Item Search
     
BG-Wiki Search
Page 13 of 47 FirstFirst ... 3 11 12 13 14 15 23 ... LastLast
Results 241 to 260 of 931
  1. #241
    Salvage Bans
    Join Date
    Jun 2006
    Posts
    829
    BG Level
    5

    Quote Originally Posted by Cream Soda View Post
    Anyone w/ firefox + the goodies been hit yet?
    Yes, it's been hitting people on FireFox + NoScript etc.

  2. #242
    Old Merits
    Join Date
    Jan 2007
    Posts
    1,102
    BG Level
    6
    FFXI Server
    Phoenix

    I'm wondering if a DNS poisoning or malware using a system they control as a proxy for your FF connections is one possibility. they could then in theory cut off your proxy access and hijack the session as they were already a hop in the communication.

    What sticks in my mind are those that DC, but people in game just see the red dot; followed by the run to dbox/jeuno without ever fully disconnecting.

  3. #243
    I'm more gentle than I look.
    Mr. Feathers AKA Mr. Striations
    All hail Lord Yamcha

    Join Date
    Aug 2007
    Posts
    17,538
    BG Level
    9

    Quote Originally Posted by Narse View Post
    Yes, it's been hitting people on FireFox + NoScript etc.
    boo

  4. #244
    Nidhogg
    Join Date
    Jun 2007
    Posts
    3,527
    BG Level
    7
    FFXI Server
    Odin
    WoW Realm
    Lightbringer

    Quote Originally Posted by Narse View Post
    Yes, it's been hitting people on FireFox + NoScript etc.
    Are we even sure that the people using Firefox + NoScript that were compromised have it configured properly to actually block Flash, FRAMEs, and IFRAMEs (and apply those settings even to trusted sites)? NoScript out of the box won't really cover your ass from the exploits in the past, im sure it wouldn't protect people from the current problems in its default state.

    I don't think people are deliberately blowing smoke up our asses, but when a person in one of my social LSs claimed two days ago that they were 'hacked by windower even with a security token' and I ask them if they use IE and frequent FFXI sites and they tell me 'yes' I realize the source of my information isn't exactly the best...

    I think we need more detailed information from those infected. What exactly were their Internet browsers, versions, and settings, and exactly which FFXI sites do they frequent. Noone seems to have been able to pin down exactly what this exploit is, or how it is getting loaded into machines (the recent Flash exploit comes to mind), and that bothers me a little.

  5. #245
    Relic Shield
    Join Date
    Apr 2009
    Posts
    1,514
    BG Level
    6

    Quote Originally Posted by Izzy View Post
    Windower has nothing to do with this. Everyone that posts on this forum just happens to use it. There's a thread over on alla about the same thing, where they're all anti-windower.
    One does have to look at all possibilities or common traits between the users who have been compromised and to simply dismiss one factor is imo careless. There are windower users on alla but being that talking about it is looked down upon, people do not openly discuss it as prevalently as on a forum where you will not be bashed or locked for it.

    Also, if everyone posting on this forum uses it, then perhaps I am not posting because I don't use it.

  6. #246
    Nidhogg
    Join Date
    Jun 2007
    Posts
    3,527
    BG Level
    7
    FFXI Server
    Odin
    WoW Realm
    Lightbringer

    Quote Originally Posted by Mistress Stowastiq View Post
    One does have to look at all possibilities or common traits between the users who have been compromised and to simply dismiss one factor is imo careless.

    Also, if everyone posting on this forum uses it, then perhaps I am not posting because I don't use it.
    It's possible people are getting compromised by bad windower versions, but based on the descriptions of what is happening it seems extremely unlikely that windower would be required for this hack to work. I have a feeling that, as usual, the culprit is probably paid ad banners on FFXI and related gaming sites. For all we know this exploit might be targeting more than just FFXI, and it you have any related programs (FFXI, WoW, etc.) your shit gets jacked.

  7. #247
    Relic Shield
    Join Date
    Apr 2009
    Posts
    1,514
    BG Level
    6

    Quote Originally Posted by Seraph View Post
    It's possible people are getting compromised by bad windower versions, but based on the descriptions of what is happening it seems extremely unlikely that windower would be required for this hack to work. I have a feeling that, as usual, the culprit is probably paid ad banners on FFXI and related gaming sites. For all we know this exploit might be targeting more than just FFXI, and it you have any related programs (FFXI, WoW, etc.) your shit gets jacked.
    Understood. I am not in any format, trying to say it is windower to blame. I know nothing about how the program works and do not have the technical knowledge to even guess about any program other than by process of elimination.
    I am simply stating that I think it is wise to consider every factor in common between the people who have been compromised instead of dismissing something.

    tl;dr I am trying to help assemble factors we all can go by to protect ourselves.

  8. #248
    E. Body
    Join Date
    Mar 2006
    Posts
    2,333
    BG Level
    7

    Quote Originally Posted by Hanyoko View Post
    I'm wondering if a DNS poisoning or malware using a system they control as a proxy for your FF connections is one possibility. they could then in theory cut off your proxy access and hijack the session as they were already a hop in the communication.

    What sticks in my mind are those that DC, but people in game just see the red dot; followed by the run to dbox/jeuno without ever fully disconnecting.
    that actually makes a lot more sense than what i was postulating, basically the reverse of my thinking.

    for those that didn't understand what hanyoko suggested, it essentially means that the RMT alter your computer to log in by bouncing your connection through an RMT's server. then at will, they can cut your connection through their server and take control of your login themselves. you never log off since their server stays on line and assumes control of your current log in, and they are then able to pilfer all your stuff.

    this would be brain dead easy to detect though, by simply capturing where the login on an infected machine goes to. if it routes to china, a dynamic ip, or anything that's not owned by SE, we've got a lot of the puzzle pieces put together. if not, well we can take that off the table.

    i realize that i'm probably committing heresy by asking, but have any non-windower users been hit? since portions of windower do auto update, a great way to slow us down and distribute the malware wide and far would be to infect say the spellcast update repository. the result of this would be not only installing the malware on a vast number of systems, but also targeting generally higher value accounts (those who know about windower and how to use it tend to be the more hardcore players and not the lvl 25 newbies) as well as stowing it in a resource we're trained to assume is genuine and safe. am i pointing the finger at windower developers? absolutely not. am i trying to incite a panic and get people to stop using windower? no. only mentioning it as a possibility as we attempt to research this phenomenon more. most likely this is not the case as if it were, we'd be hearing a LOT more accounts being jacked, but we can't sweep it off the table either.

  9. #249
    WASTE OF CURRENCY
    I CAN'T I CAN'T I CAN'T

    Join Date
    Feb 2006
    Posts
    9,065
    BG Level
    8
    FFXIV Character
    Izzy Izumi
    FFXIV Server
    Sargatanas
    FFXI Server
    Phoenix
    WoW Realm
    Arthas

    Quote Originally Posted by Narse View Post
    Yes, it's been hitting people on FireFox + NoScript etc.
    Have they enabled "Block <IFRAME>"?
    Do they have all scripts enabled?
    Do they randomly allow domains just to get webpages working?

    Just having firefox/noscript does not make you invulnerable. You have to know how to use them too.

  10. #250
    Brown Recluse
    Sweaty Dick Punching Enthusiast

    Join Date
    May 2006
    Posts
    28,168
    BG Level
    10
    FFXI Server
    Unicorn

    I was just reading on Alla, that PS2 and Xbox accounts are getting hacked too.

    Shit is scary.

  11. #251
    Relic Shield
    Join Date
    Apr 2009
    Posts
    1,514
    BG Level
    6

    Quote Originally Posted by Dimmauk View Post
    I was just reading on Alla, that PS2 and Xbox accounts are getting hacked too.

    Shit is scary.
    Don't panic.

    I asked Aikar earlier for help with this but he is probably very busy with his forum. I don't know if SE is being properly informed about this. Is everyone who is hacked giving a detailed analysis of the problem to GM's and customer service? likely not.

    So I figured I should send a notification to SE about the problem but I want it to be concise so that it demonstrates what the actual format is on the majority of the attacks, not a bunch of garble or assumptions.

    I have no clue what to tell them as far as technical data so I am trying to encourage people to help me with this or either emailing SE themselves or contributing to a common post where the description of the problem can be defined.

    People who are reporting it to get their accounts restored or rolled back, please do what you can to explain to SE if you feel it is not a standard compromised account issue.

  12. #252
    Brown Recluse
    Sweaty Dick Punching Enthusiast

    Join Date
    May 2006
    Posts
    28,168
    BG Level
    10
    FFXI Server
    Unicorn

    I just read an article about this too

    Mr. Stewart recently decoded a particularly nasty Trojan that uses a real-time technique called Clampi, which is used to attack people who have access to corporate bank accounts with large balances.

    When people visit Web sites that have been taken over by the hackers, the software is surreptitiously downloaded onto their machines. Clampi has an unusual feature that can take advantage of a vulnerability in Windows and spread itself to all of the computers on a corporate network. Mr. Stewart found that each of those machines, in turn, was programmed to notice when their users visited any of 4,600 specified Web pages, including banks, brokerages and other sorts of sites.

    Then Clampi starts sending a real-time stream of the user’s actions using a modified version of standard instant messaging software. The hackers log into the user’s bank account, quickly copying the one-time password if one is used. They start initiating wire transfers to accomplices (mules is the term of art) who send the funds on to the crooks. Sometimes they have even set up “mules” or fake employees who earn fat salaries by direct deposit.

    One victim of Clampi was Slack Auto Parts in Gainesville, Ga., which lost $75,000 to the scam, according to a post in the Washington Post’s Security Fix blog.

    Clampi appears to be operated by a single gang, Mr. Stewart said. He infers that the hackers speak Russian because that language is used in the computer code. Other similar Trojans, including ZeuS and Silentbanker, are being sold to many different groups of cybercrooks. (Here is an article from USA Today about the hacker behind ZeuS.)

    Does this all mean that all those password gizmos are a waste of money? Not exactly. They still protect against less sophisticated forms of password phishing, not to mention people just looking over your shoulder as you log onto your computer. Moreover, if you can keep your computer clean of malware by avoiding suspicious e-mail attachments and Internet downloads, you are safer.

  13. #253
    Banned.

    Join Date
    Sep 2007
    Posts
    92
    BG Level
    2
    FFXI Server
    Sylph
    I have a rock solid solution to screw any RMT that DOES get a hold of your account...AUGMENT ALL YOUR ITEMS. Solved. You're welcome.

    Really though we know SE won't do shit and they're content to just collect our 14.95+ a month to put out little bullshit updates about handyman moogles and MORE crystals. FF14??? Yeah right. If their policies for 11 are any hint I think i'll be staying clear of the next one and of SE in general. If FF13 stinks it will be their last game I buy. Everything they put out anymore is garbage.

  14. #254
    Nidhogg
    Join Date
    Feb 2008
    Posts
    3,790
    BG Level
    7
    FFXIV Character
    Tsugaru Mifra
    FFXIV Server
    Hyperion
    FFXI Server
    Ragnarok

    Quote Originally Posted by tarumalphius View Post
    I have a rock solid solution to screw any RMT that DOES get a hold of your account...AUGMENT ALL YOUR ITEMS. Solved. You're welcome.
    Yes augment your osode.

  15. #255
    Cerberus
    Join Date
    Jun 2007
    Posts
    409
    BG Level
    4

    Quote Originally Posted by Dimmauk View Post
    I just read an article about this too
    This can get good considering it describes almost to a tee the theories that's been devised and discussed in this thread. Maybe the chinamen bought a copy for FFXI only?

  16. #256
    Banned.

    Join Date
    Sep 2007
    Posts
    92
    BG Level
    2
    FFXI Server
    Sylph

    Quote Originally Posted by xopher View Post
    Yes augment your osode.
    You mean your Osode isn't augmented??? Noob.

  17. #257
    Brown Recluse
    Sweaty Dick Punching Enthusiast

    Join Date
    May 2006
    Posts
    28,168
    BG Level
    10
    FFXI Server
    Unicorn

    Quote Originally Posted by Kaces View Post
    This can get good considering it describes almost to a tee the theories that's been devised and discussed in this thread. Maybe the chinamen bought a copy for FFXI only?
    Or they are paying someone to help them get access to the hacked sites, or paying to have certain sites hacked.

    It feels like RMTs bought a Bot so the can claim our accounts faster.

  18. #258
    Mrp
    Mrp is offline
    New Merits
    Join Date
    Jun 2006
    Posts
    226
    BG Level
    4

    I came here to share my being hacked experience to prevent other people from getting hacked. But i got flamed by SKYJIE RETICE douchebags.
    I was not here to complain or cry. I though this thread was made to find where and how people got hacked and not bash on people that use internet explorer and get hacked.

  19. #259
    Fishing Guru
    Join Date
    Jan 2007
    Posts
    4,722
    BG Level
    7

    Quote Originally Posted by tarumalphius View Post
    I have a rock solid solution to screw any RMT that DOES get a hold of your account...AUGMENT ALL YOUR ITEMS. Solved. You're welcome.
    Pretty sure I can't augment my kraken club or novio earring?

  20. #260
    Banned.

    Join Date
    Sep 2007
    Posts
    92
    BG Level
    2
    FFXI Server
    Sylph

    Quote Originally Posted by cdgreg View Post
    Pretty sure I can't augment my kraken club or novio earring?
    Mine are. You also would be a noob sir.

Page 13 of 47 FirstFirst ... 3 11 12 13 14 15 23 ... LastLast

Similar Threads

  1. What in the fuck is going on with Ancient Currency prices?
    By Avarice in forum FFXI: Everything
    Replies: 22
    Last Post: 2009-01-12, 05:21
  2. Ok what the hell is up with Roc?
    By S N K in forum FFXI: Everything
    Replies: 49
    Last Post: 2008-06-28, 21:00
  3. Oldschool players with JP Accounts & The new Expansion
    By Lyramion in forum FFXI: Everything
    Replies: 39
    Last Post: 2007-11-24, 01:31