Same happend to meOriginally Posted by John Boy
Same happend to me
I remade my email and as well as my brothers email and I sent the reactivation link and it worked!
So if anyone had a similar situation like mine you should do the same.
Just don't give out your email
Hey everyone,
I just got back to Maple and I have been reading this thread and the hackings are getting ridiculous. Since we have all these theories going on and Nexon has failed to be transparent of what's going on behind these accounting hackings, it lead me to this concern:
Background:
I stopped playing at around the MTS exploit time where some of my account ID's were leaked. Nexon offered an ID change to log in with email address and disable the log-in ID that was leaked. I read about Pro's and Con's of doing so, but in the end I simply locked my account to decide later when I return.
Now, I have tested this on one of the characters and they are still allowing you to change your log-in ID to your email. My question is, is this a good idea?
Thanks!
So i just logged in to find ive been hacked.
Every character i have cept my Mercedes logged into the fm. All Characters have items but 0 meso, and my thief has had all her throwing stars taken.
Other than 4 steelys and some tobis, i didn't have anything of value, but qq my 20 mil :(
well I can add my account to the list. Didn't steal much, but what they got hurt.
Figured it was about time, actually was enjoying the game finally.
this is unbelievable, we need IP system like wow imendiantly!
Well, damn. Four years of playing and they finally got me.
Never shared information with anyone. Never went onto hacking websites. Never downloaded weird stuff. Didn't even have anything in the MTS, like some people were supposing. Still got hacked. I'm not sure how they're doing it, but yeah; kinda doubt anyone's safe at this point.
They're not GMs. They just got GM gear.
This is a gm.. try to add him, u get error gamemaster cant be added ;)
It's been said before, GMs always have part of their world in their IGN.
I recommend you guys to switch to gmail and use the 2 step verification system.
Basically makes your email unhackable unless they have access to your phone.
Most people seem to be getting bruteforced on their pw, and then get their pin reset through email.
This method should offer some degree of protection.
Where did you pull this "most" crap from? Because most of the people who've posted here have not had their email comrpromised.
For me personally, none of my info got changed or reset at all. I changed my password after i found all my meso taken for my own safety, but yeah my email hasn't been affected.
It would be nice if some expert would put this myth of password brute-forcing at login to bed once and for all.
Even assuming a weakish 8-digit, lower-case only password, which would have 26^8 possible combinations,
and assuming Nexon's login server could somehow handle a million login attempts from one client per second without restrictions,
it would take up to 2.4 days to brute force. I'm not a hacker, so I don't know how many login attempts per second is possible, but I would imagine it is far below a million per second.
There is absolutely no way that this method could be practical given the rate at which hackings are occuring.
May I attempt a summary as I see it without starting a flame war? Well here goes anyway.
For an account to be hacked the hackers either:
1- Already knows the password, from sharing, social engineering, keylogging or other malware methods
This is what Nexon and a few vocal others claim is responsible for all account hackings, but is unlikely for many cases described in this thread.
2- Can discover the password from brute forcing (unlikely except for simplest pw) or reversing pw hash if these are stolen.
Nexon has admitted server leaks, so the reversed pw hash method is the possible hack method for some who have weakish pw AND rarely change them.
Having a strong pw and changing frequently will prevent this method of hacking.
3- Can reset the password, which requires prior access to the email
3a- Hacker resets pw/pin to his own email
This still happens occasionally, but is not the most common method recently, since pw usually unchanged.
4- Doesn't need the password - using some packet swap trickery to connect directly to an account without logging in normally.
Unfortunatly, there would be no way to avoid this method except to stay logging in 24/7, or possibly lock the account (no guarantee on that one).
Since Nexon is too secretive and proud to admit that such a thing might be possible, and too lazy and incompetent to fix it even if it were somehow proven to be happening, and too cheap and paranoid to hire expert consultants to find and fix it....
it will never be fixed.
.. and that, people, is what's worrying me the most.
Then explain why the game labels that guy with a random nickname as a "Gamemaster" and doesn't allow other people from adding him to their buddy lists.
Someone actually hacked a game master's account, and I wouldn't be surprised if Nexon was stupid enough to put a sort of "admin control panel" in their website, which could only be used by GM accounts obviously and could allow to give the GM status to other accounts.
Or, more likely, he just created a random character on the actual gamemaster account.
What, that Nexon is apathetic, inefficient, and incompetent?
That they're either unwilling or unable to deal with this problem?
Yeah, that's what worries me as well.
I don't play GMS anymore, but it saddens me when I go back to it for whatever reason.
Everyone who plays, and especially those who I like, have an increasingly large chance to be hacked.
I think I actually enjoyed being banned, coming back to this. 30 days without having to worry about changing my passwords, staying logged in, having my items locked. This is so pineappleed up.
Yes.
It's when you go as far as enjoying being banned so that your items will be safe that you know a game is going pieces.
It's become my turn to participate in the most popular Southperry thread of 2011! (What an honor to Nexon eh?) To think I almost missed it.
As of yesterday's early morning my character in scania, Baykko, was stripped of everything it had. I lost about 20B mesos worth in items (yah yah, laugh at me for being poor you nx Wh0res). I am certain I didn't take a Keylogger, even though my PW and PIC hadn't been updated in some months. Last thing I did yesterday was wander around the Gate to the future looking for an empty map to finish my quests. I do not intent to cause panic by saying this, but it feels to me like the hacker saw my character pass by and used their magic to crack my info out, JUST BY PASSING BY!. Anyway, I am here to suggest you people stay away from hackers as much as you can. The causes to my hacking might be another but it never hurts to be cautious.
Posting Permissions
|
|
Reply With Quote
Bookmarks