Recent Hackings and Steps to Ensure Account Safety.

[Ryko]

because getting hacked means you have a keylogger on your system....and if you have your password stored in POL, their keylogger will obviously download that file and decrypt it

:ashira:

Are you as stupid as you're making yourself seem?

[Zero Serenity]

4) Firefox

Firefox will not save you from your own human stupidity.

Throughput (IE) > All (Every other browser).

If this doesn't make sense, you should know by now that IE has the fastest rendering engine of every browser on the market for windows machines since the engine is built into the OS. Hell, Vista has XML loaded into it's core to boot. It's a quick and effecient system.

If you're smart and follow one simple rule you'll never have "safety" problems with browsing. It's called: Don't download anything you don't trust. Non-signed ActiveX controls (this was IE5-6's big problem) are by default not loaded without a prompt by IE7 or IE6-XPSP2/Vista.

Also, why did you make this thread about a WoW keylogger? Since when does this affect FFXI?

Better yet, let me warn you all of this:

DO NOT EVER USE A REGISTRY CLEANER!!!

They cause more errors than help. The registry is not a very big file to begin with. This comes from a company I work for that has a combined 100 years experience (Averaged out it's 5 years experience) with computer repairs. Cleaners are prone to remove important things like installation records, so don't use them. Please.

Best way to protect yourself has already been mentioned (Grisoft AVG Anti-Malware) plus you may want to load Safer Networking Spybot Search and Destroy for the immunizer function if you really don't trust yourself. Also turn your Windows firewall on. Dispite what people say about Microsoft products, this firewall is actualy pretty good. Easy to create exceptions and lock down the entire system on a whim.

Anyway, I'm actualy at work at the moment, so I'm going back to it. </rant off>

[rydiu]

because getting hacked means you have a keylogger on your system....and if you have your password stored in POL, their keylogger will obviously download that file and decrypt it

:ashira:

Are you as stupid as you're making yourself seem?

Saving your password into a plain text file is about the stupidest thing you can possibly do....

If someone has the means to find and decrypt the POL password stored on your system the certainly have the means to see through that lame trick.

[Spira]

I've been wondering...

with regards to the keylogging thing, would using an on-screen keyboard (ie. click-typing on the screen) work against the keylogs? Or does it still count towards typing normally by the PC?

I was also thinking... if you do type in your password, how about typing it in scramble.. like say.. if my password was scrambledeggs, i would type bled, then click to the front of the typed characters and type scram, then click to the end and type eggs. Would that be effective to avoid keylogging (the method, not the word)

Or, if u deliberately have notepad open, and alternate tab in between every few letters of the password?

I currently save my password so it auto-logs everytime. I felt that was convenient and somewhat safe because its supposedly encrypted... but I wonder..

[Ryko]

because getting hacked means you have a keylogger on your system....and if you have your password stored in POL, their keylogger will obviously download that file and decrypt it

:ashira:

Are you as stupid as you're making yourself seem?

Saving your password into a plain text file is about the stupidest thing you can possibly do....

Assuming a person were manually searching for a text file with your password in it, which I'm going to go out on a limb and say isn't happening in, oh, say about 100% of the recent account loss cases. You know, give or take 0.

[rydiu]

because getting hacked means you have a keylogger on your system....and if you have your password stored in POL, their keylogger will obviously download that file and decrypt it

:ashira:

Are you as stupid as you're making yourself seem?

Saving your password into a plain text file is about the stupidest thing you can possibly do....

Assuming a person were manually searching for a text file with your password in it, which I'm going to go out on a limb and say isn't happening in, oh, say about 100% of the recent account loss cases. You know, give or take 0.

And you somehow KNOW these accounts were stolen due to keyloggers?

gtfo

[Spira]

Saving your password into a plain text file is about the stupidest thing you can possibly do....

This, i have to agree tho. Its one of the biggest mistakes that many people make that result in identity theft when they get hacked into. (especially Credit Card info, how could people be so stupid?)

I see the point in doing copy and paste, but this comes with an inherent risk that could be bigger than getting someone who knows how to decrypt your password

[Airenn]

I did not make it about a WoW. First thing I found that was coherent about the files we've been discovering was that post on a forums, and it was a good post. I gave it to my LS and then just copy/pasted what I put on our forums to here so people can see what he said.

Also, people are not gettign this from clicking on ActiveX control links, or by downloading anything, if I am recalling right. All it takes is to view the site that has the keylogger in it, to get it.

EDIT To Spira: For me, it's fine. No one accesses my cop but me, and I am fairly certain I am safe from these problems/people entering my computer.

Besides, I didn't say, everyone save your CC info to a txt file on your desktop now. I'd much rather have a small txt file somewhere on my comp with my POL password at this point than typing it into that field, though. :3

But to be fair, as Charlotte stated, you can save it to a floppy/CD and be even safer. Probably the best way to go.

[Ryko]

And you somehow KNOW these stolen accounts were due to keyloggers?

gtfo

Ok, so you are as stupid as you're making yourself seem. I don't need to know that it's specifically a key logger for what I said to be true. Unless you're going to sit here and actually try to state that the recent account losses were because people snuck into their houses (or had remote access to their PCs) and found a random text file with their password in it.

Right.

[rydiu]

ryko, you're a fucking moron....shut up before you make yourself look even stupider...

Let me spell it out:

If someone is hijacking your shit with a key logger they are using one of the most primitive methods available....if you have your password stored in POL it is encrypted in a file that is somewhat hidden and that requires several levels of much more advanced technology to break through.

If you are storing a password in a plain text file you are saying "HAY SCRIPT KIDDIES, STEAL MY ACCOUNT" cuz there are an exponentially greater number of punks who would figure that out than who would figure out how to crack POL.

Ryko you fail. The recent account losses were due to operator error....99%

[Zero Serenity]

Also, people are not gettign this from clicking on ActiveX control links, or by downloading anything, if I am recalling right. All it takes is to view the site that has the keylogger in it, to get it.

Um...no. You haven't a clue what you're talking about. Unless this is hacked in like a worm. Go back to your little LS forums. I'm a little annoyed at your ignorance of computer tech at the moment.

[Ryko]

ryko, you're a fucking moron....shut up before you make yourself look even stupider...

Let me spell it out:

If someone is hijacking your shit with a key logger they are using one of the most primitive methods available....if you have your password stored in POL it is encrypted in a file that is somewhat hidden and that requires several levels of much more advanced technology to break through.

If you are storing a password in a plain text file you are saying "HAY SCRIPT KIDDIES, STEAL MY ACCOUNT" cuz there are an exponentially greater number of punks who would figure that out than who would figure out how to crack POL.

Ryko you fucking fail.

You're missing the point, moron. The 2 parts of cracking a saved password is knowing where to look for it (duh) and then decrypting it. It's rather obvious they have the second part down or else, duh, people wouldn't be losing their shit now would they? Since the second part is a given then you don't want to give them the first. You're telling me that they're going to sit there and look through each and every single one of your files with remote access? You're a fucking dingbat to think that and you know damn fucking well that's happened in zero cases of accounts lost. What you're trying to do is keep them from manually inputting or automatically saving their passwords.

This is to say that for all your self-proclaimed knowledge of how technology works and how real account stealers wouldn't be so elementary to use keyloggers, you don't realize that there have been dozens of accounts lost to keyloggers alone.

[Airenn]

by the way, what it boils down to is what you are comfortable with

I am in no way saying you are safe by making a text file as said above.

I am in no way saying you should, I am only giving options to this problem.

For me, it works, I feel safer doing this method. (I use notepad daily and have like 10 saved to many diff locations, randomly, depending on where they need to go, with random shit. <3)

For Charlotte, maybe making it onto a CD makes her feel safe.

For others, typing isn't a problem, they feel fine, and others storing is their way to go.

Mostly, I am trying to bring it to people's attention to get this malware OFF machines asap.


Also, LOL @ Zero being a douche. Seriously, go be less constructive elsewhere, please, I am just trying to help with what I have. I don't recall saying I was a comp guru at all, in fact, I think I mentioned somewhere I am not that great with computers in general. <3 people like you tho, you make the world a funnier place.

Also EDIT:

Can someone clarify how the keylogger from Alla or whatever was obtained? Was it something you clicked on, or got just by viewing the page?

[rydiu]

All they have to do is monitor your computer with a modified version of process explorer and see what files you are opening and they will have your password.... there is no right-click paste option in POL so they will see a control-v and know you just pasted some shit in there and start looking for that password.

The bottom line is if someone wants your ffxi account that bad and you don't keep your computer secure in the first place, they will get it.

The bottom line when it comes to storing passwords is the most secure method is having a 15 digit (MAX LENGTH) password as random as possible and let POL store it for you.... even if they know how to locate the stored password, it is still not a trivial task to decode and decrypt it.

[Zero Serenity]

I don't recall saying I was a comp guru at all, in fact, I think I mentioned somewhere I am not that great with computers in general.

It's this statement alone that says we shouldn't listen to you about computer technology. You obviously are clueless, just spitting information you heard from others.

[Airenn]

I don't recall saying I was a comp guru at all, in fact, I think I mentioned somewhere I am not that great with computers in general.

It's this statement alone that says we shouldn't listen to you about computer technology. You obviously are clueless, just spitting information you heard from others.

Like to see you do something to try and help people then. <3

Because obviously people can only try to help others with information if they are a guru, a master, a fucking computer genius. Shit, I'm sorry guys, I didn't know I had to have a license/degree to help you all out.

[Khamsin]

ryko, you're a fucking moron....shut up before you make yourself look even stupider...

Let me spell it out:

If someone is hijacking your shit with a key logger they are using one of the most primitive methods available....if you have your password stored in POL it is encrypted in a file that is somewhat hidden and that requires several levels of much more advanced technology to break through.

If you are storing a password in a plain text file you are saying "HAY SCRIPT KIDDIES, STEAL MY ACCOUNT" cuz there are an exponentially greater number of punks who would figure that out than who would figure out how to crack POL.

Ryko you fail. The recent account losses were due to operator error....99%

Good thing your password isn't stored in memory in plain text or anything.

[Ryko]

All they have to do is monitor your computer with a modified version of process explorer and see what files you are opening and they will have your password.... there is no right-click paste option in POL so they will see a control-v and know you just pasted some shit in there and start looking for that password.

http://img162.imageshack.us/img162/9...ourselfxq7.jpg

Kill yourself you mouthbreather.

[rydiu]

I'm sure most keyloggers check mouse-clicks as well...

[Ryko]

This is where you backpedal, right? You were dead sure about something simple as shit in a program you used daily for years (and you were wrong), you being pretty sure on anything is laughable. Stop shoving your damn foot in your mouth you fucking tryhard.