accounts of which only one was hacked - works against the keylogged idea.
*in some cases / not all account emails have been compromised - hotmail/msn in particular
*nexon is leaving tickets open and escalated with no further response
*hackers are leaving some valuables at times - either indicating lack of space, or just moving quickly and not being thorough.

Many of these "facts" dont correlate with being keylogged. Many of them don't correlate with a database leak either. But being that nexon will probably never tell us what's up, im not sure we'll ever get the answers to our questions. And the sheer volume of people reporting makes me think social engineering is out - even though many logins/usernames/passwords were unique to only ms, and wouldnt be found elsewhere

Wrong. It's scattershot as hell. I've seen 3 month old accounts get hit.

If anything, they may just be bypassing the login server in a certain way. Spoofing in some sort.

How many have been hacked while offline? How about online? I see most people who get hacked are offline at the time. Tally it up.
Reply
GameMX Wrote:Wrong. It's scattershot as hell. I've seen 3 month old accounts get hit.

If anything, they may just be bypassing the login server in a certain way. Spoofing in some sort.

How many have been hacked while offline? How about online? I see most people who get hacked are offline at the time. Tally it up.

Every one was offline since only 1 user can be on 1 acc at a time. You can't log into an acc if someone already on it
Reply
Okay added bullet
*hits are random, with no logic visible as of yet between creation date/level/popularity/class/etc
i think the older account statment is still valid as it's kind of weird that suddenly older accounts with no issues securing their account prior to this hacking spree are suddenly getting hacked into. That along with the of multiple accounts only 1 is getting hit makes me think it's not a keylogger and more of a random targeting.

I think it might be worthwhile to put some form of survey up, so we can get some anonymous number in and find out what kind of %'s we're looking at in terms of hacked accounts and hwo they were hacked.
If you can say out of x number people 25% of them fell into this category, I would say that's a fairly accurate indication that something is very wrong.

edit: would you guys participate/think it's worth while if i did some form of data aggregating survey to see where the similarities are coming from and hosted it on say Hidden-street, if the owners dont mind (where I'm an admin) or asked the other forums to host their own version? We could compile a list of the pertinent questions that can give us some kind of idea what the core occurrences are and just be hard data, not speculation.
Reply
GameMX Wrote:Wrong. It's scattershot as hell. I've seen 3 month old accounts get hit.

If anything, they may just be bypassing the login server in a certain way. Spoofing in some sort.

How many have been hacked while offline? How about online? I see most people who get hacked are offline at the time. Tally it up.

yes, but for the most part its older accounts we are seeing. Whether thats because the older the account the more likely the person posts on forums, or whether its an actually clue may be debateable, but the lesser account getting hit might be just the "normal" hackings going on at the same time as this incident. What better time to take advantage of "you friend that knows your info" then one in which you will be unlikely to be blamed outright?
Reply
XBish Wrote:Every one was offline since only 1 user can be on 1 acc at a time. You can't log into an acc if someone already on it

Sorry, should have been more specific.

Did anyone get hacked while online, and by that I mean they got DC hacked, and then someone else logged in...
Reply
Nope, it happened just as I logged off my aran and then went to my bishop (the other acc) So I got to see my "other" self log in and take all my stuff T.T
Reply
shouri Wrote:Nope, it happened just as I logged off my aran and then went to my bishop (the other acc) So I got to see my "other" self log in and take all my stuff T.T

I wonder if they're somehow bypassing login info then, or something deep. It seems most to all get hacked while offline.

Also, anyone notice how broken the hacker's english are?
Reply
I stayed online at all times. I checked my shop then went AFK in NLC when I went to work. Few hours later I was dc hacked then stripped. My connection is impressive only lose connection by server check or game error.
Reply
GameMX Wrote:I wonder if they're somehow bypassing login info then, or something deep. It seems most to all get hacked while offline.

Also, anyone notice how broken the hacker's english are?

I was offline when mine happened. Yes, my hacker's english was very broken when I managed to get him to speak to me. I'm not sure if we're allowed to post IGN's on here, but if we are and anyone's interested, I can post the mule my hacker was using to sell my stuff in Mardia FM, maybe they're the same person that took any of your stuff too (if you're in Mardia).
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)