open All Channels
seplocked EVE General Discussion
blankseplocked HACKING SPREE
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: 1 [2] 3

Author Topic

Raid'En
Posted - 2010.11.13 18:23:00 - [31]
 

Originally by: Miss President
question to CCP:

If a hacker uses a program that guesses password, do you have a feature in game the locks the account out for a certain time and notifies the owner after a certain number of failed attempts? If not, then why NOT?

best line of defense, don't use account names same as your game names and emails.



that's an interesting question, want to know also if there's some sort of security to avoid this.

Useful Alt
Posted - 2010.11.13 18:26:00 - [32]
 

Originally by: Raid'En
Originally by: Miss President
question to CCP:

If a hacker uses a program that guesses password, do you have a feature in game the locks the account out for a certain time and notifies the owner after a certain number of failed attempts? If not, then why NOT?

best line of defense, don't use account names same as your game names and emails.



that's an interesting question, want to know also if there's some sort of security to avoid this.


imagine if it was locking an account:

time to invade this system, let start operation lockdown

( 42 persons running eve client locking out enemy account)

Feilamya
Pain Elemental
Posted - 2010.11.13 18:32:00 - [33]
 

Two friends got their account hacked at the same time ... Which scenario do you think is the least plausible?

[ ] By coincidence, the accounts of two friends, who never gave their passwords to each other and never did any other stupid things that could compromise their account security, got their accounts hacked at the same time.

[ ] Your friend (whom you gave your password to) gave your password and his password to another "friend". He made up the story of his account being "hacked", because he's afraid of the consequences of his stupidity.

[ ] Your friend (whom you gave your password to) stole your account. He made up the story of his account being "hacked" for obvious reasons.

Aessoroz
Nohbdy.
Posted - 2010.11.13 18:35:00 - [34]
 

Edited by: Aessoroz on 13/11/2010 18:39:07
Edited by: Aessoroz on 13/11/2010 18:38:26
Edited by: Aessoroz on 13/11/2010 18:36:41
Edited by: Aessoroz on 13/11/2010 18:36:17
Edited by: Aessoroz on 13/11/2010 18:35:45
Originally by: Raid'En
Originally by: Miss President
question to CCP:

If a hacker uses a program that guesses password, do you have a feature in game the locks the account out for a certain time and notifies the owner after a certain number of failed attempts? If not, then why NOT?

best line of defense, don't use account names same as your game names and emails.



that's an interesting question, want to know also if there's some sort of security to avoid this.


Given that CCP has forced password requirement of at least one capital, one lowercase and one number in a password with a minimum length of 6. There's 62 possible characters in each position of the password which means theres 56,800,235,584 possible combinations to guess the minimum password, if someone has 8 characters, then it explodes to 218,340,105,584,896 combinations. It just isn't possible for someone to crack the password tha through an interface such as the game or the account login page within a human lifespan. Certainly passwords can be bruteforced in minutes with some setups even with that many combinations BUT that requires the interface you're guessing the passes in to be more local or little more responsive then when essentially DDOSing a server.

T'Laar Bok
Posted - 2010.11.13 18:36:00 - [35]
 

Originally by: AdamiaMaxima
i have 4 antiviruses on this comp


Theres your problem. Unless you have at least 5 you're just fooling yourself. I have 6, one for each monitor and have never had an issue.

Major Kaboomski
Posted - 2010.11.13 18:46:00 - [36]
 

Originally by: Aessoroz
Edited by: Aessoroz on 13/11/2010 18:39:07
Edited by: Aessoroz on 13/11/2010 18:38:26
Edited by: Aessoroz on 13/11/2010 18:36:41
Edited by: Aessoroz on 13/11/2010 18:36:17
Edited by: Aessoroz on 13/11/2010 18:35:45


Editing lvl 5 ?

ceaon
Posted - 2010.11.13 19:40:00 - [37]
 

Originally by: AdamiaMaxima
IVE had my account hacked about 24hrs ago and my friend's account got hacked today. is ccp doin anything about this or is a fkin hacking spree gonna be let pass by like nothing happened?

dont use same email and password on eve fansites

Ash Donai
Minmatar
Kanu Industries
Posted - 2010.11.13 19:41:00 - [38]
 

Originally by: AdamiaMaxima
IVE had my account hacked about 24hrs ago and my friend's account got hacked today. is ccp doin anything about this or is a fkin hacking spree gonna be let pass by like nothing happened?

Getting hacked is 100% user error, so are you going to fkn do something about it or "gonna be let pass by like nothing happened"?

Learn to use a computer ffs.

Gravemind GER
Caldari
Fnord Works
The Initiative.
Posted - 2010.11.13 19:44:00 - [39]
 

Originally by: Lady Spank

CCP cant fix stupid.


^This

Nominated for the Quote of the Year Laughing

Zhim'Fufu
Posted - 2010.11.13 21:14:00 - [40]
 

Originally by: AdamiaMaxima
i have 4 antiviruses on this comp i doubt a key logger got through without being noticed
Even 4 anti virus programs can't detect anything if there is no definition file for it. So if you think you are safe browsing pron/furry/furry pron sites even with 4 running at once you are quite naive as they make new trojans and viruses on a daily basis to get around the definition files.

Soma Doll
Posted - 2010.11.13 21:33:00 - [41]
 

Originally by: AdamiaMaxima
i have 4 antiviruses on this comp i doubt a key logger got through without being noticed


n00b
Couple of years ago, one client was showing me some of his paintings on his PC. PC was booting up for like 20 minutes because he had:

- +4 antivirus apps
- +4 firewall apps
- +5 SpyBot - Search & Destroy a like programs
- all activated on max defense
- approx 20 running apps shown as icons in tray
(RAM optimizer, auto defragmenter, CPU, memory, temperature (and other) load monitors, etc)
- javascript and flash turned off
- desktop was crammed with icons like my cra*py modules station container

I think that only notepad was allowed to start without +5apps nagging for run permission.

At least he finally felt safe Very Happy


Konoch
Caldari
Caldari Provisions
Posted - 2010.11.13 23:03:00 - [42]
 

While the petition might be filed. I'd consider resetting your passwords. A recent incident occured which i'm not at liberty to fully discuss. Suffice it to say a very valued pilot suffered what can only be described as a brute force hack of his eve online account. CCP has been invaluable in fixing the damage but action MUST be taken in regard to what appears to me to be a rampant wave of chaos. What i believed to be an attack by illegal forces against the NC may be infact something even more sinister.

Mr Epeen
It's All About Me
Posted - 2010.11.13 23:27:00 - [43]
 

Originally by: Cyber Blue
Originally by: Useful Alt
Originally by: AdamiaMaxima
i have 4 antiviruses on this comp i doubt a key logger got through without being noticed


i always laugh at people having more than 1 anti-virus

i don't know why


It is because nothing is perfect. What one anti-virus misses, another may get.

I've got the standard Windwos security stuff and 1 anti-virus, 1 malware scanner, 1 spyware scanner, 1 trojan scanner, 1 process scanner. I still do not feel safe. Where's that damn tinfoil!!! Do you see anything imbedded in my teeth?


How odd.

I run no active AV, anti-malware, anti spyware, Trojan scanner or process scanner.

What I do is run the lump of gray stuff in my head in a reasonably efficient manor. I have never been hacked, keylogged or lost important info.

As a gamer of actual games that run a fair bit of CPU, the last thing I want is a bunch of crap programs on my PC tying up perfectly usable CPU cycles for nothing.

Smart computing is safe computing. Learn how to do it right.

Mr Epeen

Smokin Phil
Posted - 2010.11.13 23:34:00 - [44]
 

4 antivirus just isn't enough - you need at least 5

Bhattran
Posted - 2010.11.13 23:44:00 - [45]
 

Originally by: Smokin Phil
4 antivirus just isn't enough - you need at least 5


^industry standard, plus at least 6 firewalls otherwise what's the point?

Brennivargur
Posted - 2010.11.13 23:55:00 - [46]
 

Originally by: Mr Epeen
Originally by: Cyber Blue
Originally by: Useful Alt
Originally by: AdamiaMaxima
i have 4 antiviruses on this comp i doubt a key logger got through without being noticed


i always laugh at people having more than 1 anti-virus

i don't know why


It is because nothing is perfect. What one anti-virus misses, another may get.

I've got the standard Windwos security stuff and 1 anti-virus, 1 malware scanner, 1 spyware scanner, 1 trojan scanner, 1 process scanner. I still do not feel safe. Where's that damn tinfoil!!! Do you see anything imbedded in my teeth?


How odd.

I run no active AV, anti-malware, anti spyware, Trojan scanner or process scanner.

What I do is run the lump of gray stuff in my head in a reasonably efficient manor. I have never been hacked, keylogged or lost important info.

As a gamer of actual games that run a fair bit of CPU, the last thing I want is a bunch of crap programs on my PC tying up perfectly usable CPU cycles for nothing.

Smart computing is safe computing. Learn how to do it right.

Mr Epeen


Couldn't agree more.
Sorry to say this, but you [those who have antivirus and rely on it 100% to do all the work] are stupid, no antivirus can take care of things, and NO, more is not better. idiots Rolling Eyes

Herzog Wolfhammer
Gallente
Sigma Special Tactics Group
Posted - 2010.11.14 00:05:00 - [47]
 

Originally by: Lady Spank
I'm guessing you and your friend both did something you shouldn't have.

CCP cant fix stupid.




This is why I often go to the Crime and Punishment forum to look at Spank's words of wisdom. <3


Krandona
Posted - 2010.11.14 00:13:00 - [48]
 

Originally by: Mr Epeen
What I do is run the lump of gray stuff in my head in a reasonably efficient manor.

I can site numerous occasions where this clearly wasn’t the case.

Now, back under your bridge.


Adunh Slavy
Ammatar Trade Syndicate
Posted - 2010.11.14 00:31:00 - [49]
 

Recently seen a rash of few day old players advertising some sort of "traders website" in local here and there. Probably not a good idea to visit them.

Phantom Slave
Universal Pest Exterminators
Posted - 2010.11.14 00:39:00 - [50]
 

First of all don't blame CCP. This happened because of something you did, even if you don't know it. Somewhere along the lines you entered the same username and password into another website that was either compromised or was a phishing scam. Depending on how long you've been using your same username/password combo this could be from something you signed up for YEARS ago that's now coming back to haunt you.

If you use the same username/password on any other websites, CHANGE THEM ALL NOW. And make sure they're all changed to something different. Using separate passwords for every website is ideal.

Also, never log into an account from any other computer. Ever. Only YOU know what's happened to your computer. Logging in to anything from another computer that's compromised is never a good thing. This is how my Gmail account was compromised. I was helping a friend who was having issues sending mail through their laptop. I log into my Gmail account from their system and within 72 hours I had some nice people from china enter my account (according to the Gmail IP login tracker). Was the compromised system my fault? No, and I didn't even think about checking it before I did anything.

Also, I don't care how secure you think your computer is, there's still Zero-Day exploits that will never be caught by a virus-scan in time (0-day exploits happened *today* while your OS will get patched sometime in the next few months to fix it).

Barkaial Starfinder
Minmatar
The Kairos Syndicate
Transmission Lost
Posted - 2010.11.14 00:45:00 - [51]
 

More anti-viruses please.

Taedrin
Gallente
Kushan Industrial
Posted - 2010.11.14 01:55:00 - [52]
 

Originally by: Useful Alt
Originally by: AdamiaMaxima
i have 4 antiviruses on this comp i doubt a key logger got through without being noticed


i always laugh at people having more than 1 anti-virus

i don't know why


Having multiple anti-virus programs can cause conflicts between them. IN the worst case scenario, these conflicts will render ALL of your anti-virus programs useless. In the best case scenario, they simply consume vast quantities of system resources. If your system is beefy enough, you won't notice the difference.

Please note: an anti-virus program is NOT the same as a malware/adware scanner. There's nothing wrong with having a primary anti-virus program supplemented by a couple of malware scanners.

eg:
Ad-Aware + AVG = OK

AVG + Nortan = BAD

AVG + McAffee + Nortan + Kapersky = TERRIBAD


MOST IMPORTANT:
Anti virus programs are NO substitute for safe browsing habits, and basic security practices. Anti-virus programs will NOT protect you from everything out there. Heuristic virus scanning algorithms (technically an oxymoron) have not yet been perfected and can't be relied upon. I guarantee you will receive NO protection from a program written by some no-name, who somehow convinces you to download and execute his/her program with administrator privileges. 99% of all computer "infections" are caused directly by the user, and no anti-virus program can help you there no matter how good it is.

Selinate
Amarr
Posted - 2010.11.14 02:03:00 - [53]
 

Edited by: Selinate on 14/11/2010 02:04:35
<never been hacked. I honestly don't know how people manage to get hacked. I've had both windows and mac, been playing mmo's for 9 years or so now, and not once have I ever had an account hacked.

It just bewilders me when I wonder how so many people get hacked in mmo's. Oh well...

EDIT: And yes, I watch my fair share of prOn....

Brakte
Posted - 2010.11.14 02:07:00 - [54]
 

What i would like to know is, how the hell does people even get hacked in the first place, i mean, its kinda obvious if you're download a virus or keylogger :/

'omg its a 300 kb song, lemme download it'
'im sure this program can make my computer much faster'
'wow, free **** movies'

derp

Taedrin
Gallente
Kushan Industrial
Posted - 2010.11.14 02:13:00 - [55]
 

Originally by: Brakte
What i would like to know is, how the hell does people even get hacked in the first place, i mean, its kinda obvious if you're download a virus or keylogger :/

'omg its a 300 kb song, lemme download it'
'im sure this program can make my computer much faster'
'wow, free **** movies'

derp


The vast majority of them happen because they only use one password/username combination. THen all a hacker needs to do is do one of two things:

a) convince people to sign up for his website, by offering some special service for doing so (think Battleclinic, or similar EVE-related websites)

b) compromise an existing website and harvest username/password combos and test them out on EVE-O.


Another strategy is that a hacker will buy advertising space on a website, and load the advertisement with malicious content, which exploits security vulnerabilities in a popular web browser, such as IE or Firefox. Anyone who visits that website while that malicious advertisement is active will get infected. See my other post for why you can't rely on your anti-virus program to program you from these infections.

Scorpyn
Caldari
Infinitus Odium
Posted - 2010.11.14 02:48:00 - [56]
 

4 antiviruses? Most of those don't work very well together, but if only 1 is constantly active and the other 3 are activated manually for every downloaded file or something then it might work out.
Originally by: Aessoroz
Edited by: Aessoroz on 13/11/2010 18:39:07
Edited by: Aessoroz on 13/11/2010 18:38:26
Edited by: Aessoroz on 13/11/2010 18:36:41
Edited by: Aessoroz on 13/11/2010 18:36:17
Edited by: Aessoroz on 13/11/2010 18:35:45
Originally by: Raid'En
Originally by: Miss President
question to CCP:

If a hacker uses a program that guesses password, do you have a feature in game the locks the account out for a certain time and notifies the owner after a certain number of failed attempts? If not, then why NOT?

best line of defense, don't use account names same as your game names and emails.



that's an interesting question, want to know also if there's some sort of security to avoid this.


Given that CCP has forced password requirement of at least one capital, one lowercase and one number in a password with a minimum length of 6. There's 62 possible characters in each position of the password which means theres 56,800,235,584 possible combinations to guess the minimum password, if someone has 8 characters, then it explodes to 218,340,105,584,896 combinations. It just isn't possible for someone to crack the password tha through an interface such as the game or the account login page within a human lifespan. Certainly passwords can be bruteforced in minutes with some setups even with that many combinations BUT that requires the interface you're guessing the passes in to be more local or little more responsive then when essentially DDOSing a server.

You are assuming that people don't use words in their passwords. Those that used bad passwords before just use something like Password1 now.

Using the same username/password combination in more than one location (such as your eve online account, your corp website, your corp teamspeak... you get the point) is also way too common. Even if the person hosting those isn't malicious, there is always a risk that they will get hacked, especially if they aren't kept up to date.

King Aires
Kwame's Executive Protection Detail
Posted - 2010.11.14 03:11:00 - [57]
 

Originally by: Annie Anomie
I blame Public Schools :D


Quick Fix

Raid'En
Posted - 2010.11.14 03:19:00 - [58]
 

Originally by: Aessoroz

Given that CCP has forced password requirement of at least one capital, one lowercase and one number in a password with a minimum length of 6. There's 62 possible characters in each position of the password which means theres 56,800,235,584 possible combinations to guess the minimum password, if someone has 8 characters, then it explodes to 218,340,105,584,896 combinations. It just isn't possible for someone to crack the password tha through an interface such as the game or the account login page within a human lifespan. Certainly passwords can be bruteforced in minutes with some setups even with that many combinations BUT that requires the interface you're guessing the passes in to be more local or little more responsive then when essentially DDOSing a server.

i was thinking about software done for testing password, not done it manually. may be not clear enough.
so these types of things will need a dos attack or something like that, and so server won't allow it ?

Hra Neuvosto
The 8th Order
Posted - 2010.11.14 03:23:00 - [59]
 

This thread delivers.

Also, much laughs were had on corp comms over this situation.

Lily Fair
Posted - 2010.11.14 03:27:00 - [60]
 

This is what happened.

You two were either account sharing, or your friend just got his eyes on your password.

He took over your account, immediately making you think you have been hacked. He then explains that his account his hacked as well. Your friend is either playing both accounts, or made a new account and transferred everything worth transferring to that account. Most likely also his main char.

Scenario what ever it may be, you have been had by your friend.


Pages: 1 [2] 3

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only