Page 2 of 2 FirstFirst 12
Results 16 to 21 of 21
  1. #16
    KarenericZ's Avatar
    Join Date
    Feb 2019
    Gender
    male
    Posts
    3
    Reputation
    10
    Thanks
    0
    Quote Originally Posted by SammytheBEAST View Post
    Well my account was hacked again after I changed my password and deleted the bad KRelay, any chance this downloaded something to my computer to gain persistance? Also on my realmeye it had the message "Bert was here."
    Rip the the number 1 paladin

  2. #17
    Riigged's Avatar
    Join Date
    Jan 2013
    Gender
    male
    Location
    127.0.0.1
    Posts
    3,753
    Reputation
    393
    Thanks
    10,218
    My Mood
    Devilish
    Quote Originally Posted by AllYourX View Post
    Is this a "Columbus discovering America" type deal going on here? My guess is that 059 or another n̶o̶n̶-̶s̶t̶a̶f̶f̶ experienced forum member did a cursory inspection, noticed the malicious code, quelled their surprise with practiced skill, and brought their findings to your attention.

     
    I love MPGH as a community. It's a great idea and is generally well moderated. The file checking though, at least on the RotMG forum, is subpar. It's honestly bad enough that it is causing harm by giving the average user the illusion of security. At this point it seems like MPGH is only useful as a resource for long time users who have learned not to trust the approved files and want to learn how to check and or make tools themselves.

    For the uninitiated user, MPGH is a reverse lottery. It is mostly filled with amazing, generously shared gems like K-Relay, 059 client, and KBK's famebot and NRelay, but if you happen to be one of the monthly winners, you wake up, not to untold riches, but instead rather harshly, to your RotMG accounts trashed and subsequently the dangers of hacking.

    People like to give MPGH hard time (see above, very satisfying), but nobody can realistically expect them to do a perfect job. My biggest gripe is with MPGH's response to malware getting past their checks. Since the CrazyClient account stealer, submission rules have become noticeably more restrictive. There are members who graciously want to contribute but can't, and yet somehow it seems like the number of malicious programs that have escaped detection has only increased. Maybe it's a terrible idea, but I think MPGH would be better served opening submission rights to more people, and in exchange, more loudly and explicitly outlining the inherent risks of executing third party programs to prospective downloaders.
    It's quite easy to glance over malicious/blackhat code in clients containing hundreds of folders and thousands of files, and programs (like this one) that have dozens of applications and other files that it can be put into, its not often that viruses/phishers are posted, so that just makes it a hundred times easier to glance right over something, especially when the blackhat code looks exactly like legitimate code when you are skipping through everything at the rate you do it at when you have to deal with, like I said, as many files as it could be. Like, that one client, the bert one or whatever, they added a line of code that basically PM'd a bot your info or was that false? Idk, anyways, that code prob looked exactly like any other line of code you could have seen, and would have just assumed it was code relating to the PM system when you glance right past it, obviously seeing the Email and Password part would be a red flag, but its way easier than u think to miss it. Very easy to not miss it when you are the one doing a 2nd check after someone has already brought it up about something fishy being in the client/program because then you actually read from top to bottom left to right instead of just simply top to bottom which is what most people who scan clients do, which is why whenever a virus is posted, its almost always approved, I think only 1 person tried to upload a virus and i deleted it and reported person during time of staff, and it was from simply putting it in virus scanner myself because he posted fake virus scans. This happens a lot in other sections too Im sure, the mods go 40 legit approvals in a row and then obviously let their guard down each more and more after every approval and then slipping up. All we can do is apologize and help the people affected, no reason to hate on the mods for something that can happen to you just as easily as the next person. Don't bother giving me all that "but I'm different" talk, every single person who applied for minion ever since MPGH was born, said that in their application, look what happens.

    And no, Ahlwong would never claim he found out himself if it wasn't him, he is a super chill guy, but then again its not like they struck gold so who cares about credits.
    Last edited by Riigged; 05-30-2019 at 09:44 AM.



     





  3. #18
    FlutterM4rk's Avatar
    Join Date
    Aug 2012
    Gender
    male
    Posts
    363
    Reputation
    16
    Thanks
    219
    My Mood
    Sleepy
    Quote Originally Posted by Riigged View Post
    It's quite easy to glance over malicious/blackhat code in clients containing hundreds of folders and thousands of files, and programs (like this one) that have dozens of applications and other files that it can be put into, its not often that viruses/phishers are posted, so that just makes it a hundred times easier to glance right over something, especially when the blackhat code looks exactly like legitimate code when you are skipping through everything at the rate you do it at when you have to deal with, like I said, as many files as it could be. Like, that one client, the bert one or whatever, they added a line of code that basically PM'd a bot your info or was that false? Idk, anyways, that code prob looked exactly like any other line of code you could have seen, and would have just assumed it was code relating to the PM system when you glance right past it, obviously seeing the Email and Password part would be a red flag, but its way easier than u think to miss it. Very easy to not miss it when you are the one doing a 2nd check after someone has already brought it up about something fishy being in the client/program because then you actually read from top to bottom left to right instead of just simply top to bottom which is what most people who scan clients do, which is why whenever a virus is posted, its almost always approved, I think only 1 person tried to upload a virus and i deleted it and reported person during time of staff, and it was from simply putting it in virus scanner myself because he posted fake virus scans. This happens a lot in other sections too Im sure, the mods go 40 legit approvals in a row and then obviously let their guard down each more and more after every approval and then slipping up. All we can do is apologize and help the people affected, no reason to hate on the mods for something that can happen to you just as easily as the next person. Don't bother giving me all that "but I'm different" talk, every single person who applied for minion ever since MPGH was born, said that in their application, look what happens.

    And no, Ahlwong would never claim he found out himself if it wasn't him, he is a super chill guy, but then again its not like they struck gold so who cares about credits.
    mate all this wall of text and literally all minions have to do is download process monitor for check for rotmg.sol read...

  4. #19
    Riigged's Avatar
    Join Date
    Jan 2013
    Gender
    male
    Location
    127.0.0.1
    Posts
    3,753
    Reputation
    393
    Thanks
    10,218
    My Mood
    Devilish
    Quote Originally Posted by FlutterM4rk View Post
    mate all this wall of text and literally all minions have to do is download process monitor for check for rotmg.sol read...
    bEcaUsE thAtS tHe OnLY wAy To HaCk PeOpLe ツ

    rotmg.sol is just a file that saves your credentials so that you can stay logged in whenever you re-open client (maybe it has other uses too but i know it does that part i just said at least xd).. but yes its obviously the most common phish method in realm , sorry for being cocky but still lol i know you know that theres a million ways to do this type of stuff



     





  5. #20
    AllYourX's Avatar
    Join Date
    Aug 2018
    Gender
    male
    Posts
    143
    Reputation
    40
    Thanks
    27
    Quote Originally Posted by Riigged View Post
    It's quite easy to glance over malicious/blackhat code in clients containing hundreds of folders and thousands of files
    This makes sense, but only for completely new releases. Old K-Relay version (proven safe by time and previous checks) + new K-Relay version + winmerge = a hell of a lot less lines to check.

    Other than that, I feel like we are saying the same thing: viruses will always be a risk.

    I just can't understand what the deal is with the post requirement rule. No matter what, it stifles new content, but even worse, it's followed completely arbitrarily. What's the point?

  6. The Following User Says Thank You to AllYourX For This Useful Post:

    lolpot132 (06-12-2019)

  7. #21
    Vispectra's Avatar
    Join Date
    Apr 2017
    Gender
    male
    Posts
    3
    Reputation
    10
    Thanks
    1
    Quote Originally Posted by SammytheBEAST View Post
    Also on my realmeye it had the message "Bert was here."
    LMFAO Bert

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Hackshield update fix
    By Raiden-Thunder God in forum Piercing Blow Discussions
    Replies: 5
    Last Post: 01-13-2011, 09:40 AM
  2. [Detected] im00: Self Updating Code / DLL
    By Themonsterman in forum Call of Duty 6 - Modern Warfare 2 (MW2) Hacks
    Replies: 13
    Last Post: 11-08-2010, 01:05 AM
  3. [Tutorial] Please tell me when WolfTeam-DLL to be detected after the update fixes it!
    By conquer1313374 in forum WolfTeam Hacks
    Replies: 1
    Last Post: 10-19-2010, 09:24 AM
  4. Failed to donwload self-update file[SOLVED]
    By Markus in forum CrossFire Help
    Replies: 7
    Last Post: 09-20-2010, 04:55 AM
  5. [Release] Matypatty's Pub Hack (with updater) FIXED
    By matypatty in forum Combat Arms Hacks & Cheats
    Replies: 959
    Last Post: 04-08-2010, 07:44 PM