Forum Settings
       
Reply To Thread

Keylog Attack ~How My Story Ended~Follow

#27 May 15 2007 at 12:29 PM Rating: Decent
**
726 posts
Curiosity question in regards to this type of situation.

Why would SE create software that boots the 1st person logged onto the account if a 2nd user logs onto that same account?

We have remote access and whatnot at my work place. However, if you are logged into something at work or at home, if a 2nd person tries to log in then they get an error message stating that that account is already in use.

Why can't SE have it so that the 2nd person gets an "account already in use" message.

Or am I not thinking straight?
#28 May 15 2007 at 12:34 PM Rating: Decent
Scholar
****
6,631 posts
Quote:
Curiosity question in regards to this type of situation.

Why would SE create software that boots the 1st person logged onto the account if a 2nd user logs onto that same account?

We have remote access and whatnot at my work place. However, if you are logged into something at work or at home, if a 2nd person tries to log in then they get an error message stating that that account is already in use.

Why can't SE have it so that the 2nd person gets an "account already in use" message.

Or am I not thinking straight?


I think no matter which way you do, you just going to have another problem. Sometimes know you can do that, you can boot yourself offline while away from home and still can access your character.

So it works both way.
____________________________
Amanada (Cerberus-Retired) (aka MaiNoKen/Steven)
-- Thank you for the fun times in Vana'diel

Art for the sake of art itself is an idle sentence.
Art for the sake of truth, for the sake of what is
beautiful and good — that is the creed I seek.
- George Sand

A designer knows he has achieved perfection,
not when there is nothing left to add,
but when there is nothing left to take away.
- Antoine de Saint-Exupéry
#29 May 15 2007 at 12:36 PM Rating: Good
****
5,870 posts
Errors wrote:
Just to let folks know about .zip files please keep in mind that .zip files are for all tense and purposes executables. Treat .zip files as you would see a random .exe file from a random person you don't know. It is very easy to have a program executed while opening .zip file, hell it's an option developers use from time to time to run content for a client demo in my line of work. So, I can easily see it running other maleware when executed.

To the OP (or anyone else affected), sorry to hear what has happened to you. I hope you manage to get your account back.


The zip file he downloaded had an .ini file and an .exe file. The .ini looks legit even thought it's bogus data, the .exe is the keylogger.

And I can't believe SE hasn't tried to cockblock some of these spammers. It's a shame we have no legal recourse for such childish bullshit as far as the game is concerned. All the OP and every one else who got those /tells can do is beware.
#30 May 15 2007 at 2:11 PM Rating: Decent
SE policy for password reset is of no help to someone whose account got hacked. I told them mine did and provided all the info and then said that whoever has my account changed the CC info. I told them I can provide previous CC and even tell them the old password but nope. I need the current credit card number is what the guy told me. So what are you supposed to do if someone changes your credit card. Why is there no security vertification when changing billing information? Some wrote that in here "When your account gets hacked SE basically tells you tough ****."
#31 May 15 2007 at 2:22 PM Rating: Excellent
Hello Hiro, I called SE and did the speak and the dance and they said there was nothing that could be done. Breaks my heart to hear this and everyone cannot understand how SE can be so out of touch with their customers as to only key on the CC issue and not the fact that You have all the registration numbers and account information.

I am so angry with SE at the moment and so upset that this happened to You of all ppl. You and Mira love the game and all your efforts to support each phase of it goes for nothing if SE cant assist you in your goal to get this resolved.

Hang in there Hiro and if there is anything I or anyone can do, YOU know we will be there. I have a couple million gil i can donate and time to assist You ingame. Please let me know.

Love you long time <3

Katalena <Ramuh> Sweet Kata of Virtue.... The redheaded Mithra
#32 May 15 2007 at 2:27 PM Rating: Excellent
29 posts
2nd call yielded nothing. The woman I talked to this time was far less educated and fluent with XI than the previous one. She gave me no information about my status and pretty much just blew me off...which wasn't exactly pleasing. None the less she did give me the information that if this is indeed a large scale issue, and they receive many GM and Support calls on it, they will do something about it. That sounds like my best bet~ so it seems like for now I just need to be patient, and call once/twice p/day until they draw a conclusion for what they'd like to do.

Thank you Kata for your response. I'm working towards what I can to get this resolved. I'm not entirely sure what I'll do if I can't get Hiro back, but I plan on being the squeakiest wheel SE's ever dealt with until I get a definite answer. Until that time, I'm just fighting the battle, and I plan to win if it's possible. I thank everyone again for calling, and I urge you to do GM Calls and/or SE Support calls to help not only myself, but anyone/everyone that was afflicted by this Keylogger.
#34 May 15 2007 at 2:41 PM Rating: Good
*
74 posts
Same thing happened on Valefor server. I just sent a tell back saying "hahaha" then blisted him.

Contacted a GM and they said they will look into it.

Seems like other people have got this message to on my server from a guy called
phapribant.


#35 May 15 2007 at 11:34 PM Rating: Decent
I remember hearing stories of people selling their account and taking their account back from their account buyer with some info besides their cc #. Something about name, address, b-day, ss#, account registration #, and what not. So you can try that.
#36 May 16 2007 at 12:01 AM Rating: Decent
I GM'd the guy on valefor.

Got the message that due to the volume of complains on the subject my complaint wouldn't be personally addressed.
#37 May 16 2007 at 12:11 AM Rating: Decent
***
1,719 posts
This truly sucks no one can argue that one bit however where has internet common sense gone?

I am sorry but if I see a link to a random link I will not go to it simply for this reason. It is very easy to drop keyloggers and torjan horses on to a remote desktop providing the end user opens or executes anything.

I am not insulting you at all, I am sorry it happened however in the future run a virii scan on items you are not sure of, or plain don't visit those sites. If you are curious do it from another machine that you don't care about to much if you have one as then redoing the OS is no big deal.

Good Luck to you in the future and again sorry you were struck down.
#38 May 16 2007 at 12:27 AM Rating: Decent
Sorry, but your system was compromised because of a lack of judgment. You visited the site, you downloaded the software, and as a result you lost your characters. Now granted, that would suck a lot but did all common sense vanish from the world or something?

I apologise for being so blunt, but when someone gets a tell from someone they've never heard of before with "gilseller" in it as well as being a link to some obscure website do they really expect anything less? Let this be a lesson to everybody who plays FFXI.

Don't. Download. 3rd Party. Software.

Better safe than sorry.
#39 May 16 2007 at 12:54 AM Rating: Default
***
1,311 posts
ANy video or pic can be seen on youtube or a picture site. But I would have knowen what Mrwildrabbit is already. Its probubly the actual working program, with the keylogger hidden inside.

If it was a keylogger... changing the password actuly allowed the hacker to get it. Asuming you set autolog in on. In which case you would have to run some spywere program, or maybe firewall program would stop it.

That realy stinks, Hope you can at least get account back, tho the money and dynamis coins be long gone.

ps: only download 3rd party programs from origanal maker sites.

Edited, May 16th 2007 3:56am by Mariox
#40 May 16 2007 at 1:07 AM Rating: Good
This is how desperate the gillsellers seem to be getting moving into account hacking now, its like SE are clamping down so hard they have little option to make gil. Its like a tiger with a broken leg or something lol

I dont understand why they dont implement some kind of account protection, people should not be able to log into anothers acc period. No account selling either, maybe give you a telephone number to ring and give a password over the phone as verification if something like this happens, have to download a key program that is linked to your char that wont login without it or a IP check when you log in or anything that can stop this.

Are other MMORPGs this lax on account safety? It really is unbelievable you can get a keylogger and someone can steal years of work, I would even pay a lil more each month for some kind of protection system if it was possible.
#41Lobivopis, Posted: May 16 2007 at 1:22 AM, Rating: Sub-Default, (Expand Post) You are lying. If you try to log in from annother computer what happens is that you are not allowed to log in from that computer. The reverse of what you just said will happen, it will tell you the account is already logged in.
#42Lobivopis, Posted: May 16 2007 at 1:24 AM, Rating: Sub-Default, (Expand Post) The answer is, they don't
#43 May 16 2007 at 1:25 AM Rating: Good
Keeper of the Shroud
*****
13,632 posts
Sorry to here about your loss Hiro. I hope you can get the character back, but I've heard some pretty awful stories...

As to the how this happened, it was a total lack of simple precautions on your part. It could have easily been avoided. To help out anyone else, here is a short list of things to do.

01. Get some Antivirus software. If you don't want to spend the money on it, you can get free Antivirus software from www.grisoft.com. They have a free version and a paid version, both are reliable. The free version can be a little tricky to find, but if you look around for it, you shouldn't have any problem navigating the site. It's actually a very good way to go if you don't have the money or are just unwilling to spend it.

02. Keep it up to date. Your Antivirus software should do this automatically and daily.

03. Run daily virus checks. Most software will do this automatically, you just have to set a time for it to happen.

04. When you download anything from a source you don't 100% trust, scan it. Even then, if your software isn't up to date you could still get a virus. If you don't know what something is and you don't know and trust the source, just don't download it.
#44 May 16 2007 at 1:37 AM Rating: Excellent
Quote:
You are lying. If you try to log in from annother computer what happens is that you are not allowed to log in from that computer. The reverse of what you just said will happen, it will tell you the account is already logged in.


Actually you have no idea what you are talking about, if you log into your friends account it will boot him. Test it and see.
#45 May 16 2007 at 1:58 AM Rating: Good
***
1,778 posts
Quote:
You are lying. If you try to log in from annother computer what happens is that you are not allowed to log in from that computer. The reverse of what you just said will happen, it will tell you the account is already logged in.


I have two PCs with the game installed and access to log in 4 completely seperate accounts.

I can say beyond a shadow of a doubt that you can log in from a 2nd machine and kick the person/machine that was logged in first.

I've done this once for my own amusement to a RL friend... and several times on my own character for the simple sake of swapping machines for various tasks.
____________________________
Torzak of Carbuncle(Moved To Asura)
#46 May 16 2007 at 2:04 AM Rating: Decent
**
310 posts
Terribly sorry to hear about your account, Hiro.
Having my own account hacked is a notion that terrifies me. I even steer clear of windower.
However, I'm wondering... Is a person who uses the auto-login option safe from keyloggers? I'm assuming they are.
#47 May 16 2007 at 2:05 AM Rating: Excellent
*
63 posts
Ouch,

I am sorry to hear this has happened to you and I would wager to others who havn't come here and said anything.

While yes it is the responsibility of every player to watch for possible threats and to avoid them I do not understand why SE doesn't put a bit more protection on changing passwords and CC info.

I wouldn't think it to be very difictult for them to add a security question for both changing CC info and password. They could do a POL update to add this and make all of us add the information before we were able to log into the game again.

By this simple step it would make if very dificult if not nearly impossible for a key logger to get enough info on your account to do anything but log into the game.

It would not be info you typed in just for a nomal log in so it wouldn't give anyone the ability to take your account. They would still be able to log in and possibly sell or transfer your items and gil but it is much easier to get those items back then it would be to start from scratch.

I am no programmer but i'm sure that someone here has a pretty good idea of how long it would take SE to impliment this, I just don't see it taking them long with the team of devs they have.

Thank you for posting this, I was not on during this so I did not recieve a /t but I will inform my friends to watch out for this and anything in game of them being asked to visit a site or look at something.

I hope things turn out well for you but you know as well as I that it is SE, given that it is not an isolated incident might be your only small hope.
#48 May 16 2007 at 2:18 AM Rating: Decent
*****
11,630 posts
Curiosity killed the cat :/

It is pretty clear that SE's only way of avoiding account thefts would be store old account information on their servers. Becuase that would most likely only the true owner know about.

But that might just give another problem when they steal your account and leave the information. Because they could do the same thing, report it stolen, when it actually are them stealing it. How would SE tell those apart? Maybe if they somehow also stored information about which city area you live in (play from) or something and check with telephone tracing...

Seems to be very hard to actually keep accounts safe from SE's side to me.

Regarding scanning things, I'd love to know more. I'm mostly just assuming my firewall and antivirus would pick up most things. (I know it once picked up a virus in my temporary internet files, which of course comes from just visiting a site).
#49 May 16 2007 at 2:25 AM Rating: Default
***
1,158 posts
This thread was made a while ago on BG, I'm guessing it's probably the same guy. They say they hacked into the keyloger program and got into the guys computer. His rl name is in one of the posts.

http://www.bluegartrls.com/forum/viewtopic.php?t=18918

Edit: Wrong Link


Edited, May 16th 2007 6:33am by Cookiemonkey
#50 May 16 2007 at 2:27 AM Rating: Decent
***
2,793 posts
Wait, someone actually fell for that obvious keylogger attempt? Lawl...sorry, but did you send your bank info to that rich man in Zimbabwe, too?
#51 May 16 2007 at 3:39 AM Rating: Default
***
1,430 posts
It's things like this that sometimes tempts me to forget I believe in human rights and decide to fly a few hundred napalm bombs over China or wherever these RMT losers are.

These economic leeches and the government that covers for them make it really hard to believe in humanity.
Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 63 All times are in CST
Anonymous Guests (63)