Please, hack my account

[MeteorSummoner]

Wow. I didn't realise some of the other games had no security..

Yah, I play Mabi sometimes and all they require is the basic username and password... :|

[Holypie]

Yah, I play Mabi sometimes and all they require is the basic username and password... :|

Same with DFO but you get a PIN to lock up purchase functions. (No buying, selling, dropping or trading of items until you activate the PIN) It's a good system I have to admit. And it can't be keylogged as easily as maple pins can.

[Corn]

Not like hackers really play Nexon's other games, lol.

[Eos]

Yah, I play Mabi sometimes and all they require is the basic username and password... :|

Mabi storage service includes the ability to password lock each individual item in storage though.
Won't protect what you're wearing or what NX you have

[y0y0y0y0shi0]

Tomorrow's the last day. If it's not hacked by then.....

[Fiel]

Alright, just checked my account.

Unfortunately, I was not able to login to my account. The password was changed and I had to reset it. I am 100% sure that I did not mess up typing the password because I copied the password I had written in the opening post and pasted it in the address field. So, I had to reset my password. I went into my account and a PIC was still not set for my account. This means that my PIN has not yet been cracked. Also, because a new PIC was not set, that means no one was in my account and my mesos are safe.

Then again, considering recent events I cannot for certain say that the PIC system is secure. There was a flaw with it (which Nexon stated that they fixed), but it only takes a split second to think about the compromised GM account to wonder how secure these things really are?

[MeteorSummoner]

It also makes me think that maybe if the GMs think their accounts are so secure, maybe they are still using the PIN instead of being forced to update to a PIC like every other normal player. But I don't really know much about how people can get around all those account security and hijack it so... :|

[Dual]

Wasn't the PIN the weakest form of security before? Why are these hackers so inable to get past it?

[Derimed]

Alright, just checked my account.

Unfortunately, I was not able to login to my account. The password was changed and I had to reset it. I am 100% sure that I did not mess up typing the password because I copied the password I had written in the opening post and pasted it in the address field. So, I had to reset my password. I went into my account and a PIC was still not set for my account. This means that my PIN has not yet been cracked. Also, because a new PIC was not set, that means no one was in my account and my mesos are safe.

Then again, considering recent events I cannot for certain say that the PIC system is secure. There was a flaw with it (which Nexon stated that they fixed), but it only takes a split second to think about the compromised GM account to wonder how secure these things really are?

were they or were they not able to steal the 50 million?

[IllegallySane]

Wait Fiel, what if the hacker took the mesos, but resetted the PIC afterwards just to make it seem like you didn't get hacked? It wouldn't hurt to actually check Duey. Better to confirm than to assume for something as important as this.

Wasn't the PIN the weakest form of security before? Why are these hackers so inable to get past it?

Yeah it's strange indeed.

[Link]

Wasn't the PIN the weakest form of security before? Why are these hackers so inable to get past it?

Because the MAIN way of getting through the PIN system was to reset it and hack the e-mail. Due to the person not being able to reset the PIN with the e-mail anymore, since Nexon removed that option, they couldn't reset it. The only option left was to guess the pin starting from 0000 and ending with 9999.

[AwellknownMAN]

oh fiel copy + paste pw doesnt work sometimes.

on my old account when i thought i got hacked i kept pasting my pw which caused me to get panicked.

but when i finally typed it it worked.

[god]

There's more than one ways to reset a PIC

coughhttp://bit.ly/bS2WHZcough

[Cynic]

There's more than one ways to reset a PIC

"Now you may have to fiddle around with the header information but as of Feb 27, 2010, this exploit works and took me 10 minutes to find. Don’t ask me to help you because I won’t and yes, I’ve sent this into Nexon on Feb 24, 2010 but have received no replies so all is fair until I get that DMCA right?"

This is the worst part of it

[TaliaNCo]

There's more than one ways to reset a PIC

coughhttp://bit.ly/bS2WHZcough

<shakes head>

[Phoenix]

Technically, if the top is possible, wouldn't you be able to reset someone's password the same way, with only knowledge of the user ID?

[LittlePrincess]

Technically, if the top is possible, wouldn't you be able to reset someone's password the same way, with only knowledge of the user ID?

Supposedly that's how they got in the GM account.

I would speculate that just because a PIC isn't set doesn't mean that someone hasn't been in there to take the mesos. Because with multiple hackers trying one might try after another got the prize.

[RIPGobies]

were they or were they not able to steal the 50 million?

If you read his entire post he already answered that question.

[Eos]

Supposedly that's how they got in the GM account.

There is no supposition to how the GM account was logged into, the user & pass were both publicly displayed by the GM on accident.
A significant number of people saw it, took screen shots and tried to log in it. The entire event has it's own thread over here .

[xdarkelement]

Yeah, here's just my opinion. Why would someone want to waste their time cracking into your account for only 50mill? To them, thats probally chump change. I used to keylog gunbound accounts and i had an unlimited supply of gold. Accounts that were either decent or just sucked was not worth my time to transfer everything. I think you should up the anti.