Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Any recent hacked accounts from Southperry users?
It's not like a lot of people who have a lot of money made accounts after that time. Everyone in that time frame has a pretty good chance of having valuable stuff on it. Also it'll drive them to complain more to nexon if they get hacked.
Reply
Takebacker Wrote:It's not like a lot of people who have a lot of money made accounts after that time. Everyone in that time frame has a pretty good chance of having valuable stuff on it. Also it'll drive them to complain more to nexon if they get hacked.

Wait, did I misinterpret that? I thought it meant that the dates have been going generally in order from july 07 to feb 08, not that they've been happening from that general area randomly the entire time
Reply
Kabanaw Wrote:Wait, did I misinterpret that? I thought it meant that the dates have been going generally in order from july 07 to feb 08, not that they've been happening from that general area randomly the entire time

I'm saying that if you're about to take a sample of information from a list of accounts, taking information from around that time of account creation has a greater profit margin than newer accounts. It also has more people where if they still play will b'itch to nexon if they get hacked.
Reply
Kabanaw Wrote:1)The nexon database is somehow ordered according to the date the account was created.

This is understood logically, a unique tag (number, hex, etc.) will be given to each new Nexon ID, in sequential order. So you can be safe to assume it's ordered by the time of creation. As to being targeted via this route, I cannot say much. Just know that even if you see a trend, it may be correlated to something else other than the account creation date itself, such as when the server was created, events that led to a spike of account creations, seasonality (more player play near the summer, so more account created around June-August), and other factors.
Reply
Kabanaw Wrote:Wait, did I misinterpret that? I thought it meant that the dates have been going generally in order from july 07 to feb 08, not that they've been happening from that general area randomly the entire time

its been in order, its not the case for all accounts, i am just saying that i have noticed that from the people i talk to in bellocan that around 3/4 of them fit the mold of having their accounts created in order from july 07- people hacked to day saying april 08.
the more recient hackings of the people i have talked to have not changed their pass or pins since at least before nov of 09. This might mean nothing at all or might be the holy grail of information.
Personally i think its just more proof of a bonafide database comprimize of some sort. i personally think there are several people who have split up the list of accounts and some of them are just more active at hacking people than others (the person(s) with the july 07-april 08+ list seems to be quite motivated and active).
Reply
its interesting that the "hacker/hackers" would go in any order, leads more to the database hacking idea. I wonder if its just the people that are being hacked in that time frame are the ones that are speaking up/still play and are aware of being hacked or is it "random" and the ones that are more out of order are inactive accounts that no one knows/cares to report as hacked.

Also could it be that a complete list was created and a group divided the list up and the ones that got that time frame are more active in the account draining. Another thought is maybe the others are taking the sneaky approach and just taking bits and pieces here and there to arouse less suspicion so that over time they can potentially gain more over time.....

A few people i've talked to have noticed one or two random things missing from accounts such as a million mesos here, a nep honey there, etc. They have promptly changed password/locked such accounts but it would seem that not all the hackers (if there are multiple people) aren't all out there to just destroy everyone, but rather to make maple easier for themselves... just a thought to contemplate
Reply
bored4ever86 Wrote:its interesting that the "hacker/hackers" would go in any order, leads more to the database hacking idea. I wonder if its just the people that are being hacked in that time frame are the ones that are speaking up/still play and are aware of being hacked or is it "random" and the ones that are more out of order are inactive accounts that no one knows/cares to report as hacked.

Also could it be that a complete list was created and a group divided the list up and the ones that got that time frame are more active in the account draining. Another thought is maybe the others are taking the sneaky approach and just taking bits and pieces here and there to arouse less suspicion so that over time they can potentially gain more over time.....

A few people i've talked to have noticed one or two random things missing from accounts such as a million mesos here, a nep honey there, etc. They have promptly changed password/locked such accounts but it would seem that not all the hackers (if there are multiple people) aren't all out there to just destroy everyone, but rather to make maple easier for themselves... just a thought to contemplate

Yeah, they're not doing this to be dicks, they just are because they're doing it. They're obviously doing this for prophit, because they take the items of immediate value- scrolls, WGs, PACs, etc.
Reply
My main account was created March 2008. Gulp.

Some of the hackers seem to concentrate on just one server. People have had characters stripped on one server but untouched with lots of valuables on another server. This could mean that some people's accounts have already been hacked and they wouldn't even know it if they didn't have significant NX to take and were not active on whatever server the hackers were on.

It's been said many times before, but worth repeating if it saves just one account:
Make sure that you have a decent password, 10-characters long minimum, with a random mix of numbers, lower case and upper case letters. Anything less than this may be be crackable using rainbow tables.

Examples of cracked passwords from project-rainbowcrack.com:
919003358553 cracked in 12 seconds, 12-digit, numbers only
ytnmallgl cracked 29 seconds, 9-digit, lower-case letters only
91e8uct92 cracked in 172 seconds, 9-digit, numbers and lc-letters
xHYqkUB2 cracked in 623 seconds, 8-digit, numbers, lc and uc letters

Note that simple reasoning would say an 8-digit numb+lc+uc should take:
62^8=218 trillion possibilities
Even assuming 1 billion tests per second should mean 218,000 seconds = 60 hours to crack.
NO, doesn't work that way.
Reply
Maple also allows punctuation (, . ; : ! ? etc. - probably anything you can type on a 101 key keyboard) which you might as well throw in, since most attacks start with # + uc + lc.
Reply
Kabanaw Wrote:Well, one of my accounts got hacked. Fortunately, the most valuable thing taken was a 16 att dragon khanjar

Fill out the form.
It's not having what you want - It's wanting what you've got.
Reply
Kabanaw Wrote:1)The nexon database is somehow ordered according to the date the account was created.
Obviously

Kabanaw Wrote:2)There's only one person or a small group of people doing this systematically. If they sort of go in order, that means they're organized.

We can't be certain that this is true, but it does seem realistic. From this information, we can assume that accounts before this area of time are safer- you can't assume you won't be hacked, but there's less of a chance. Don't let down your guard yet though, because either this is just a coincidence or they might double back for any accounts they missed.
The general way of doing such things is simply using hash crack attacks on the whole database in order to parse the passwords, but it's very well possible that the hackers read the "parsed" database from top to bottom (older to newer accounts) for organizing reasons. It's not like you can predict who's going to get hacked next, because you don't know which hashes did they manage to crack by now. The hackers aren't obligated to go by regular order either, they are probably just doing it because it's easier to know which accounts are already hacked this way.
Reply
Kortestanov Wrote:Obviously

The general way of doing such things is simply using hash crack attacks on the whole database in order to parse the passwords, but it's very well possible that the hackers read the "parsed" database from top to bottom (older to newer accounts) for organizing reasons. It's not like you can predict who's going to get hacked next, because you don't know which hashes did they manage to crack by now. The hackers aren't obligated to go by regular order either, they are probably just doing it because it's easier to know which accounts are already hacked this way.

Yeah, I meant that they're probably doing it to stay organized. They managed to find out how to get into Nexon's database, so they probably have some sort of system. They're most likely doing something on this scale not just for some personal vendetta, but because they want some sort of money. The best way to make sure they didn't miss any good accounts is to do it all in order. Of course, they could always go back to older accounts if they wished, so even if your account was the first ever created it doesn't mean your safe. However, I feel a little less afraid for my november '05 account to get hacked, but i'm still keeping a special character in the password until this gets sorted out.
Reply
Kabanaw Wrote:Yeah, I meant that they're probably doing it to stay organized. They managed to find out how to get into Nexon's database, so they probably have some sort of system. They're most likely doing something on this scale not just for some personal vendetta, but because they want some sort of money. The best way to make sure they didn't miss any good accounts is to do it all in order. Of course, they could always go back to older accounts if they wished, so even if your account was the first ever created it doesn't mean your safe. However, I feel a little less afraid for my november '05 account to get hacked, but i'm still keeping a special character in the password until this gets sorted out.
I highly doubt they do it for the money. As it currently seems, they are regular maple players\hackers that have a bit more technical understanding (or perhaps luck).
I don't see why would anyone try to hack maplestory for money, there is not much you can make (if they try to sell things they take from other people they will cause a huge deflation, and will probably be caught in no-time).
There are websites with a much weaker security (lets not forget GMS and most of the other maples managed to stay safe for a long time, which is not easy for a game targeted by so many hackers) that can lend a potential hacker much more money or information that can be sold.

My personal assumption on this case is, it was either done "for the lulz", in order to get "geek pride" among the other hackers, as a proof of concept ("yes we can" style) or as a revenge against either Nexon or the MapleStory community as a whole.

EDIT: also, a bit offtopic, what the pineapple is the points thing and from where did I get 11 of them?
Reply
Kortestanov Wrote:EDIT: also, a bit offtopic, what the pineapple is the points thing and from where did I get 11 of them?

http://www.southperry.net/forums/showthread.php?t=23670
It's not having what you want - It's wanting what you've got.
Reply
Kortestanov Wrote:I highly doubt they do it for the money. As it currently seems, they are regular maple players\hackers that have a bit more technical understanding (or perhaps luck).
I don't see why would anyone try to hack maplestory for money, there is not much you can make (if they try to sell things they take from other people they will cause a huge deflation, and will probably be caught in no-time).
There are websites with a much weaker security (lets not forget GMS and most of the other maples managed to stay safe for a long time, which is not easy for a game targeted by so many hackers) that can lend a potential hacker much more money or information that can be sold.

My personal assumption on this case is, it was either done "for the lulz", in order to get "geek pride" among the other hackers, as a proof of concept ("yes we can" style) or as a revenge against either Nexon or the MapleStory community as a whole.

EDIT: also, a bit offtopic, what the pineapple is the points thing and from where did I get 11 of them?

I figured I was vague, I meant in game money. I'm sure there's a group of nerds somewhere lulzing because they have billions of mesos.
Reply
MissingLink Wrote:It's been said many times before, but worth repeating if it saves just one account:
Make sure that you have a decent password, 10-characters long minimum, with a random mix of numbers, lower case and upper case letters. Anything less than this may be be crackable using rainbow tables.

Examples of cracked passwords from project-rainbowcrack.com:
919003358553 cracked in 12 seconds, 12-digit, numbers only
ytnmallgl cracked 29 seconds, 9-digit, lower-case letters only
91e8uct92 cracked in 172 seconds, 9-digit, numbers and lc-letters
xHYqkUB2 cracked in 623 seconds, 8-digit, numbers, lc and uc letters

Note that simple reasoning would say an 8-digit numb+lc+uc should take:
62^8=218 trillion possibilities
Even assuming 1 billion tests per second should mean 218,000 seconds = 60 hours to crack.
NO, doesn't work that way.
Rainbow tables wouldn't be usable if Nexon used a nonce/salt in their hashing algorithm (see: http://chargen.matasano.com/chargen/2007...out-s.html). As that article explains, if you store the salt in cleartext into the database, this is already enough to make rainbow tables essentially unusable. And the security would be even better if the salt was hashed and stored in a separate database on another server (and then you could configure that server to only accept IPs in Nexon's network).

So the only way to end this craze is for Nexon to upgrade security. At minimum, they need to start using a salt in their hashing algorithm (supposing that they do not already do so). It would be even better if they switched to a more secure hash algorithm and one without a known cryptanalysis (e.g., Eksblowfish, SHA-2 family, one of the SHA-3 Round 2 candidates, etc.). At this point, I suppose we need to (somehow) force/convince them to do it because it's now 1.5-2 months(?) and counting since these hackings started.
Reply
singularity Wrote:At this point, I suppose we need to (somehow) force/convince them to do it because it's now 1.5-2 months(?) and counting since these hackings started.

It'll probably be a whole year until they even think to acknowledge this epidemic. The only way they'll acknowledge it in the immediate future is if an admin account gets hacked, or if there is a huge drop off in players, causing them to acknowledge it to keep whatever players they have left.
Reply
if they only acknowledged the problem, me and many others would return. doing this means thatthey are not just blaming us and are potentially on the raod towards fixing the exploit...
Reply
Problem is there would have to be a significant drop in players for them to really get on their horses and do something. The fact i can google and find whats happening to all the players is sad enough. So what hime said about investigating really goes down the drain. Fixing the problem comes first. I myself wouldn't care if the game was down for a week for a major security update. It might be a lost of money but overall a lot of players would come back there for making what they lost back maybe even more.
Reply
Looks like Blizzard at least has a plan, and i think this is gonna be the future of all online security. http://www.wow.com/2010/01/08/blizzard-g...enticator/
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)