Re: Interesting Alla thread on accout hijacking

-The first thing you have to do to be safe is placing your comp in one of those old bunkers or nuclear missile sheds so they survive in case of a nuclear catastrophe.

-Then you pay for security super computers to guard your system against all unwanted traffic (may still slow down your connection a little bit).

-And last but not least, stop visiting unsafe sites without a good anti-malware/spyware program installed in your computer and/or simply use a separate (cheap) computer to surf sites that could be potentially dangerous (specially heavy advertised-content sites). So if you get infected you don't compromise your POL info.

I think that could help a little bit with this kinda issues, but not sure.

Re: Interesting Alla thread on accout hijacking

This kind of thing does get me to thinking about whether it's getting time to reinstall the OS again. Windows is supposed to be there for FFXI only and I'm getting a little too comfortable with it, need to get the important stuff going under GNU/Linux again and nuke Windows for good measure.

If you are using and can't reinstall Windows on a regular basis, you've got too much invested in your install for your own good.

Re: Interesting Alla thread on accout hijacking

Unfortunately, I work for a place with some pretty strict network rules, and as such, I can't get out on the net to actually do the research that I'd like to do about this.

From what I've read, I've seen something about a banner ad on a FFXIAH.com and something concerning a FF linkshell community website. ...there were also mentions of 3rd party software (yet again).

Which way is the community leaning on this? Thanks for the info. I'd love to look myself, but I can only access 2 websites from work that don't flag games or gaming.


Replies appreciated.


~W

Re: Interesting Alla thread on accout hijacking

what i see about the ffxiah banner. is that its when people are using IE. so dont use IE. is 1 idea. (internet explorer) use mozzila! or like linux on a ps3. very secure.

Re: Interesting Alla thread on accout hijacking

There have been complaints about firefox showing at least some vulnerability to the attack as well. If you're concerned, you may want to disable JavaScript, though that will render some sites unusable.

The majority of the accounts I've read either have no insight as to how they were targetted (a few people think that there may be some exploit that allows an attacker to change your password without even logging in as you and blame SE security, but no real evidence as far as I know), or blame the Linkshell Community site. I myself have no intention of ever touching the Linkshell Community site, but can someone familiar with it tell me if it's possible to change your password there? I'm under the impression LS Community and POL use the same login/password, and the accounts suggest that either the password is being changed before the first attempt by the attacker to log into POL, or it is being done within a span of a few seconds, which would certainly require some kind of third-party tool to do through POL.

It's worth noting that some of the account compromises were on Xbox 360 players, though I believe the majority are PC users. We may well be looking at several compromise vectors here.

Edit: Since people tend to immediately blame a particular third-party program the moment the question of a compromise comes up, I decided to take a look over at the Windower forum. Interestingly, no one has posted about account hijacking over there at all, and seeing as there are plenty of posters there not shy about admitting how much they use and love said third-party tool...

Re: Interesting Alla thread on accout hijacking

Interesting. tyvm.

Re: Interesting Alla thread on accout hijacking

That's just scary beyond words.

Re: Interesting Alla thread on accout hijacking

why didn't they have adequate virus protection to detect the trojan? most now have heuristics that could have detected it. Its peoples own stupity if they leave themselves vulnerable, no end of news articles threads etc has put the basic message, protect your computer with virus protection software, preferably one that works.
------------------------------------------
Also stop your "one hand surfing" and keep away from warez sites.

Re: Interesting Alla thread on accout hijacking

Unfortunately, there is no software package that could be considered even remotely "adequate" if you want to be 100% secure. There will always be infections of any sort that will slip through the cracks. Like the e-card issue from this summer. From 6/26 - 8/15 it ran rampant and then McAfee published a definition set with the fix. A month and a half of rabid spread despite international press. A private and commercial menace that was spread independent of porn surfing which, in today's environment, isn't really a big source of infection.

If anyone's really concerned about infections they'll get paranoid. Get a name brand AV suite (even Norton is acceptable if you don't mind the resource waste), switch off of IE to something you have control over what scripts pages use and, more or less, stop downloading any old thing. Limewire and MySpace, I'm looking at you.

Imo, if people are paranoid enough they'll pick up firefox and run NoScript. It's obnoxious but stops random crap from being run on your systems. Like everything else, it's not proof against any attack but it goes a long way in stopping drivebys that you'll pick up from banners.

A buddy of mine got his wow acct permanently banned for 3rd party app usage even after he hadn't subbed up for 6 months due to a keylogger he picked up somewhere. Maybe from a mod site. Maybe from some crap he picked up off of usenet. Maybe from just plain bad luck. Whatever it is, he's constantly running a battery of cleaning apps and he still got dinged.

Also, about IP tracking the source of the rogue user. It's doable. It's extremely easy. Joe uses his acct from a US based IP with no complaints then, suddenly, Joe starts connecting from the Eastern Bloc and running illegal apps. Suspicious? Yea... Unfortunately, acct reps don't have access to that info and company policies don't give them the time to follow up with the tech guys who do so there's no way, short of escalation (which doesn't work) to get the info.

Blah.

Re: Interesting Alla thread on accout hijacking

I got Kerpersky labs internet suite for £21.99 from amazon, it has an advanced hueristics system that can identify and quarantine any file it finds which has suspicious code and could be a virus. it has doen this to my machine when surfing normally (i.e. not doing any one hand surfing or warez downloads) and it quarantined 4 files, 2 were normal cookies the other 2 were viruses, it didn;t know them on the data base so it emailed them to kerpersky labs and deleted them off my system then ran a background scan to make sure they were gone.

Virus detecting software is getting better especially with preventative heuristic scans. in recent poles Macafe and Norton have been near the bottom of the top 10 virus prevention software.

Re: Interesting Alla thread on accout hijacking

Don't remind me of Norton >.>;
On my desktop i still has the quarentine files from when I had system works and caused blue screen of death of when I unistalled it, making me install XP again. I'm still annoyed at their service as of buying off PQ Magic, and now not having thier vista compadible update for 9.0 -.-;
I'd need a full free week just to make copies of ~160gb of data just to wipe my HDD clean of those files x.x; Now if only bluray was dirt cheap....

One hand surf ftw!

Re: Interesting Alla thread on accout hijacking

That's funny, the same solution I'd suggest to stop cheating in FFXI would work for this as well. Maybe not smart or plausible, but I garauntee it'd be effective. >.>

Re: Interesting Alla thread on accout hijacking

Drop the PC?
Here's my response for that...
<_<;

Re: Interesting Alla thread on accout hijacking

Haha, like I said, wouldn't be a good business move, but you've never heard of anyone getting their account jacked from an ad in XBL Marketplace or Behemoth spawning purple to someone using a GameShark.

The PC has been responsible for most of the good stuff that players have learned about the game, but also for the bulk of the problems not caused by S-E themselves.

Re: Interesting Alla thread on accout hijacking

I refer you back to the first bluegartr link, this is not just affecting PC users but some Xbox360 users as well.