1
Forum Settings
       
« Previous 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
This thread is locked

Warning to all. The ffxi account hijackings are real.Follow

#1 Dec 09 2007 at 5:19 AM Rating: Excellent
Melphina
Guru
***
3,777 posts
Hi all, It's me, and I just wanted to share with you a personal warning to not take the account hijacking threads that have been appearing so lightly. My story below..

I knew that recently several people have been posting to various threads that they have been having their account stolen from under their noses while they were logged in, but I never gave it much heed. The general response to all the threads is always "stop downloading hacks" and "stop watching ****", which I would have attested as the cause, or at least until yesterday when something similar to me happened.

I was logged in on my main account on Melphina when all of a sudden I got kicked off my game and the login error "You have been disconnected: The current content ID was used to log in of a different terminal" appeared. I knew what that meant and thankfully I have a spare computer which I had turned on to the ffxi login screen for my brothers account. I quickly got on that computer and logged in and changed my playonline password safely, actually on both accounts to be safe. I changed it later to something more secure, but now I wonder how it happened. I havent had any login attempts made to my account since but I know it happened and as such I'm taking precautions. So I did some research and the findings below are a summary of what I have gathered from others who have had similar occurences.

--There have been several people who have had their account taken from right under their noses even while logged in. Accounts of such occurences are on both BG form and KI. The links to the KI thread is here, and another one to it happening on BG is here. Normally a few isolated occurences wouldn't be something I would consider worth concern, but the eye witness accounts continue to grow, and I am now one of them. Before anybody asks I'll get the formalities of interrigation out of the way

---I play on the PC version on windows XP
---I have fraps but only the fully liscenced official version from the official site that I paid for and have had for the past year or so.
---I have no speed hacks or cheat prgrams from any of the underhanded sites.
---I have never bought gil or associated with RMT web sites.
---I have norton internet security and Webroot spysweeper that I use to keep my PC safe by sweeping regularly.
---Yes I have used the ffxi windower (no I'm not going to lie about it)

Of the above the only thing that has any remote possibility of being the culprit would be the windower, but I don't believe that to be the case. Reasoning below.

First off, far too many people play on the windower that it would probably have been a much much wider spread occurance. Not only that, but witness accounts state that many people who play on only playstation 2 or X-Box 360 have also fallen victim to the account loss. I can't believe that all of the people who have claimed to play only ps2 or x-box 360 are lying, especially when some of them have linkshell members backing up the claim that they have said they play on the consoles ever since they started.

I believe it is an RMT operation. I don't know how they are doing it but I believe the RMT are accessing user accounts without authorization. If you click the link on BG form you will see an eye witness account (with screenshots) of one such occurence where one person was in a merit party and disconnected. He then was logged in after and his linkshell watched helplessly as he ran to the city and traded all of his stuff to a lvl 1 character. One account on KI indicates that the CC info was not changed and the GM were able to reset his password and he logged into a stripped account.

Furthermore, there have been suspicions that ffxi related online community web sites may have been infected with malware. Ffxiah.com is one such site that has been thrown under suspicion, and some people claim that when they went to the site it attempted to download malware to their system. It is assumed if this IS the case it may be hidden in one of the banner ads on the web site.

Now one more thing that SCREAMS RMT operations is the sudden appearance of two extremely suspicious sellers across the servers. I don't recommend going to ffxiah.com if you have no protection to look up the names but the following characters have been spotted with extreme RMT like activity.

One character named Moonbank
Servers Moonbank appears on:
Bahamut
Sylph

Vaelfor
Alexander
Odin
Ifrit
Diabolos
Quatzlcotyl
Unicorn
Gilgamesh
Garuda
Cerberus
Kujata
Bismark
Lakshami
Fairy
Hades
Remora

the second susppicious seller just NOW appearing

Sunbank:
Sunbank appears on only the following servers

Sylph
Vaelfor
Pandemonium
Cerberus
Seraph

Now the reason these characters are suspicious is that they do NOTHING but sell very large quantities of extremely valuable goods, all varied greatly. And by this I mean they are selling hauby =1, scorpion +1, peacock charms, elemental rings, e-bows etc etc.

None of these characters have anything being sold of a value less than 200k, and the worst was one that sold a Kraken Club for 20 million gil. The typical sales on the moonbanks in the viewable history averages between 15-35 million and there are no exceptions on any of the servers. Sunbank is following similar trends and is brand new. Sunbank only appeared about 3 days ago whereas moonbanks histories span the past few weeks.

Now in addition to this I call into light the fact that RMT have made prior attacks on the playerbase. S-E has hit the RMT so hard that they have no way of generating gil to sell in game so they have resorted to personal attacks on the ffxi userbase. A short while ago there were RMTs who sent tells to everybody in game with a bogus story and a web link, which those who clicked downloaded a keylogger with some weird extension. Furthermore the link to this same keylogger was posted to many online message boards, including allakhazam here. The admins were having a hard time keeping up with the keylogger links by characters with low post count and they would often strike at the worst time, like 2 am when everybody was asleep.

It is of my personal belief that the RMT are hurting SO badly they are resorting to hacking our accounts to sustain their business. It is common knowledge that many of the RMT farming companies exist overseas in asia, and that the countries associated with these ""gill collecting places" are knopwn for their hackers... very very GOOD hackers. It would not be far fetched at ALL to believe that the overseas RMT farming organizations have resorted to hiring script kiddies to take our gil... and characters from us by force.

Now in addition to this I read somewhere that a possible cause may be the ffxi-linkshell community web site itself. The ffxi community site requires us to enter our login information to access the linkshell community, and if we don't enter our current login information we cannot access it. It is directly linked to our content ID and password in game. It has been surmised that if a certain someone could hack into a well known ffxi cheat program site and post the list of every subscribed user, and this same someone could hack into a ffxi information database web site and expose a coverup scam, in addition to a certain online monetary payment site, that the RMT could hack into the linkshell community web sitee and plant a bug. it's not a definite but the fact that people who ONLY play on Ps2 and X-Box 360 are being compromised as well points to it being a possibility. if one such person has a computer or visited an internet cafe and entered their playonline info on the linkshell community should it be bugged it would affect their game on the consolde toom as the account info is identical.

Finally to warp up my post I offer a warning. I won't lie to you, this frightens me. The fact that the numbers of accounts of theft happening has increased is a sign that SOMETHING is wrong. And S-E has a user agreement policy thats @#%^8NG BRUTAL. I took the liberty of reading s-e's user agreement and I was horrified. The link to the agreement is below and I urge you to understand that if you get hacked its game over forever. The link to the agreement is

RIGHT HERE!!

To quote a few of the lines that hit hardest

S-E holds the right at their sole disgression to ban or suspend an account without prior notice. Any breach of any of the rules is warrent for immediate suspension.

You are solely responsible for the security of your account. if you get compromised whether by fault of yourself or someone else tough. They will not be held liable nor will they help you with recoveery even if you are an innocent victim.

(this one is a good one) --- you may not in any way record or reproduce any converstions with s-e or any of its representatives.

In other words those people who FRAPS GM conversations and post them online are breaking the TOS.

Should you have a problem with s-e or any of its affiliates tough. You agree to defend s--e in the court of law and indemnify them from any and all damages caused by your losses.

You are not entitled to recieve damages from s-e should you get screwed due to the agreement. If you dont like it tough.

This one deserves a durect quote

Quote:
SEI makes no assurances, representations or warranties whatsoever about the accuracy, currency or continuing availability of this Player Data at any time and reserves its right, at any time and from time to time, without notice to you, to delete all or any part of your Player Data. SEI shall have no liability to you or to any third party for any such deletion, and further shall not be held responsible for any complete or partial deletion done or caused by you, any third party, or other act or occurrence beyond SEI’s reasonable control, such as a fire, power outage, natural disaster, terrorist act, equipment failure or any other such act or occurrence, whether or not similar to the foregoing


This one needs quote too
Quote:
"Prohibited Activities"):
(c) Taking any action that has the effect of tarnishing or otherwise damaging the reputation or credibility of SEI or any of its business partners;


And finally

Quote:
3.4 Suspension.
PlayOnline Service may be temporary suspended in whole or in part without notice due to routine maintenance, emergency repairs, fire, flood, explosion, war, strike, embargo, governmental action or failure to act, the act of any civil or military authority, act of God, or by any other causes beyond SEI's control whether or not similar to the foregoing, or any other reasons that SEI determines in its sole discretion that temporary suspension is deemed necessary.


Yup, they're even protected against acts of God O.o.

Case in point, be extremely careful with your account information now. If you lose your account even if you are an innocent victim it's not recoverable. S-E has a policy of guilty until proven innocent according to their user agreement, and the GM not being able to help you is actually an enforcement of what s-e themselves has us agree to every time we click "play".


Melphina is safe for now.... Thankfully I had a backup PC logged in on the login screen for my spare account. But I ALMOST lost her and I don't know how. I don't download anything, and I believe the RMT have found SOME way to render our account info from us.

So for now I'm not gonna be logging in for a tad. I'm gonna look into getting a new PC (my old one is garbage anyways). If it's something stored locally it woudl have been on my main computer which no longer has the software. I changed the password on a different unit but I'm not chancing it. I've put too damn much woork into Melphina dn Goldie to lose it all now, and I advice you guys to take similar precautioons.

RMT are out there, and they have turned their focus on us. I can't find this coincidence by any small factor.

Edited, Sep 13th 2008 8:07pm by Darqflame
____________________________
[ffxisig]56619[/ffxisig]

There are 10 kinds of people in the world. Those who understand binary, and those who don't.
▲ Page top
#2 Dec 09 2007 at 5:21 AM Rating: Excellent
__DEL__1686529029506
View User Forum
Sage
***
3,835 posts
Ouch Melphina. :(

Pretty spooky, it's tough to accuse you of hacking. I'll take the warning to heart...wonder if Peerguardian might help...

edit:
Melphina wrote:
Now in addition to this I read somewhere that a possible cause may be the ffxi-linkshell community web site itself. The ffxi community site requires us to enter our login information to access the linkshell community, and if we don't enter our current login information we cannot access it. It is directly linked to our content ID and password in game.


/stagger.
I didn't know about this, hadn't checked that site yet; sort of glad I didn't now. :(

Edited, Dec 9th 2007 7:23am by Sioux
▲ Page top
#3 Dec 09 2007 at 5:31 AM Rating: Good
__DEL__1591870554671
Scholar
**
602 posts
If I could rate you up, I so would. Very well written and case made... Will be updating my Account User Name when I get home!
▲ Page top
#4 Dec 09 2007 at 5:38 AM Rating: Excellent
Melphina
Guru
***
3,777 posts
Thank Sioux. As I said for now Melphina is safe. But the thought that I almost lost her is terrifying. The through of Melphina... and Goldsage... My precious Goldie whom I have melded over the past three years into a level 100 goldsmith.... in the hands of those scumbags frightens the ever living bajeesus outta me. If RMT took over my crafting character I would have been more upset than you could imagine. Plus I'm FINALLY on track to getting my relic dagger started. I'm beginning my saving up after all this time and I do NOT want to risk it.

So I'll be going out and buying a new PC later this week and supplying it with all the necessary security softwares, and then not using it to check any ffxi related web sites >.<.

Once again i reiterate... after I changed my passwordf I updated my definitions of viruses and spyware and it came out CLEAN. I don't understand HOW but my account was nearly compromised while norton and spysweeper say i'm not dangerous.

SOMETHING is up and I don't know what, but I have been saving up for a new computer for a while now. It looks like its time to just spend the last bit on credit and get it. I'm not gonna fall so easily if I have anything to do with it.

Yes the linkshell web site is directly linked to your playonline content ID and password, and to access th site you must enter it. If you change your password in game you must use the new one on the web site. It IS a possibility thee RMT have found and are exploiting a bug in an internet browser or a secuirity leak to gain access through that.

I have used linkshell community before, that web link has been removed. I wont be using it again ever,cconsidering its online and not in game, and has direct ramifications to my in game account.

Ffxiah.com??
Linkshell community??

Ffxiwiki having a grudge over the incident with gamemon?
Soomething else entirely??

All of the above have been proposed and suggested, and none of them seem any more likely OR unlikeely than the other. But i attest with my own persoanl voice that its actually REAL. You gusy know me, I've been around since near day one. I would not lie about this.

If you don't believe the other accounts I ask you to listen to ME. It happened, and I almost lost it all. I'm a huge security freak so this took me by shock.

I told my linkshell leader in game of the occurence and also a close friend. I'll be returning when I get a new fresh system with another new password. I don't take chances and I take this kind of crap seriously.

Moonbank and Sunbank just close the case that its yet another organised RMT attack on the playerbase to support their industry which they cannot do by any other means.

You have been warned!!!

Edited, Dec 9th 2007 8:39am by Melphina
____________________________
[ffxisig]56619[/ffxisig]

There are 10 kinds of people in the world. Those who understand binary, and those who don't.
▲ Page top
#5 Dec 09 2007 at 5:43 AM Rating: Good
Theonehio
Scholar
Avatar
*****
12,820 posts
Yeah, I also mentioned that:

FFXIAH
FFXI-Atlas

are targets and have been targeted (aka keyloggers/virus writers)so those are also 2 sites that I know could likely cause a problem.
____________________________

▲ Page top
#6 Dec 09 2007 at 5:43 AM Rating: Decent
Zariamnk
Scholar
****
4,993 posts
Wow, that sucks...

I'm gonna remove the links to FFXIAH from both of my FFXI computers, and stop using the Linkshell Community (I haven't used it for a long while anyways).

Thankfully, I got a Linux-based laptop that I do not play FFXI on, for my FFXIAH needs.

Hopefully, FFXIAH is the only infected site. Bleh. I'd hate to think that others could be infected too, has anyone found anything malicious in Somepage or Wiki?

Oh, and Melphina... have you ever visited Taj's website, what was the address to that, something like euphidime or something like that? Maybe he's got a trojan on his webpage or something...

I went there but once, but I don't think I'll be going there again, that guy has just too much shady history behind him for me to trust him, personally, and I'm not risking my info either.

Also, Norton... I've heard many people say that Norton isn't really the best choice in Computer Security, in fact I've heard many people say that Norton is actually one of the worst ones, depending on who you ask. I suggest using a free trial web-based Virus/Trojan/Malware scanner from another Virus company's website just to be sure.

Eek, FFXI-Atlas too? Gaaaaaaaaah.

Stupid b*stards... attacking our only good means of information on the net... *Sigh*

Edited, Dec 9th 2007 8:44am by Zariamnk
▲ Page top
#7 Dec 09 2007 at 5:51 AM Rating: Decent
Theonehio
Scholar
Avatar
*****
12,820 posts
Apparently some people got a trojan from visiting taj's sites before..

Kind of sad now though..
____________________________

▲ Page top
#8 Dec 09 2007 at 5:53 AM Rating: Decent
Tidane
Scholar
Avatar
***
1,519 posts
Theonehio wrote:
Apparently some people got a trojan from visiting taj's sites before..

Kind of sad now though..


Sourceplz.
▲ Page top
#9 Dec 09 2007 at 5:54 AM Rating: Excellent
__DEL__1602461847718
Sage
***
1,099 posts
I agree that the current trend is quite worrying, and I'll be sure to look over the ToS for us EU clients and report back if the ToS is actually legal (we have very strict laws on data protection).

One thing I would point out, the Act Of God clause. Almost every insurance policy has an Act Of God clause, its not because they don't want to pay out trillions if Armageddon appears tommorow, its just a general get out clause incase of a massive natural disaster. Say tomorrow a volcano appeared under Washington DC and errupted, they could attribute that as "an act of God".

If you read your insurance details (in America) you will probably find that you will not be covered if the US is invaded tomorrow and your car is blown up by the invading force (act of War). We know its not really likely that Russia will invade the US tomorrow, but clauses like this are quite common.

Anyhow I'll go read the EU ToS and tell you if it holds water ;)
▲ Page top
#10 Dec 09 2007 at 5:58 AM Rating: Excellent
Tasera
View User Forum
Sage
***
1,738 posts
Your post gave me the creeps, Melphina. I'm glad that you were able to save your characters. Thank you for warning us about this.
____________________________
Mazra wrote:
I looked out the window and saw a big fireball in the sky. I'm not going outside until it's gone.
▲ Page top
#11 Dec 09 2007 at 6:00 AM Rating: Good
Theonehio
Scholar
Avatar
*****
12,820 posts
If you must visit the targeted sites, and you use firefox make sure to use:

Ad-Block Plus
No-Script

And any other add-ons you think would be good.
____________________________

▲ Page top
#12 Dec 09 2007 at 6:00 AM Rating: Good
__DEL__1686529029506
View User Forum
Sage
***
3,835 posts
I cannot BELIEVE people are still buying gil. It's so easy to make money now I can do it while dead.

Good god people, don't buy gil, you're buying the gil stolen from other accounts now*. Un-freaking-believable. Smiley: oyvey


*Actually I really doubt people from Alla are buying gil, but just in case.
▲ Page top
#13 Dec 09 2007 at 6:04 AM Rating: Excellent
__DEL__1647217076373
Scholar
****
4,447 posts
Quote:
Apparently some people got a trojan from visiting taj's sites before..

Kind of sad now though..


You are the first person I've seen mention anything of this sort.

HOWEVER, a couple months back Taj did hack into the Linkshell community site by way of brute-force (which basically means having a program just run through all possible combinations) and a number of people were listed on his site (I think this was just before the FFXIApp hacking he did) as having really poor passwords. He listed these people out and told them to change their password, as it would be easy to hack them. I don't know how many people saw that list, but Taj did show that the LS community site was vulnerable, as well that some people have really poor passwords.

Now, I wouldn't put it past Taj to be the one behind some of these hackings, but most likely it's either unrelated, or someone got an idea for hacking people in a similar manner or just people on Taj's list for this.
▲ Page top
#14 Dec 09 2007 at 6:11 AM Rating: Excellent
Melphina
Guru
***
3,777 posts
ya, the NA ToS is downright disgusting. I really dont know how or where I got compromised. I used linkshell community, I used ffxiah.com, and I used wiki and other sites. I never actually downloaded anything but if a script kiddie is good enough he can do that for you. I don't really believe it's Taj thogh. I'm almost CERTAIN it's RMT. The attacks a few months back on message boards and in game, combined with Moonbank and Sunbank tells me this is a massive organised attack on us as players and is not a one man deal.

If you go to an internet cafe look up moonbank and sunbank on ffxiah.com. You may be shocked what you seel. at least 20-30 million gil each character on every server they appear, all in very valuable items that have no correlation (IE scorpion harness with flame ring with e bow with aristocrats cape), stuff that touches all jobs and has no common denominator other than "BIG $$$ MONEY ITEMZZ".

I'll be buying a new PC because norton and webroot have failed me if it slocally stored, and because I've been saving anyways and my old one is.... well... old. It'll be simple enough to manage.

New computer for game and only in game, never visit any web site stuff outside game. Have proteection.

Old computer to look up stuff on wiki or w/e. But considering that worms and such can go through networks via ethernet It could still be risky to have the new PC connected to the same network as my current one with both turned on.

I'm gonna go to sleep now, I've been up for a while. hen I get back I better still have Melphina waiting for me, cause if I don't I know already theres nothing I will be able to do because s-e has a user agreement policy nothing short of inhumane and just plain BAD customer service. Otherwise I don't think I would be able to return. I could never replace my account, I've just put too much time and effort into it. The level of advancement I have reached has come from waaaay too much playtime, and I'd never be able to get it back.

I really DO wish S-E would amend their user agreement, because as it stands the agreement sides with the hackers and NOT the playerbase. It basically says "if you get hacked too bad we can't help you". Meaning if someone could get your info they walk away scott free, and that we agree to s-e not helping should such an occurence happen. That just isn't right. We're paying customers, we support their pay checks. If something happens they shouldnt have a POLICY saying we are outta luck. Thats not how customer service industry works. Their user agreement is ANTI customer service. They wont even work with us. Nuff said.

Edited, Dec 9th 2007 9:15am by Melphina
____________________________
[ffxisig]56619[/ffxisig]

There are 10 kinds of people in the world. Those who understand binary, and those who don't.
▲ Page top
#15 Dec 09 2007 at 6:15 AM Rating: Good
__DEL__1591870554671
Scholar
**
602 posts
I happen to agree with you. Out of all the people I have see, read, or know been hack, SE has always been of no help. Even right now on Asura forum a person is warning people that his account was stolen.

SE should make some changes. What changes... I have no idea, not that smart!
▲ Page top
#16 Dec 09 2007 at 6:17 AM Rating: Excellent
__DEL__1593369996003
*
121 posts
If you're going to read SE's TOS the 2 main clauses you need to pay attention to are these, which put in perspective all the other nasty sounding clauses.

(Bear in mind I am English and people from other countries will have slightly different clauses)

5.1 Governing Law and Jurisdiction. This Agreement is governed by and shall be constructed in accordance with English Law. English courts shall have jurisdiction..... (blah blah rest of clause)

5.3 Severability. If any provision of this Agreement is determined by any court of competent jurisdiction to be invalid or unenforceable, such provision will be interpreted to the maximum extent to which it is valid and enforceable..... (blah blah rest of clause)

In other words, like all large companies, SE put in a load of scary sounding clauses to cover their **** from every angle but many of those clauses will not stand up in court if it ever went that far.

Remember, a company's TOS does not have to be paid attention to if it breaks local, national or international law which many do.

SE's legal department rely on the vast majority of people being put off by these clauses and make it seem like you have no rights but if you are persistent enough and SE have done something legally wrong, they will either eventually settle out of court or do what you want.

You just need the persistence, knowledge and sometimes money to take it all the way.
▲ Page top
#17 Dec 09 2007 at 6:32 AM Rating: Excellent
__DEL__1602461847718
Sage
***
1,099 posts
Pintpot, the EU contract is governed by English Law, the US is by California law, and the Japanese by Japanese Law. The English one, doesn't appear to have "Act Of God", not sure why, possibly because SE would't really be able to serve him a summons to appear in court and be asked "Was this really an act by you?"

The ToS though, well, I did read it and to me it does seem reasonable. The only one which may be a bit off is the ability to change the ToS without warning. If SE were to change it in such a way as to cause a huge detriment to the Client, the Client would have a legal 30 day's to cancel their contract without loss.

The "Data" one appears to refer to statistics, not actual character Data, but even with that SE state they have to take reasonable precautions with it, so if it were to be deleted by some new support staff who hit a "DO NOT HIT ME!" button, SE would be liable (under their own ToS).

SE are under no obligation to assist a person who has broken the ToS either, which is reasonable, if you use a hack, its at your own risk, and if it has a keylogger, then SE can say "nope, your fault, tough"

I think the main principle that SE have to legally uphold is reasonable duty of care, they have to make sure that your data is secure enough, so that no random person can get hold of it. So PS2 users without a PC, if they lost their accounts could have recourse in claiming SE have not upheld their duty of care, PC owners with every hack under the sun, would be outta luck.
▲ Page top
#18 Dec 09 2007 at 6:40 AM Rating: Decent
lolgaxe
View User Forum
+1
*******
50,767 posts
Sounds a lot like fluff, but giving the benefit of the doubt, I'd be more concerned with checking out any and all forms of credit and banking I had to my name than succumbing to panic. I know if I were an "RMT," your credit card and bank information would be much more enticing than a crappy MMO character.
____________________________
George Carlin wrote:
I think it’s the duty of the comedian to find out where the line is drawn and cross it deliberately.
▲ Page top
#19 Dec 09 2007 at 6:42 AM Rating: Decent
__DEL__1591870554671
Scholar
**
602 posts
So since we are looking at the TOS, have an interesting question! What if you given an account by a friend, and that friend tried to get it back?

I think this is one of the issues SE faces when it comes to hacks stealing peoples accounts. How does SE know that a player hasn't given his account to someone else or sold it. I know SE doesn't allow people to sell accounts, but we are aloud to give them away. If SE did return accounts back to people, what would stop then from selling accounts, only to get them back for free by reporting them stolen?

Just wondering....
▲ Page top
#20 Dec 09 2007 at 6:50 AM Rating: Excellent
__DEL__1591815894342
Sage
**
340 posts
Hey, that sucks hard, Melphina. I'm really glad you managed to keep control of your character. I'm going to log in right now and change my passwords. Not that I have a whole lot of stuff to steal.

Now that I think about it, if the assailants are hijacking people with big money items and selling them, how are they going about it? They could be randomly gaining access, but a trial and error method seems terribly inefficient. IF I were to conceive of a way (and for the love of Altana, don't read too much into this) I would use a program to read the client side inventory info and scan it for valuable items. A program just like AltanaCubby (which I use), except that it sends information back to a hacker's computer, including a keylog. Or possibly, since PS2/360 users can't use Cubby, using the FFXIAH player history for identifying potential targets, and obtaining their login info by another means. These are just theories, mind you, and purely speculative, but I think it's something to look into.

I think it might be a good idea to see a sticky about this, if only just to remind people to change their passwords occasionally.

[EDIT:] Wait a second, why is it that while YOU are actively playing your character, and someone else logs in as you, you get a "Logged in from another client" error, but when I get booted from the server (R0) and try to get on ASAP, I get "Character already logged in. Try again later"? That seems a little silly to me.

Edited, Dec 9th 2007 9:55am by CrownDefender
▲ Page top
#21 Dec 09 2007 at 6:50 AM Rating: Excellent
KojiroSoma
Scholar
****
4,511 posts
Mel, may i ask...?

Do you use any passwords on other websites such as FFXIAH, KI, allakhazam and the likes that you use for your POL ID as well?

It may very well be something like this. However, it is truly frightening ._.

The thought that it may happen to any of us at any given time...
____________________________
[XI] Surivere of Valefor
[XIV] Sir Surian Bedivere of Behemoth
http://na.finalfantasyxiv.com/lodestone/character/2401553/
▲ Page top
#22 Dec 09 2007 at 7:00 AM Rating: Good
__DEL__1606090802605
View User Forum
Sage
*****
11,742 posts
Wow.
▲ Page top
#23 Dec 09 2007 at 7:15 AM Rating: Excellent
__DEL__1592777774572
**
337 posts
This makes me want to change my password to something a little more secure. If I do that, should I uncheck the save password to be safer, or would it not matter?
▲ Page top
#24 Dec 09 2007 at 7:18 AM Rating: Excellent
__DEL__1653265001005
Scholar
*
233 posts
Okay guys...It is FOR SURE FFXIAH. I just went there to check on some of my mules and I got 3 pop ups for trojan horse threat detected. My windows security also started blocking some kind of script that came in. I am not sure what they all were but I hope they were substantially blocked. DO NOT GO TO FFXIAH.
▲ Page top
#25 Dec 09 2007 at 7:40 AM Rating: Excellent
Melphina
Guru
***
3,777 posts
Ok since I can't sleep I decided to get up for the day, being Sunday, and see if I could crash later tonight.

Quote:
Mel, may i ask...?

Do you use any passwords on other websites such as FFXIAH, KI, allakhazam and the likes that you use for your POL ID as well?

It may very well be something like this. However, it is truly frightening ._.

The thought that it may happen to any of us at any given time...


yes my old password was similar to ones I use on online things such as e-mail, although it isn't now even anything remotely close. However the password alone isn't enough, they also need my account ID to get at me. The fact that they logged me in tells me they had not only my password but the corresponding ffxi user ID too, which is two pieces of information, and one supplied by S-E.

Quote:
This makes me want to change my password to something a little more secure. If I do that, should I uncheck the save password to be safer, or would it not matter?


It's best to manually enter your password every time. If you click the "save [password" so that you automatically log in every time you open playonline viewer what happens is the computer creates a small script that stores your password locally on your computer. Every time you log in your password has to be sent to the s-e servers, and by setting it to auto save you put that information onto your computer. The computer then accesses the mini script every time you tell it to log you in and uses that source.

If someobody got ahold of your computer and decoded the script it would actually be EASIER for them to take over your account NOT harder. Using the "save my password so I don't have to enter it manually" is actually a liability not a strength.

If its a keylogger then the script would still be logged just as if it were actual keystrokes, there is no difference. I type my password in manually for this very reason.


And on the bank account information: Thankfully the credit card data is stored server side. I checked my billing info and it was unaltered, but the only thing you see on playonline is the last 4 digits of your CC ingo, the first 12 are coded as asterisks and as such your CC info should still remain safe/ Your account info however wouldnt be so lucky..

And with that I'm gonna try and log in on my alternate pc. I never visited any sites on that one, so in theory it should be safe. Since I changed the password over there if its infected it would be too late anyway. heres to hoping.
____________________________
[ffxisig]56619[/ffxisig]

There are 10 kinds of people in the world. Those who understand binary, and those who don't.
▲ Page top
#26 Dec 09 2007 at 7:43 AM Rating: Good
KojiroSoma
Scholar
****
4,511 posts
Well, it may be a good idea to download some new trojan guard things.

I never really updated my own, and running this new one, i already found 33 registery items, and 127 infected files -_-

Can't say where it's comming from, but damn. Seeing that many files kinda shocked me. I should change my password imidiately.
____________________________
[XI] Surivere of Valefor
[XIV] Sir Surian Bedivere of Behemoth
http://na.finalfantasyxiv.com/lodestone/character/2401553/
▲ Page top
« Previous 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
This thread is locked
You cannot post in a locked topic!
Recent Visitors: 3200 All times are in CST
Anonymous Guests (3200)
© 2024 Fanbyte LLC