Poll: Have you been hacked since the implementation of PIC?
You do not have permission to vote in this poll.
Yes
2.88%
3 2.88%
No
97.12%
101 97.12%
Total 104 vote(s) 100%
* You voted for this item. [Show Results]

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Have you been hacked since the implementation of PIC?
#21
Kalovale Wrote:Demanding a poll check.

i dunno think you can check x_x ... mayb some1 just messing with us?

the person that vote "yes" .. please share ur story...
Reply
#22
They cant thanks to keyboard soft.
Reply
#23
Asumi Wrote:They cant thanks to keyboard soft.

That would mean keyloggers weren't effective against pins either. Tongue
They snapshot mouse clicks.

PICs don't protect you from keyloggers anymore than PINs did. We aren't looking for responses from people who got keylogged or phished. They are retarded.
Reply
#24
Atuan Wrote:That would mean keyloggers weren't effective against pins either. Tongue
They snapshot mouse clicks.

PICs don't protect you from keyloggers anymore than PINs did. We aren't looking for responses from people who got keylogged or phished. They are retarded.
They snapshot mouse clicks, meaning that they know the locations that the mouses click in. AFAIK, they work they same way that macros work. They don`t take a screenshot every time a mouse clicks, they take the location of it and record that. Due to the fact that the buttons change every time, you can`t exactly record that through a keylogger.
I may be mistaken, but from my knowledge of it, that`s how it works.

LF>The two people who voted yes to speak up.
Reply
#25
y0y0y0y0shi0 Wrote:They snapshot mouse clicks, meaning that they know the locations that the mouses click in. AFAIK, they work they same way that macros work. They don`t take a screenshot every time a mouse clicks, they take the location of it and record that. Due to the fact that the buttons change every time, you can`t exactly record that through a keylogger.
I may be mistaken, but from my knowledge of it, that`s how it works.

LF>The two people who voted yes to speak up.

For that to be plausible, they'd either have to know have layout for when the PIC menu comes out [a one-time screenshot at character select], they'd need to unrandomize the PIC screen themselves [work], or they'd have to capture pixels and hope the person mouses over a number enough to tell what's what [what]. Knowing at what locations the mouseclicks were is worthless unless they know what is going on there.

A very small snapshot taken on mouseclick, as opposed to an entire screenshot, would do it discreetly. I guess a strange pattern would be indicative of your proposed method, but no one really seems to pay attention to that stuff to tell us enough.

*8x15 pixels is enough to show the number clearly. [Image: tW9JA.png], though it will probably be larger if thats how these people are actually doing it. Considering you can click any part of a rather large button and get input.

Or they could put a RAT on you and watch. Olawd.

**Edit2: You can CTRL+C a PIC and paste it into notepad to see all of its glory. Password, too. Has it always been this way?
Reply
#26
Atuan Wrote:That would mean keyloggers weren't effective against pins either. Tongue
They snapshot mouse clicks.

PICs don't protect you from keyloggers anymore than PINs did. We aren't looking for responses from people who got keylogged or phished. They are retarded.

I dont think a keylogger works like that, if they do stop asking if PIC is a good choice or no if a keylogger can "See" what are we are clicking its obvious we are fucking doomed.
Here must be a lot of retarded ppl then I guess...
Reply
#27
Asumi Wrote:I don't think a keylogger works like that. If it does, people should stop asking whether or not the PIC has improved security. If a keylogger actually works the way you described, it is obvious we are pineappleing doomed. Must be a lot of retards here.

No, keyloggers are moot, I was just answering a question and dismissing it. They aren't relevant. Everyone wants to know if anyone has gotten hacked again or under similar circumstances of those hacked in the recent wave after setting a *PIC*.
Keyloggers are a non-issue for anyone who isn't retarded. Most people who were caught in this wave were not keylogged. Our data was compromised elsewhere. This and Fiel's thread's purpose is to see if anyone is capable of doing it that particular way again, though this thread is premature. I'm sure the 2 votes are either keylogged people or others doing it for shits and giggles.
Reply
#28
I thought you guys might be interested in this discussion on the official Nexon forum. Any thoughts?

http://forum.nexon.net/MapleStory/forums...hread.aspx
Reply
#29
Fumni Wrote:I thought you guys might be interested in this discussion on the official Nexon forum. Any thoughts?

http://forum.nexon.net/MapleStory/forums...hread.aspx

What thoughts are there anyway? If his e-mail has been taken control of, what cannot be done?
Reply
#30
Kalovale Wrote:What thoughts are there anyway? If his e-mail has been taken control of, what cannot be done?

He is making claims of his e-mail and Maple account being hacked without any alleged keyloggers or information sharing, and this was after he implemented a PIC. Is he overexaggerating his claims, or did the hackers change their tactics?
Reply
#31
Wasn't getting hacked via email the most common method prior to the wave of the last 3 months?
I wouldn't rule out the possibility that no keylogger, sharing or physhing was involved. I have seen posts that hint that the registered email can be retrieved without knowing password first.
A lot people seem to cling to the belief that keyloggers are to blame for most hackings, but keyloggers really don't seem to be that common. I guess they want to believe in keyloggers or physhing rather that some unknown mysterious method, since only dummies would fall for such tricks, so therefore they feel safe.

Also: LOL at the physhing Google ad on the main page.
Reply
#32
Fumni Wrote:He is making claims of his e-mail and Maple account being hacked without any alleged keyloggers or information sharing, and this was after he implemented a PIC. Is he overexaggerating his claims, or did the hackers change their tactics?

How can his e-mail password get changed anyway? If his secret question is known without ever being inputted (why would he need to input that info?), I assume it to have been done via social engineering. And with his e-mail being taken control of, what cannot be done regarding his MS account?

Considering he uses Nexon's forums, most likely he can also be found on Facebook and what-not.
Reply
#33
Kalovale Wrote:How can his e-mail password get changed anyway? If his secret question is known without ever being inputted (why would he need to input that info?), I assume it to have been done via social engineering. And with his e-mail being taken control of, what cannot be done regarding his MS account?

Considering he uses Nexon's forums, most likely he can also be found on Facebook and what-not.

It's been pointed out that there are various email provider security issues and exploits, some have even been posted in detail on this forum. Using the maple website exploit God posted you could get all of the information you need in order to take control of the email via their exploits.
Reply
#34
I think a poll option should be were you hacked before they implimented PICs. Chances are, you won't get hacked twice unless you're REALLY unlucky.
Reply
#35
Fumni Wrote:He is making claims of his e-mail and Maple account being hacked without any alleged keyloggers or information sharing, and this was after he implemented a PIC. Is he overexaggerating his claims, or did the hackers change their tactics?

He's bsing, as hackers don't normally change passwords, yet he had to use an alternate account to access the forums.

Come on, who voted yes?
Reply
#36
Fumni Wrote:I thought you guys might be interested in this discussion on the official Nexon forum. Any thoughts?

http://forum.nexon.net/MapleStory/forums...hread.aspx
Although this is before the hacking epidemic, I myself have been a victim of complete takeover. The hacker got into my email, changed my info on Maple using my email, and stole "a few" things. He also somehow managed to change my email's password as well. I managed to get everything back by using the secret question in my email, and continuing by going through the emails requesting for a pin reset and password reset that the hacker had carelessly left unattended... How he got into my email is beyond me. Having a completely randomized password, a really good secret question, and no keyloggers.....
My point is, I doubt this sort of thing would be done by the hackers that have sprung up recently.
Reply
#37
I was inactive during the patch. There was no PIN to stop him and I had not yet made a PIC. How they got my pass and username is beyond me, though.
Reply
#38
I think that it's just a matter of time until someone finds where the PICs are stored, if not in the same place. I'm not really worried about it though, since I was already hacked.

I have a relatively weak PIC, it's just a string of numbers. But I'm not worried, because just a 6 number PIC is 100 times stronger than a pin, 7 is 1000, 8 is 10,000, 9 is 100,000, and just 10 characters is 1 million times stronger than a pin. And since I'm pretty sure my pin was not obtained from a cracker but from the database anyways, I don't think it really matters how long or complex my PIC is.
Reply
#39
BombsAway Wrote:It's been pointed out that there are various email provider security issues and exploits, some have even been posted in detail on this forum. Using the maple website exploit God posted you could get all of the information you need in order to take control of the email via their exploits.

That means Fiel's test was doomed to fail from the start, and there is nothing we can ever do about our own security, if the e-mail providers don't proceed to fix those exploits? Doesn't sound good to me.
Reply
#40
Kalovale Wrote:That means Fiel's test was doomed to fail from the start, and there is nothing we can ever do about our own security, if the e-mail providers don't proceed to fix those exploits? Doesn't sound good to me.

There are things one can do if using gmail to protect their accounts and only moments after this was posted I sent Fiel the proper procedure to protect his. I don't know about the hotmail exploit, though. But yeah, it's a string of sloppiness that's going to continue to unravel..
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)