Any recent hacked accounts from Southperry users?

[Jellyflower]

I'm sorry Fiel, despite how much you like hacked spam threads, let me reassure you I'm not here to cause panic and general fear. I just want to warn others and hopefully let Nexon be aware there might be huge security flaws on their side. I'm sure most are aware of the recent 'random' unexplained hackings. Most say their accounts are very secured in a way where emails are almost untraceable, passwords inhumane enough to be guessed, no keylogs or malware and extreme firewall or high computer knowledge to avoid the general traps like the plague. But if, for some reason, the database on the game server is compromised, how secured is your account info? I've posted this on SW, and I just want to ask for those that were hacked recently, presumably at or after the release day of the Aran patch. Have you been using that same password for the affected account for a long time? Several people I know haven't changed their passwords in more than years, myself included as I don't see why it'll be compromised on my part, I guess I do now. There's also speculation on info being retrieved for those that logged on with the wrong prepatcher for aran (someone did it to spoof those that use prepatching?), so any information that could help suggest leakage or shine light onto this matter will be most appreciable. And if you haven't done so, change your password(s) now.

Here's a link to the previous thread suggesting similar situations, but rather this takes time during the huge server upgrade.

http://www.southperry.net/forums/sho...ghlight=hacked

-----------------------------------------------------

Update:

Since the thread has been ongoing for quite awhile now. From my personal gathering (lots of statements unconfirmed or speculation with basic assumptions and proofs), this is what going on:

First of all, if your email password has been changed, hijacked, or has unauthorized logins other than yourself, we cannot include you into the same pool as your cases may be separate. (It could very well be affected by the same widespread hack, but chances are minimal in my personal opinion that it should not be catered) You're welcome to provide information, since there may be separate attacks that hinder compromised and non-compromised accounts.

As of Jan 17, 2010, I believe Nexon database is being compromised. At first there were hints suggesting leaked database info but this notion was somewhat rejected as there are cases where people have changed their passwords a few days prior of their accounts fell into victims. Further analysis is now pointing to the possibility of leaked password being released as MD5 hashes, since this was what Brazilian MS was using at the time when server files were leaked. Of course we have no way to confirm this other than the programmers themselves at Nexon. So now a few involved people are asking those who were hacked if their responding passwords hashes are logged somewhere in the internet database. Detail is covered in subsequent pages (page 17 onwards I believe) and on other thread in this forum section as well. Bottom line is, use a 'strong' password to protect yourself. 12-character long combined with lower,upper-case, numbers, and symbols is ideal. If you're affected, make sure you submit a ticket through the ticketing system. There's a lot to read on so if you're an active player of any Nexon games, you may want to periodically change your password(s), lock items and equipment, and store unnecessary NX with a non-suspicious character on the same account and put up something for that amount of NX in the WANTED section. This is just some precautionary measures we can take since we don't exactly know what is going on out there.

[Bacon]

Nobody in their right mind would want to hack me.

If they did, they'd make a 2 mil profit. Max.

[Sn1perJohnE]

I havent had any problems with my two accounts. Though, there was an issue a few months ago where someone had emailed me on my BMs account email (my main use email aswell) asking me for the PIN for the account, and he put in the login and password. The login ive used in other places, the password somewhat newer. Incase it was a "password cache pasting" thing where it simply used a code to have my info put into the email once read or not idk, but i cleared the previous message and replied that he could go suck a ____ for all i cared. I still get emails from him, now just random spam since he put me on his contacts im guessing.

After I got that, sent an ticket to Nexon (which they eventually closed a week or so later without so much as a peep about it to me) and went about changing my password and pin.

Other than that, nothing at all.

[Loose]

My brother got weird ass hacked, meaning he lost a couple of useless items and some of his mesos. He has no account on any MapleStory forum and only uses my laptop to play MapleStory, since his computer can't run it. He also plays, at most, maybe twice a week. The "hacking" also occurred on an account he had not used for a month. His account information is, surprisingly, more hard to guess than mine.

What seems very odd is, that if it was a keylogger or any other virus problem, it would've affected my account too and probably harder, since I log onto it more often and have decent crap on it. None of that has happened to me.

We also don't use any prepatcher and just wait for the Nexon release.

[2147483647]

If you don't want to get hacked, just stay logged in. Nobody can go on your account.

[Cyanne]

I tried to log on with the glitched prepatch and haven't ever changed my password since 2005, and I've never been hacked. I've never shared my account info with anyone. Unfortunately I have no idea what the email tied to the account is nor what my secret question/answers are, so if I happen to get hacked through an exploit, I'm done for =X

[Spideyjvc]

I tried to log on with the glitched prepatch and haven't ever changed my password since 2005, and I've never been hacked. I've never shared my account info with anyone. Unfortunately I have no idea what the email tied to the account is nor what my secret question/answers are, so if I happen to get hacked through an exploit, I'm done for =X

Thanks for telling me. I happen to have this super exploit readily at hand, and can hack anyone I want by simply typing "sudo account-get [Maplestory account name here]" in my terminal.

Have fun losing your account.

Before anyone gets their panties in a knot, I'm obviously not telling the truth.

[Dusk]

I'm not here to cause panic and general fear

I don't see what else this thread could accomplish.

[Cyanne]

Thanks for telling me. I happen to have this super exploit readily at hand, and can hack anyone I want by simply typing "sudo account-get [Maplestory account name here]" in my terminal.

Have fun losing your account.

Before anyone gets their panties in a knot, I'm obviously not telling the truth.

But where are you going to get my account username? =p

[BandanaBoy]

I change my Pass and Pin every month,
(also making sure you don't use the same again helps)
so I've never got hacked.

[treflip]

My Night Lord's account got hacked a while back, not too far back though.. I would say around a week or so before Aran patch. Anyways, I play on multiple accounts and log onto all my accounts either on my desktop or laptop. No one knows my info except for my real life girlfriend, so trust, the hacker was not her. I do -not- go into any random sites posted in my shop nor have I downloaded a keylogger (if I did, all my accounts would be compromised). Also my Night Lord's account has been inactive for the past year.. with the exception of logging on to add juniors.. so it's essentially a rep mule. They took everything that was on that account, which includes probably at most 8 sets of Icy stars, some cheese to use for APQ, probably at most 100k, a 10 dex sauna, and a 100%ed Skanda... oh and they also divorced my character.

Though this is before the Aran patch, soon after getting hacked, I saw a bunch of people posting that they got hacked. One of the things I found similar in my case and a friend of mine was that the e-mail account associated with the maple account is hosted by Hotmail and has an active running MSN. Now I'm not jumping into conclusion that that is why a lot of people are getting hacked. But, it might be?

[Spideyjvc]

But where are you going to get my account username? =p

Sudo apt-get install NexonDatabase

Exploit on Nexon's site where all I need is your character name to find your Nexon ID.
I just logged onto your F/P Mage. Is this really all of your mesos? You're pretty poor, bro. Well, not as poor as you're gonig to be in a second, but lol.

[Bacon]

But where are you going to get my account username? =p

sudo-get Cyanne's_Account_Username

[Spideyjvc]

sudo-get Cyanne's_Account_Username

What? lol, get out of here scriptkiddie, lern2code better. Putting that in your terminal wouldn't work unless you already downloaded everything hosted on Nexon's servers.

[2147483647]

I don't see what else this thread could accomplish.

He's finding targets.

[street]

Someone attempted to hack me recently. I usually don't look through my junk mail and today i found a forgot user id email from nexon that was sent on 12-18-09. I never requested for my username during that time or was mapling in general. Today i checked my sleepywood account info and the email i had was not connected to the email i use to register my account. Only site that use to be linked was southperry, not saying sp is the cause but it was the only maple related site that use to have my real email and b-day.

[Jellyflower]

If you're not here to contribute, then please leave the thread. I'm just gathering info from the victims and hopefully draw a conclusion, simple as that.

[Hendrix]

hi all, many ppl know alredy anyway, i got hacked before the aran patch, so i dont think the problem was the patch file, since i got it glitched too but got hacked before that. and i know who hacked me, a person know as YTMS/Ed from Bera that hacked me because my sword (152/27 carabella) and claim to be the one who hacked herotex in july,suspect to be the one who hacked the 17 att fs in bera (recently sold in Windia) and i have solid proof he is the one who hacked edvvind for his bow (142 att blue metus) and a suspect he used the same method to hack some ppl i know, a lvl 200 keedi (got deleted) and more 2 diff persons with good items/meso/nx (cant say names sorry).

the thing is, all those cases the person got his email hacked too, and in all cases the email was a hotmail and related to the maple account, in my case i got hacked on my hotmail and gmail. (hacked in 2 accounts ><). in 2 years playing i never give out my info to anyone, no one besides me never logged on my account. now you wonder how hacked?, i really have no idea, i used to play maple in only 1 comp and only in my house, a exclusive comp just for maple while i have 2 other comps that i use for work (no maple there),i changed my pass in like 1~2 months before get hacked so the pass wasnt old too. never used any kind of hack or played a pserver or joined hacked forums related to maple, all my accounts in forums/game/emails use diff passwords, my both hacked emails wasnt touched at all, i only lost game items so is clearly the target was maple. i got a "hint" that i was victim of "vicious hack", something that really i cant belive it exist.

but the fact is, 1 day i was playing fine and the other i was hacked, and is happening over and over with MAPLE, i always believe that "dont share account = safe", now i dont know what to think anymore, i play online games for the past 7 years now and never ever got something close of that happening with me before.

all this is really odd...

[KaidaTan]

You probably already know about this Steve, but Pat was hacked about 5 days after the Aran patch. I forget what email he uses, but he said that it's untouched. He hasn't changed his password ever because he doesn't know the birthdate on that account. The people who took things seemed to be out for mesos -- they didn't waste time moving things that they saw as "worthless," nor did they delete his BL, guild, or reverse weapon. Only one of his accounts was hacked in spite of having logged on both accounts the day before he was hacked. Over 12 different virus and keylogger scanners said his computer was clean.

That's pretty much all I know about it. Considering Pat's isn't the only case, I'd be willing to bet it's some kind of security breach. Got any theories yet, Steve?

[Kalovale]

Wasn't there a security risk issue with hotmail or the like, if some-magically-how people can gain access to your info, there's supposedly a penetrable source. I don't quite buy the bullpomegranate that Nexon's security has been breached, because it is as stupid as it sounds.

Anyway, my personal experience. I was hacked once but it was due to account sharing. A friend of mine wrote my info down on a piece of paper, some friend came over and voila. Despite having given my info out to a thousand people, having countless virus and probably keyloggers on my computer, and not having changed my password since forever due to private information loss, I was hacked only once for that stupid reason. I also go on friends' accounts from time to time, and none of them has been hacked yet.