Originally Posted by
Feb 23, 2010
My account was compromised - partially
A fellow SP member PMed me to state that he had reset my PIC without needing access to my e-mail. Due to the reset, when I log into my account it now asks for my PIN. Cracking the PIN can already easily be automated, so it would be just a matter of time before my account would be compromised and the 50 million mesos stolen - though this has not happened yet. This is evidenced by the topic here that started it all when a user from BasilMarket gave his account name and password and was hacked in a matter of hours while still using the PIN system. When I entered my PIN and double-clicked on a character, it asked me to provide a completely new PIC.
The other SP member has reported this vulnerability to Nexon. I do not know the vulnerability that the other user took advantage of.
Bookmarks