Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Any recent hacked accounts from Southperry users?
From Hime's standpoint where he/she changed possible breach of security to no evidence to negligence simply means it's not an error on their part, possibly meaning no loopholes, leaked codes/files and such that is within their control. Perhaps the model they incorporate is secured in theory, in practicality it's not, who knows. It doesn't say much but it could be issues they aren't aware of. No negligence just means they have acted within their standard professionalism in my interpretation. I'm not sure how constructive/destructive comments are on the official forum and I'll have to disagree on the comment where it's stated that circular discussion is not productive, maybe the statement was meant in that particular mean and not at the general concept. Sometimes new ideas come sparking from this sort of discussion, but then again, it can come from anywhere. If you want some reading material, there's some great read at http://www.wow.com/tag/account-security/. And no I'm not promoting the game, but there are a lot of articles on security, even though they're mainly on authenticators. Too bad I doubt Nexon would incorporate that because of the cost and maintenance. Even though it'll probably cut their hacking tickets by 99% and stop sharing account and everything altogether.
Reply
Well, Nexon is dumb and will never change. Since they refuse to accept any responsibility and with their continuous failure to act, I've decided that currently my time would be better spent elsewhere.

For anyone who is looking for an alternative, you should check out Dragonica Online. It's basically 3D maple. It's not free-roam like WoW but rather restrained side-scrolling. It's actually got story quests and PQs that don't REQUIRE partying so it's good for all player. It's got accomplishments similar to what you'd find on XBL or the PSN and yeah. I'm sure THQICE would value you more than Nexon, because they clearly DON'T.

tl;dr pineapple nexon.
Reply
LemonLimes Wrote:I fully understand that it would be a huge mistake to immediately assume these guys are behind it all. It's not hard to post a list of 150+ random accouts stolen through conventional means such as social engineering. I'm pretty familiar with some of the cheap tricks that script kiddies and amateurs will use to make people believe they are capable of things they clearly aren't.
Nexon should know if that list is real or bogus. They just have to look at the first column of numbers to see if they are really the serial or account numbers as used in the data base. No random list from physhing or keylogging or whatever would produce a list of accounts in sequence, all created around the same time.
Some people have logged onto some of those accounts. They could tell the age of the accounts from the completion date of the maple island quests of the first character ( i think most do at least a few of those). If they were all from the same time, the list is probably a real database dump.
Reply
Just a reminder to anyone who's lost money in the form of NX during this debacle - this does fall under the jurisdiction of the FBI's internet crimes division. You've essentially had pre-charged store credit stolen from you.

If you really were a victim and you're confident that a thorough investigation will bear this out, I recommend submitting a report as I did. Feel free to reference that you believe your case to be related to I1001211950015381.

As the amount of money being stolen escalates this matter is becoming more and more one that requires real world criminal investigation, not Nexon's brand of Inspector Clouseau.

http://www.ic3.gov/default.aspx
It's not having what you want - It's wanting what you've got.
Reply
MissingLink Wrote:They just have to look at the first column of numbers to see if they are really the serial or account numbers as used in the data base. No random list from physhing or keylogging or whatever would produce a list of accounts in sequence, all created around the same time.

I doubt they are, like you said, if they were Nexon could easily* check and go after whoever this is properly.


* well, assuming they have a guy who knows how their DB works
Reply
I just posted this on their forums and will post/link here so that it doesn't mysteriously disappear as many things there do.

Quote:Personally, I don't care what's causing the issue. I don't know whether it's because of a database hack or some other convoluted ridiculous method of social engineering. Regardless of what the issue here is, when an issue is this large and is effecting so many it proves one main point and that is that your methods of security are worthless. People have been pointing out some of the most disturbing things recently (like how to get your name and email address just from logging into your account on the main site (thanks referrals!)) and Hime even said it herself, your personal information is stored along side your account information on the database. That is horrifying. That's unacceptable. A single small mistake leaves everyone, adult and child vulnerable to all sorts of attacks. Not just in game but in real life. No one should have to worry about not only losing their virtual security but also personal security because of someone being malicious.

Furthermore, the fact that it's been two months, one and a half without recognition of their even being an issue in any 'official' capacity (typically played off as it being a fault of the player through the lackluster ticketing system (for those lucky enough to even get responded to!)) This is a negligent way to practice business. Every. Single. Case. Should. Be. Handled. Individually. You don't treat people like idiots, even if they are. A business should always treat everyone like they're right until they can absolutely prove that they are wrong, and even then they should be treated as humans. Nexon rarely gives us the treatment we deserve. Ironic since they constantly demand so much money from their players (this patch was 80% NX content) from unsuspecting children.

Back on topic, though. Even with a post here and there from Hime, who mostly just deflects any response that isn't pro-nexon by telling people they're not reading what she's saying right, there hasn't been an official statement on behalf of Nexon. This is negligent. Two months of hackings, people losing everything they've worked for and that doesn't warrant an official response? Saying something aloud definitely will cause a frenzy but at this time people need to be aware of the issue, and Nexon is denying that responsibility by doing nothing. Even worse, they've done nothing to protect those of us who are aware. Free item locks are an idea that I'd heard which I think is pretty good, though it doesn't give full account security, it would allow people to rest a little easier. I can only imagine there's been a massive influx of people buying item locks out of pure worry and to allow that to happen is pretty unscrupulous. Nexon has a duty to protect us, regardless of whether or not the issue is there fault. Their initial account security is bad enough that some person or peoples have been able to attack THOUSANDS of players and that is massively telling of poor security.

Frankly I'm disgusted with the lack of reaction on the part of Nexon so far. I'm not sure how many of you here at this forum will actually accept that this is Nexon's responsibility because it often seems like people here are too afraid to speak out (I know I have been in the past, but when something needs to be said I'll always say it) but it's time for Nexon to act on behalf of their players and protect us from their failures. A public statement should've been made months ago, we should be demanding one now.

And this is why people are saying Nexon has been negligent. It's not about your database security or whether or not this is the fault of something Nexon has done. It's the result of everything they haven't done to this point.

http://forum.nexon.net/MapleStory/forums...px#4165635
Reply
Hime must hate her job at this point.
Reply
LemonLimes Wrote:Hime must hate her job at this point.

If she does it doesn't show outside of work. All she's blogged about lately is how much she loves her new laptop.
Reply
Then we'll just have to drill Hime with tough questions regarding this matter until she does.
Reply
BombsAway Wrote:I just posted this on their forums and will post/link here so that it doesn't mysteriously disappear as many things there do.



http://forum.nexon.net/MapleStory/forums...px#4165635

Wow, your thread is still open on Nexon's site...for now.

*edit* meanwhile this pro-Nexon "it's all your fault, stupid MapleStory kiddy noobs" thread written by a moron is still up...

http://forum.nexon.net/MapleStory/forums...59357.aspx

So, who wants to take a bet that Nexon will continue to ignore this problem until a GM account eventually gets hijacked, and starts causing havoc throughout the servers?
Reply
Well, I fully intend to keep applying pressure. My Better Business Bureau attempt hasn't lead anywhere yet. I'll give Hime a day to respond and if she doesn't then I intend to begin sending editorials to all major game and news sites (gamespot and IGN for example, but I'm willing to go as far as CNN / HLN / Fox to put pressure on Nexon by highlighting exactly how much danger they're putting players in by doing nothing (hurrah for Hime openly telling us that all of our information is readily available for attackers!)
Reply
Fumni Wrote:So, who wants to take a bet that Nexon will continue to ignore this problem until a GM account eventually gets hijacked, and starts causing havoc throughout the servers?

Dunno, the FBI requesting their transaction logs might jog some healthy fear into them first Biggrin
Reply
Fumni Wrote:Wow, your thread is still open on Nexon's site...for now.

So, who wants to take a bet that Nexon will continue to ignore this problem until a GM account eventually gets hijacked, and starts causing havoc throughout the servers?

I dont think Hime responds to posts or moderates the forum outside of a normal 9-5 work schedule, I could be wrong though. It would be hilarious if that actually happened to a GM.
Reply
BombsAway Wrote:Well, I fully intend to keep applying pressure. My Better Business Bureau attempt hasn't lead anywhere yet. I'll give Hime a day to respond and if she doesn't then I intend to begin sending editorials to all major game and news sites (gamespot and IGN for example, but I'm willing to go as far as CNN / HLN / Fox to put pressure on Nexon by highlighting exactly how much danger they're putting players in by doing nothing (hurrah for Hime openly telling us that all of our information is readily available for attackers!)

Well, I'm not sure if the press AsiaSoft got from that news article about their hacking incident did any good, since another one happened recently as we all know.
Reply
Judgment Wrote:Well, I'm not sure if the press AsiaSoft got from that news article about their hacking incident did any good, since another one happened recently as we all know.

Asiasoft =/= Nexon and I will make sure it's as negative (while truthful!) and dire as possible. Having CNN report that they're putting children's safety at risk is something they can't ignore.

edit: changed lives for safety. Either way by having all of our information so readily available and is just asking for child predators to diddle some kids.
Reply
BombsAway Wrote:Well, I fully intend to keep applying pressure. My Better Business Bureau attempt hasn't lead anywhere yet. I'll give Hime a day to respond and if she doesn't then I intend to begin sending editorials to all major game and news sites (gamespot and IGN for example, but I'm willing to go as far as CNN / HLN / Fox to put pressure on Nexon by highlighting exactly how much danger they're putting players in by doing nothing (hurrah for Hime openly telling us that all of our information is readily available for attackers!)

Hi Sarah,

I'm going to break the 4th wall for a bit (which, believe me, is something I rarely do,) and give you advice as someone who works in the media industry and knows how it functions first hand. Gamespot and IGN are good starts. Don't forget ComputerWorld and CNET. But don't waste your time even going as far as CNN/HLN/Fox etc. They won't care. Trust me on this.
Frankly, the first options probably won't care either, but if you reach the right person and tell it to him or her in a way he or she could understand the ramifications, it might make them interested in researching it. You would have to change the focus to Internet security, which is a more talked about and buzzworthy topic on computer related sites, rather than Nexon's negligence and shitty customer service in the past.
The real best options is to keep lobbying Nexon, and use the BBB and other customer service rating sites as a crucial instrument. You can either trust me on this or not, but I have no reason to steer you wrong, and I can't see TPTB in the media world taking interest in what's essential a virtual reality issue with an arcane audience.

-F-
Reply
Okay I've lurked here long enough but I really want to discuss this with others (not counting the ignorant people on nexon).

I poked around the Nexon forums and saw a topic by a volunteer mod that got hacked. Maybe Nexon will finally do something? >.>
Reply
Spreading the word about their poor business practices, and flooding their forums with discussions about this issue, should soon stop them from being able to sweep this issue under the rug like they're trying to do.
Reply
It'd be interesting to see CNET accepting this, since uh, they're known to do a little bit of everything, whether it is software, PCs, or whatever. And yes, they do things related to gaming too. Good luck if this sh't works.
Reply
Is there any chance that this isn't Nexon's fault?

Hear me out.

Many people claim that they have not given out their personal infos, etc.

But nearly everyone that got hacked seemed to use either facebook or myspace or some other social networking site as far as I can tell.

This hacking epidemic started around December am I correct?

Well, RockYou had their passwords stolen in December 2009.

RockYou stored many of the email addresses and passwords for many social networking sites, in december a hacker somehow stole the passwords and posted 32 Million of the Passwords & Emails Online.

They could be downloaded by anyone. "The list was briefly posted on the Web, and hackers and security researchers downloaded it. "

For the people that got hacked, did you use the same password for your myspace/email/facebook or any other sort of networking site?

Source Here: http://www.nytimes.com/2010/01/21/techno...rd.html?em

I personally think that this is way more plausible than the fact that Nexon's database got hacked into.

Many of the most famous people in Maplestory, Hefferheffer, Herotex, Lachyrmus still have their items, and have not been hacked into.

That's the reason I don't think its a database hack.

Two questions:
1) Do you use facebook/myspace or any other social networking site?
2) Did you use your Maplestory Pass for any other site?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)