People being hacked since the last Server Check.

[Snor]

Actually if I understand correctly, it was over 3 hours between the time she dc'ed and the time she was hacked. If that's the case, it's not "remote hack" but just bad luck that they found her account offline and so could log onto it.

Most likely map crashed or DC hacked. The reason Nexon can't give back lost items is because they are mentally retarded and can't get a system to work just like in WoW. Even RIFT has an amazing anit-hack feature which I find really nice. It's an iPhone application you can download where you have this key that you can use to login from another place. If you login without activating that key (which can only be viewed on your iPhone), you can't drop/trade/loot/whatever. Just walk around.

[cantthinkofauser]

I have a question worth to be asked to whoever was hacked, but before I get to my point, let me say this;
You guys keep coming with those theories of the way the hackers got ahold of the info ETC ETC, and once a guy comes out and says "nope, not in my case"; you rule out this theory on the spot, forgetting the fact that, afterall, people get hacked everyday, for sharing info and whatnot, so just because your theory doesn't match up with 100% of the people who were hacked doesnt neccessarily mean it is false.

Anyway, my question is
Do (and again, MOST OF) you guys who were hacked, have Win7? (eventho there are many win7 users worldwide regardless, I think this question still needs to be asked)

I'm running Vista Home Premium x32 bit. (Not sure if the bits matter, but whatever.)

If it matters for future reference, the character they hacked was level 165, and had the Fortune Walker Plate + untradable Smiley Mask on. They left my barely clothed store mule intact, which had 150m worth of assets on it.

[Exidium]

I'll bet it's someone from one of the maplestory meso selling sites. I mean, how do they fund them selves enough to make a living off of mesos? I'm sure they can't generate them so maybe they steal them?

[Marksman Bryan]

This is starting to become ridiculous. People are STILL getting hacked, with the same signs, and there still hasn't been pomegranate done by nexon to fix whatever security breach or exploit there was.

A good friend/sp user sounds like they just got hacked, but I sure hope they meant something else.

[Flonne]

This is starting to become ridiculous. People are STILL getting hacked, with the same signs, and there still hasn't been pomegranate done by nexon to fix whatever security breach or exploit there was.

A good friend/sp user sounds like they just got hacked, but I sure hope they meant something else.

I'm waiting to see if it continues after Ascension. And to see if they actually compensate people. Across all games. A REAL compensation, not just "lol everyone gets 5K MP", I'm talking everything replaced perfectly. I know this is hitting Vindictus/DFO just as hard as MS, too. I'm starting to think the primary goal isn't to gain money off of people but to shut down the company itself.

[Marksman Bryan]

I'm waiting to see if it continues after Ascension. And to see if they actually compensate people. Across all games. A REAL compensation, not just "lol everyone gets 5K MP", I'm talking everything replaced perfectly. I know this is hitting Vindictus/DFO just as hard as MS, too. I'm starting to think the primary goal isn't to gain money off of people but to shut down the company itself.

I would love to see that, too.
But there's a problem: it's been going on for so long, that, knowing nexon, the manpower/effort/caring needed to compensate everyone isn't possible through the company.
I'm becoming one of those anti-nexon people more and more every day, but they are viewing this as they have viewed most other hackings: ignore it for long enough, people will get fed up with no compensation, leave, or make new characters and buy more NX. I can't avoid this anymore, even I came back from getting hacked with zero compensation and bought NX to fund myself.
It's an addicting game, which sucks for the players, but works wonderfully for Nexon's pockets.

I also found out he was referring to Maple. I'm deeply sorry, Will. You are one of the most secure people I know. It's absolute bullpomegranate this happened to you.

[KhainiWest]

My account as of now is still in tact, the ID is probably all over the place by now because of my hacking in february of last year.

[CrazyNomad]

I'm becoming one of those anti-nexon people more and more every day, but they are viewing this as they have viewed most other hackings: ignore it for long enough, people will get fed up with no compensation, leave, or make new characters and buy more NX. I can't avoid this anymore, even I came back from getting hacked with zero compensation and bought NX to fund myself.
It's an addicting game, which sucks for the players, but works wonderfully for Nexon's pockets.

I only came back to maple when Gm tiara dropped all my gear to me. Quitted when people d/c locked me and since then, never logged back on maple.

btw, my ID login is out for 3 years? it got smegaed in bera and broa when I got hacked, and my account I still to get hacked. and if I get hacked, the hacker won't have anything to steal, I gave all my tradeable stuff across my buddy list and guild, and gave my info away.

you just have to find something else to play, with all the money you spent funding yourself back, you could have bought a new game and would never look back to maple, worked for me :P

[Maximillion Thermidor]

I got hacked before the game went into a SC for almost the whole day then a month after that the whole MTS thing was announced Me and my wife changed our PW, PIC and my wife changed her E-mail then did the E-mail change to deactivate her Username so she logs through E-mail and she still got hacked just a few days ago they most likely d/c or map crashed her Because she stays on 24/7 ever since the release of her username just incase but apparently what ever nexon suggests to protect our accounts is Useless we all going to get hacked sooner or later.

[Xzotic]

@Maximillion, what if she were keylogged? not EVERY hack is related to this wave

If there really is a PIC bypass, all those people with no up-to-date antiviruses, antispy/malware, or those who DO have those, but entered some suspicious (ofcourse, they don't know it is suspicious) website, and downloaded the "required" plug-ins and got themselves keylogged, are now getting hacked because hackers no longer need to crack your PIC, since the keylogged information is sufficient to have access to their account in game.

It is just stupid that everyhack nowadays is being connected to this wave, people are forgetting people have been getting hacked since forever, wave or no wave.

p.s
Oh and just a tip, when you go AFK just go inside the Cash Shop/MTS, hackers can't map crash that, obviously

[KhainiWest]

@Maximillion, what if she were keylogged? not EVERY hack is related to this wave

If there really is a PIC bypass, all those people with no up-to-date antiviruses, antispy/malware, or those who DO have those, but entered some suspicious (ofcourse, they don't know it is suspicious) website, and downloaded the "required" plug-ins and got themselves keylogged, are now getting hacked because hackers no longer need to crack your PIC, since the keylogged information is sufficient to have access to their account in game.

It is just stupid that everyhack nowadays is being connected to this wave, people are forgetting people have been getting hacked since forever, wave or no wave.

p.s
Oh and just a tip, when you go AFK just go inside the Cash Shop/MTS, hackers can't map crash that, obviously

..Just a tip, if you know about it, most likely so does 80% of everyone else. Were aware hacking is kind of consistent, however in this instance, was a huge spike in reported events.

[Xzotic]

@KhainiWest, you don't understand, I'm not saying "Eh, people have been getting hacked eversince... nothing special about it"
I DO acknowledge it has been happening recently to WAY too many people, I'm paranoid about it myself and won't ever log out
All I'm saying (correspondingly to my post from the previous page) is that there is, for sure, more than a few people who have been hacked the old fasioned way, who posted in this thread (or in any other hackwave-related thread).

BUT! and this is a big BUT
there might not be a breach afterall, like I said, maybe up to this point, hacked who had people's ID+password information (keylog source) have been unable to do something with it, due to the fact they had the PIC thing in their way aswell, and NOW, as supposedly they have this PIC bypass, there is this mass hacking because so many hackers who couldn't do anything with mere ID+passwords are finally able to, resulting in this mass hacking wave.

Let's face it, not everyone who says his computer is malware/spyware free, virus clean ETC ETC, is actually right. Most people are clueless. For example, my friend who was hacked a few weeks ago whom I inquired right afterwards, said his computer had NOD32 antivirus+antispyware, and when I asked if it was up-to-date, he said it was. when I asked AGAIN; 'are you SURE?' he replied 'Yes'.
Now, if he wasn't a close friend of mine, we would just assume he was correct, right?
and so I asked for a screen-share (we were skyping) and so I saw his antivirus was pineappleing Yellow (or even red, while a properly working NOD32 should be green), then I asked him to open his NOD32, and he was like pointing out the "V Antivirus protection, V Antispyware protection" when above that there was this WALL of text, warning the username+password are invalid and expired and should be renewed, and that his computer is at risk.
I told him to go to the Update section... his virus database was 8 months old.

[Nikkey]

BUT! and this is a big BUT
there might not be a breach afterall, like I said, maybe up to this point, hacked who had people's ID+password information (keylog source) have been unable to do something with it, due to the fact they had the PIC thing in their way aswell, and NOW, as supposedly they have this PIC bypass, there is this mass hacking because so many hackers who couldn't do anything with mere ID+passwords are finally able to, resulting in this mass hacking wave.

Isn't a PIC bypass a security breach? It's not a DB-leak, but it's stripping off one layer of security.

A security breach*, a mass keylogger which a lot of MapleStory-playing people download, or an increase in hackers are the only reasons I can see that so many people get hacked - and none of them are a positive thing.

[SaptaZapta]

Isn't a PIC bypass a security breach? It's not a DB-leak, but it's stripping off one layer of security.

A security breach*, a mass keylogger which a lot of MapleStory-playing people download, or an increase in hackers are the only reasons I can see that so many people get hacked - and none of them are a positive thing.

It's not an increase in hackers. Too many of the recent hackings are too similar, right down to the "CHN-M shoping go go go" smegas, for that. It is a single organization (I think someone upthread, or in another thread on this topic, told about trying to buy back some hacked gear and learning, bit by bit, that the hacker worked for a meso-selling site) that somehow got a hold of either a bypass or a leak* (apparently an ongoing one, possibly a keylogger, since people who've recently changed their passwords still got hacked), and is somewhat systematically stripping every account they can enter.

*A third possibility is brute-forcing the passwords and bypassing the PIC. However, I tend to believe that an organization with the ability to brute-force passwords like that, would be going after PayPal or online banking services, not a children's game where 99% of accounts aren't worth even $100.

[Xzotic]

Isn't a PIC bypass a security breach? It's not a DB-leak, but it's stripping off one layer of security.

A security breach*, a mass keylogger which a lot of MapleStory-playing people download, or an increase in hackers are the only reasons I can see that so many people get hacked - and none of them are a positive thing.

NO! You're wrong, a PIC bypass is a security breach, yes, but if the people weren't keylogged it wouldn't have mattered, you know?
and you are missing my point; The players have already been keylogged, but the hackers couldn't do anything about it up to the point they obtained that PIC bypass, so you saying "a mass keylogger alot of maplestory players have downloaded" is a complete false statement, it didn't happen over night

[KhainiWest]

NO! You're wrong, a PIC bypass is a security breach, yes, but if the people weren't keylogged it wouldn't have mattered, you know?
and you are missing my point; The players have already been keylogged, but the hackers couldn't do anything about it up to the point they obtained that PIC bypass, so you saying "a mass keylogger alot of maplestory players have downloaded" is a complete false statement, it didn't happen over night

I hope you know it's actually a rare occurance that players who are hacked are actually keylogged. And I would argue you that an updated virus protector would have little to no effect. In fact the last hacking wave wasn't even about keylogging, it was about finding your email address and bypassing the password by means of social engineering.

I mean it's not like hackers magically found a javascript on a site that all these users have gone to and forced them to download it.

[MissingLink]

I hope you know it's actually a rare occurance that players who are hacked are actually keylogged.

Yes it's strange how many people prefer to believe that there must be a widespread maplestory keylogger written by some genius maplestory hacker that self-loads and self-installs without the users intervention merely by visiting some site, is undetectable by any antivirus, antiwhatever, can bypass any firewall, etc ,etc. (despite zero evidence of this)...

and yet they find the idea that some pro Chinese hacker/goldsite group may have found a login bypass onto the gameservers ridiculous.

[Okiesmokie]

Yes it's strange how many people prefer to believe that there must be a widespread maplestory keylogger written by some genius maplestory hacker that self-loads and self-installs without the users intervention merely by visiting some site, is undetectable by any antivirus, antiwhatever, can bypass any firewall, etc ,etc. (despite zero evidence of this)...

and yet they find the idea that some pro Chinese hacker/goldsite group may have found a login bypass onto the gameservers ridiculous.

Because it is ridiculous. It doesn't have to be some amazing widespread keylogger. Keyloggers are NOT hard to make, and just as easily able to avoid detection from any mainstream virus scanner. Firewalls are a non-issue because anyone competent would make the keylogger a client connecting to a server, not the other way around (or just send logs through email.)

If there was some hacker that was able to bypass logins, Nexon would know about it and shut down their game until it was fixed. You act as if Nexon is stupid as pineapple, which they aren't. It's the general population who continue to download programs that they think are safe and are not. Just looking on this forum, there are two programs on the front page of this section that have gone through zero scrutiny and have been downloaded by people. Do they know those programs are safe? No. Yet they continue to download them and praise the author for their generous contribution to the community.

I have done experiments in the past with this sort of trickery, and have been surprised with the amount of people who actually fell for it. (Hint: Over 600 accounts in one day, when posting it on three different websites, one of which was a community of "uber l337 haxx0rz")

So knock it off with all this bullpomegranate about some amazing hackers who are able to read the Nexon database and hack all of your accounts. Pay attention to what the pineapple you download, and exercise at least a minimal amount of caution, and you won't get "hacked."

[Eos]

If there was some hacker that was able to bypass logins, Nexon would know about it and shut down their game until it was fixed.

How exactly would they do that?
Would some programmer deep in the bowels of Nexon HQ's spider sense start tingling?
Would some great alarm go off somewhere?
Would God Himself Manifest before the office to explain to them what happened?
Will Gandalf The Gray Stand before the hackers and shout THOU SHALL NOT PASS as they try to break in?

A program only does what it's programmed to. Unless they specifically designed it to recognize that it was doing something it wasn't designed to, how exactly are they going to be aware that it's happening? The very fact that someone logging in this way is a bypass indicates it's something they didn't anticipate being possible, therefore how exactly would they have security measures in place to identify it was happening unless they went out of their way to add them in to try to identify them happening? Which would require them to admit it was possible in the first place.

You have no more foundation for your "couldn't happen" than the other side does for their "could happen".

There are a finite number of ways to hook into the keyboard input and most decent antiviruses can detect any process that is doing so, short of it being rootkitted because they don't need to know to listen for specific programs, they look for specific behavior and any process behaving that way is suspect.

So knock it off with all this bullpomegranate about some amazing hackers who are able to read the Nexon database and hack all of your accounts. Pay attention to what the pineapple you download, and exercise at least a minimal amount of caution, and you won't get "hacked."

This too is bullpomegranate. Security is not entirely on the users side. Did the people with accounts as Sony download anything? No. Sony was breached. Assuming Nexon is immune to breach while larger more sophisticated companies are not is delusional. The vast majority of us who have been hacked did not download a keylogger, pure and simple. Blaming it on a trojan, a keylogger or the end user is a cop out. Yes the end user is occassionally responsible, and during normal 'hacking' almost exclusively responsible, but whatever has been going on with Nexon lately is clearly a flaw in their security for at least a substantial portion of the intrusions that are occurring. A keylogger would not explain accounts that have been untouched in years being opened despite strong passwords. A keylogger would not explain people who have common sense.

[KhainiWest]

Wow eos, always beating me to the punch.

By the way I couldn't help but break out at the spider senses/god. Nice touch