Account Hackers

[coolio420]

Those mules have a destination.

[Methodeman]

Who cares about that destination? They are probably selling the gold anyway.

[Dracconus]

Who cares about that destination? They are probably selling the gold anyway.

While this is VERY true, I think I'm going to note a few things that I've yet to see put in here, and hopefully that'll help you guys/girls.

1. Nexon's website is not secured at all. Although their database is hosted via amazon's cloud service, and your passwords are "secured" through md5 hash encryption that doesn't mean that it's not reversible. If you have enough of the root information that created the MD5 or SHA1 hash then you can decrypt it.

2. The person that's doing this is by no means ignorant, or new to this at all. While sql injection is a highly typical method of performing account hacking that doesn't mean that it's what they're using, and even if they are - being able to develop, and USE a decrypter is going to take a lot of money into your system, and knowledge of what you're doing.

3. Chances are that this is a very bored script kiddie. Someone that had their computer purchased for them by a relative, or group of relatives. The amount of hardware required to perform this type of brute force dictionary reverse is somewhere around the count of 2.5-5 Thousand US Dollars. (either that or they're using a less efficient machine, and it's going MUCH slower than it could.)

4. Changing your password when someone is doing this gives them (depending on their method of access) MORE of a chance to get your information from nexon, since the queries that are created by the server, and yourself, are transferred back and forth thus giving them the possibility of an unencrypted method of obtaining your information.

5. They may not have root access to the database, it may be something notably different, and instead of the "typical" method, they're doing port scanning on the login and authentication servers in order to receive the live stream of information being validated by the server sent to/from yourself. If this is the case, then it's literally unsafe to log into the game period (Please note that the odds of this happening are SIGNIFICANTLY smaller than that of the above stated method.)

So in short, don't change your password. Don't use the website to log in. Only use the game client's .exe. This provides you with a more secure and direct connection to the authentication server, and login server, and can greatly reduce your chances of being a victim of this. (there's also a chance that the client uses a different port than the website [doubtful, but still possible])

Also note that avoiding the marketplace may very well be a good idea. Nexon's still utilizing the third party html viewer for the game to view the marketplace, and logging transactions made in the marketplace can give them a very good rough estimate on WHO to hack. Now, I'm not saying that this is what they're doing, I'm just giving you a heads up.

Watch yourself, and your actions carefully. if you're scared of it being a keylogger, which I'm almost 100% sure it's not; then use onscreen keyboards, (you can find some that are encrypted with google) as this wiwll also possibly reduce your chances. Don't do anything too much, and draw attention to yourself. Make multiple accounts,a nd transfer your gold to other alternative accounts so that if they get access to one, they dont' get everything.

I myself have 6 accounts. 4 for gold,a nd 2 for gear, and items. Everytime that I'm about to log off for a good amount of time I transfer everything except bound gear amongst these accounts to ensure that if one DOES get hacked, my odds are still greater than most to have at a minimal the items that are/were difficult to acquire, or collect.

Hope this helps you understand, and protect yourselves a little better.
Sorry for the length.
Dracconus

[catalyst2022]

Thanks for the info dracc, its not to lengthy, its a well needed post. Personally I would like it stickied....

[Nico]

Thanks for the info dracc, its to lengthy, its well needed post. Personally I would like it stickied....

That might happen tho.

[catalyst2022]

lol typo "not to lengthy" was the intended statment

[Das Face]

While this is VERY true, I think I'm going to note a few things that I've yet to see put in here, and hopefully that'll help you guys/girls.

1. Nexon's website is not secured at all. Although their database is hosted via amazon's cloud service, and your passwords are "secured" through md5 hash encryption that doesn't mean that it's not reversible. If you have enough of the root information that created the MD5 or SHA1 hash then you can decrypt it.

2. The person that's doing this is by no means ignorant, or new to this at all. While sql injection is a highly typical method of performing account hacking that doesn't mean that it's what they're using, and even if they are - being able to develop, and USE a decrypter is going to take a lot of money into your system, and knowledge of what you're doing.

3. Chances are that this is a very bored script kiddie. Someone that had their computer purchased for them by a relative, or group of relatives. The amount of hardware required to perform this type of brute force dictionary reverse is somewhere around the count of 2.5-5 Thousand US Dollars. (either that or they're using a less efficient machine, and it's going MUCH slower than it could.)

4. Changing your password when someone is doing this gives them (depending on their method of access) MORE of a chance to get your information from nexon, since the queries that are created by the server, and yourself, are transferred back and forth thus giving them the possibility of an unencrypted method of obtaining your information.

5. They may not have root access to the database, it may be something notably different, and instead of the "typical" method, they're doing port scanning on the login and authentication servers in order to receive the live stream of information being validated by the server sent to/from yourself. If this is the case, then it's literally unsafe to log into the game period (Please note that the odds of this happening are SIGNIFICANTLY smaller than that of the above stated method.)

So in short, don't change your password. Don't use the website to log in. Only use the game client's .exe. This provides you with a more secure and direct connection to the authentication server, and login server, and can greatly reduce your chances of being a victim of this. (there's also a chance that the client uses a different port than the website [doubtful, but still possible])

Also note that avoiding the marketplace may very well be a good idea. Nexon's still utilizing the third party html viewer for the game to view the marketplace, and logging transactions made in the marketplace can give them a very good rough estimate on WHO to hack. Now, I'm not saying that this is what they're doing, I'm just giving you a heads up.

Watch yourself, and your actions carefully. if you're scared of it being a keylogger, which I'm almost 100% sure it's not; then use onscreen keyboards, (you can find some that are encrypted with google) as this wiwll also possibly reduce your chances. Don't do anything too much, and draw attention to yourself. Make multiple accounts,a nd transfer your gold to other alternative accounts so that if they get access to one, they dont' get everything.

I myself have 6 accounts. 4 for gold,a nd 2 for gear, and items. Everytime that I'm about to log off for a good amount of time I transfer everything except bound gear amongst these accounts to ensure that if one DOES get hacked, my odds are still greater than most to have at a minimal the items that are/were difficult to acquire, or collect.

Hope this helps you understand, and protect yourselves a little better.
Sorry for the length.
Dracconus

Ya nailed it.