|
Another Fact, All of my friends got hacked same way it´s like 10-12 friends could forgot someone, could name them. The guy who hacks it usually when he comes put status something like tinyurl.com/poehacks never checked it. Then go a1n and walking between a1n & cost probably throwing items on the ground ending up deleting all characters, already catched him twice... Since I am mostly online around 10 hours a day on average and I value my friends so I check friendlist alot :P. Once I called with friend and I was like, what are you stil doing on that coast. And he was like what? I´m not even ingame yet! luckily he got online so fast, so hacker did not steal almost anything except 5 lioneye, legacy maligaro´s and my rings I borrowed him .. :D he had mtxs on most of gear so probably slowed guy down. 2nd time I saw it it was Irobeatz ex-lvl 100 player, as soon as he got that status I wrote to that guy like gtfo, get out of Iro´s account b*tch etc.. meanwhile told zeekidc2 to msg support to block that account as fast as possible, it was too slow anyway :( was so sad.
tbh, I think some rmt site does that..
Last edited by NarraX1337#0092 on Oct 9, 2014, 2:12:10 PM
|
Posted byNarraX1337#0092on Oct 9, 2014, 2:08:09 PM
|
|
^ Since a pattern exists wherein it is rampant among a close knit group but not outside that group, that means that something from within the group is causing the issue. Look for infections, look at phishing sites, look for applications that aren't supposed to be authorized to access their account... there is something in common with each of those incidents that each of them did that compromised their accounts and has nothing to do with GGG.
edit - and think about it... how where they targeted? why were they targeted? how did the person accessing the account know what to look for or that there was anything to take? How did they know when to login to take that stuff? Something in common with each of those friends occurred as the vector that caused all of it.
edit 2 - BTW, my real suspicion is that they all tried botting software from one of the numerous hack sites and paid the price as that seems the most likely vector.
Last edited by Jiero#2499 on Oct 9, 2014, 2:23:23 PM
|
Posted byJiero#2499on Oct 9, 2014, 2:12:13 PM
|
"
Jiero wrote:
"
Tin_Foil_Hat wrote:
Your friends probably visited and attempted to use some shady POE based site, more than likely a fake RMT site that wants to phish information.
You dont simply get hacked or keylogged, its very unlikely either was the case.
Zero day trojan install using buffer overflow techniques through a inline frame using an ad banner running either adobe flash or java on even a normally respectable site (if not injected into the site using one of the numerous ways to add that code) that just happened to use the wrong ad banner program says otherwise.
"
AkamuCZ wrote:
"
I_NO wrote:
=/ I've seen the guy hes really nice on the forum but yeah in most cases.
It's likely a very very hidden Keylogger.
Hmm, this happend to more of my friends not just one. Anyway even if very very hidden keylogger would be the case, it still does not explain how did they log in his account without verifying email. That´s first thing and 2nd this could happen to anyone who just click on some link and examples I wrote on how to pervert this, would help everyone..
https://www.duosecurity.com/blog/bypassing-googles-two-factor-authentication
Email can be bypassed, and some android apps were created just to do so by people wanting to break into their email. These are often 'hacked' pirated versions of popular paid applications that ask for permissions that the original never did and request access to your email account
Things like that are easily detected with any form of antivirus, unless youre running your computer with absolutely no protection, it would detect it.
If said site is infected with a keylogger, and attempts a drive-by installation, it WILL prompt you and immediately put it into a vault/remove it with anti-virus.
Either way, people phishing/keylogging information arent going to be targeting random sites, theyre going to be targets POE related sites.
Like i said, its not easy or likely that was the case. Its highly likely that they were doing something they werent supposed to on a site that they shouldnt of been on.
Harvest sucks! But look at my decked out gear two weeks in!
Labyrinth salt farm miner.
"But my build diversity" , "Game is too hard!" - Meta drone playing the same 1-3 builds for years.
|
Posted byTin_Foil_Hat#0111on Oct 9, 2014, 2:23:01 PM
|
|
Double post.
Harvest sucks! But look at my decked out gear two weeks in!
Labyrinth salt farm miner.
"But my build diversity" , "Game is too hard!" - Meta drone playing the same 1-3 builds for years. Last edited by Tin_Foil_Hat#0111 on Oct 9, 2014, 2:25:08 PM
|
Posted byTin_Foil_Hat#0111on Oct 9, 2014, 2:23:01 PM
|
"
AkamuCZ wrote:
Another Fact, All of my friends got hacked same way it´s like 10-12 friends could forgot someone, could name them. The guy who hacks it usually when he comes put status something like tinyurl.com/poehacks never checked it. Then go a1n and walking between a1n & cost probably throwing items on the ground ending up deleting all characters, already catched him twice... Since I am mostly online around 10 hours a day on average and I value my friends so I check friendlist alot :P. Once I called with friend and I was like, what are you stil doing on that coast. And he was like what? I´m not even ingame yet! luckily he got online so fast, so hacker did not steal almost anything except 5 lioneye, legacy maligaro´s and my rings I borrowed him .. :D he had mtxs on most of gear so probably slowed guy down. 2nd time I saw it it was Irobeatz ex-lvl 100 player, as soon as he got that status I wrote to that guy like gtfo, get out of Iro´s account b*tch etc.. meanwhile told zeekidc2 to msg support to block that account as fast as possible, it was too slow anyway :( was so sad.
tbh, I think some rmt site does that..
10 - 12 friends all getting hacked the same way is way too fishy to be random. You don't all share the same accounts and passwords. You all have separate email addresses. This isn't random, this isn't a coincidence, and this isn't bad luck. Your friends are doing something they shouldn't be doing, like installing 3rd party software or viruses through the same sites.
Guild Leader The Amazon Basin <BASIN>
Play Nice and Show Some Class www.theamazonbasin.com Last edited by mark1030#3643 on Oct 9, 2014, 2:23:34 PM
|
Posted bymark1030#3643on Oct 9, 2014, 2:23:12 PM
|
"
mark1030 wrote:
"
AkamuCZ wrote:
Another Fact, All of my friends got hacked same way it´s like 10-12 friends could forgot someone, could name them. The guy who hacks it usually when he comes put status something like tinyurl.com/poehacks never checked it. Then go a1n and walking between a1n & cost probably throwing items on the ground ending up deleting all characters, already catched him twice... Since I am mostly online around 10 hours a day on average and I value my friends so I check friendlist alot :P. Once I called with friend and I was like, what are you stil doing on that coast. And he was like what? I´m not even ingame yet! luckily he got online so fast, so hacker did not steal almost anything except 5 lioneye, legacy maligaro´s and my rings I borrowed him .. :D he had mtxs on most of gear so probably slowed guy down. 2nd time I saw it it was Irobeatz ex-lvl 100 player, as soon as he got that status I wrote to that guy like gtfo, get out of Iro´s account b*tch etc.. meanwhile told zeekidc2 to msg support to block that account as fast as possible, it was too slow anyway :( was so sad.
tbh, I think some rmt site does that..
10 - 12 friends all getting hacked the same way is way too fishy to be random. You don't all share the same accounts and passwords. You all have separate email addresses. This isn't random, this isn't a coincidence, and this isn't bad luck. Your friends are doing something they shouldn't be doing, like installing 3rd party software or viruses through the same sites.
I guess most of them do not even know each other, just I know them.
Btw. I am not sure if you remember SUI_ANNA (most std players should know him I think, he´s already banned btw) once he PMed friend want to buy you 27 plateau maps. And he never posted them anywhere! not even in trade just me and 1 other friend knew he safe them. And he asked from where the hell he knows he has exactly 27 plateau maps?? And he answered just LOL and ignored him. Still do not understand where he know it from, I think I still have screen of their conversation somewhere.
Last edited by NarraX1337#0092 on Oct 9, 2014, 2:30:08 PM
|
Posted byNarraX1337#0092on Oct 9, 2014, 2:25:32 PM
|
"
Tin_Foil_Hat wrote:
Things like that are easily detected with any form of antivirus, unless youre running your computer with absolutely no protection, it would detect it.
If said site is infected with a keylogger, and attempts a drive-by installation, it WILL prompt you and immediately put it into a vault/remove it with anti-virus.
No they aren't detectable at all..
Zero day exploit means the period of time between the release of a new infection into the wild and when it is added to virii software databases so it will trigger detections, which can be as simple as modifying just a few bytes of it's CRC. Nothing would detect it because it isn't in a single database yet. Heuristic software is utter garbage and doesn't actually work. Buffer overflows allow the installation of whatever software is desired without user prompting.
edit - and I was suspecting either a RMT site, hack site or botting software myself.
Last edited by Jiero#2499 on Oct 9, 2014, 2:29:58 PM
|
Posted byJiero#2499on Oct 9, 2014, 2:26:58 PM
|
"
Jiero wrote:
"
Tin_Foil_Hat wrote:
Things like that are easily detected with any form of antivirus, unless youre running your computer with absolutely no protection, it would detect it.
If said site is infected with a keylogger, and attempts a drive-by installation, it WILL prompt you and immediately put it into a vault/remove it with anti-virus.
No they aren't detectable at all..
Zero day exploit means the period of time between the release of a new infection into the wild and when it is added to virii software databases so it will trigger detections, which can be as simple as modifying just a few bytes of it's CRC. Nothing would detect it because it isn't in a single database yet. Heuristic software is utter garbage and doesn't actually work.
Thats not true at all.
Do you know why they call it "Zero day" ? Because the same day its exploited the hole is found and filled.
Harvest sucks! But look at my decked out gear two weeks in!
Labyrinth salt farm miner.
"But my build diversity" , "Game is too hard!" - Meta drone playing the same 1-3 builds for years.
|
Posted byTin_Foil_Hat#0111on Oct 9, 2014, 2:32:25 PM
|
"
Tin_Foil_Hat wrote:
"
Jiero wrote:
"
Tin_Foil_Hat wrote:
Things like that are easily detected with any form of antivirus, unless youre running your computer with absolutely no protection, it would detect it.
If said site is infected with a keylogger, and attempts a drive-by installation, it WILL prompt you and immediately put it into a vault/remove it with anti-virus.
No they aren't detectable at all..
Zero day exploit means the period of time between the release of a new infection into the wild and when it is added to virii software databases so it will trigger detections, which can be as simple as modifying just a few bytes of it's CRC. Nothing would detect it because it isn't in a single database yet. Heuristic software is utter garbage and doesn't actually work.
Thats not true at all.
Do you know why they call it "Zero day" ? Because the same day its exploited the hole is found and filled.
Yes it is
http://en.wikipedia.org/wiki/Zero-day_attack
It's not the time frame of the release, it's the time frame of the solution. Zero day makes zero solution and no patches, it's the day of the patch or addition to a virii database that it ceases to be a zero day.
|
Posted byJiero#2499on Oct 9, 2014, 2:34:51 PM
|
"
Tin_Foil_Hat wrote:
"
Jiero wrote:
"
Tin_Foil_Hat wrote:
Things like that are easily detected with any form of antivirus, unless youre running your computer with absolutely no protection, it would detect it.
If said site is infected with a keylogger, and attempts a drive-by installation, it WILL prompt you and immediately put it into a vault/remove it with anti-virus.
No they aren't detectable at all..
Zero day exploit means the period of time between the release of a new infection into the wild and when it is added to virii software databases so it will trigger detections, which can be as simple as modifying just a few bytes of it's CRC. Nothing would detect it because it isn't in a single database yet. Heuristic software is utter garbage and doesn't actually work.
Thats not true at all.
Do you know why they call it "Zero day" ? Because the same day its exploited the hole is found and filled.
I think Jiero was right, http://en.wikipedia.org/wiki/Zero-day_attack.
|
Posted byNarraX1337#0092on Oct 9, 2014, 2:35:38 PM
|
