My account got hacked

jimmyt1988 · 24 Mar 2010 at 19:29

Ncsoft gave me an email today about 30 minutes go..

"Someone at 78.138.120.16 has reset the password and/or the password hint questions and answers for your NCsoft account ****. If you did not make this change, please contact support immediately at [email protected]"

"Someone at 78.138.120.16 has reset your Aion (Europe) Game Account password for account ****. If you did not make this change, please contact support immediately at [email protected]."

No support phone lines in UK... They usually take 2 days to respond. The "bar-steward" who lives in Germany: http://cqcounter.com/whois/ is going to delete all my cahracters no doubt.

How the hell do they get my passwords. Someone hack that bleeder.

tntcoder · 24 Mar 2010 at 19:30

Use decent passwords, and don't use password hint questions.

EDIT: http://uk.aiononline.com/forums/general/view?articleID=2393 maybe phising related.

shauncr91 · 24 Mar 2010 at 19:31

I got these e-mails and I don't even play Aion. It's a phishing email.

You tried logging into your account ?

jimmyt1988 · 24 Mar 2010 at 19:33

Yes I have tried logging into my account.

Unfortunately, It has definetly been hacked.

My password is a variety of characters and numbers with capitals and lower case. It is an 11 digit password and has no reference to any of my personal credentials

Tefal · 24 Mar 2010 at 19:36

jimmyt1988 said:
Unfortunately, It has definetly been hacked.

No it hasn't, you've been phished or got a keylogger.

If Aions servers had been hacked this would be on the news.

Have you downloaded any UI mods etc?

Paramount · 24 Mar 2010 at 19:38

Stop trolling

jimmyt1988 · 24 Mar 2010 at 19:42

I have not played Aion Online since 4 months ago. Luckily I have stopped my billing on the game.

Tefal, I'll ignore your pedantic comment about using the phrase "hacked" as I am sure you are well aware of what I meant.

The answer to your UI mods question is no.

I'm not quite sure how someone has done it.

I am reasonably sure that a keylogger would find it difficult to send the details back to his/her computer as zone alarm would have triggered "your computer is acting as a server". I also have AVG installed.

Any other thoughts on how they do it?

Fortunately Aion is rubbish so nothing lost.

- I agree. However, My bank details are present within the master account, thus, I worry.

Tefal · 24 Mar 2010 at 19:42

jimmyt1988 said:
I have not played Aion Online since 4 months ago. Luckily I have stopped my billing on the game.

Tefal, I'll ignore your pedantic comment about using the phrase "hacked" as I am sure you are well aware of what I meant.

The answer to your UI mods question is no.

I'm not quite sure how someone has done it.

I am reasonably sure that a keylogger would find it difficult to send the details back to his/her computer as zone alarm would have triggered "your computer is acting as a server". I also have AVG installed.

Any other thoughts on how they do it?

Then you got phished.

If you are 100% sure you've got nothing on your pc or any pc you have used to log on with then it's phishing.

.walls · 24 Mar 2010 at 19:46

Tefal said:
No it hasn't, you've been phished or got a keylogger.

If Aions servers had been hacked this would be on the news.

Have you downloaded any UI mods etc?

Tefal said:
Then you got phished.

If you are 100% sure you've got nothing on your pc or any pc you have used to log on with then it's phishing.

this.

jimmyt1988 · 24 Mar 2010 at 19:49

Being an educated and experienced user of computers and having my life evolve around them, I feel it highly unlikely I have been phished. Phishing is always on my mind when reading emails, visiting websites, following links, using links from browsers.

I feel we are getting further from the reason of how they have done it.

I installed Zone alarm about 7 months ago and have been vigilante in my allow/block requests in making sure my computer is secure.

*scratches head*.

Is it possible that NCSOFT has a security leak somewhere? Perhaps insider... Perhaps someone has got direct access codes to databases? Sounds far-fetched, but I wonder..

Gerard · 24 Mar 2010 at 19:50

jimmyt1988 · 24 Mar 2010 at 19:51

Damn. I think Gerard hit it on the head. I must have said it out loud in Germany.

Case dismissed.

Hehe. For all pedantic users and people who find it hard to understand humour, the above is indeed sarcasm.

Haggisman · 24 Mar 2010 at 19:55

jimmyt1988 said:
However, My bank details are present within the master account, thus, I worry.

Chances are this wont show on the website (other than the usual last 4 digits)

jimmyt1988 said:
Is it possible that NCSOFT has a security leak somewhere? Perhaps insider... Perhaps someone has got direct access codes to databases? Sounds far-fetched, but I wonder..

Chances are that the password is encrypted in the database, so even with direct access they wouldn't be able to see the actual password.

Of course this is all basic security stuff which any self respecting company would implement. That doesn't necessarily mean they have

Tefal · 24 Mar 2010 at 19:57

jimmyt1988 said:
Being an educated and experienced user of computers and having my life evolve around them, I feel it highly unlikely I have been phished. Phishing is always on my mind when reading emails, visiting websites, following links, using links from browsers.

I feel we are getting further from the reason of how they have done it.

I installed Zone alarm about 7 months ago and have been vigilante in my allow/block requests in making sure my computer is secure.

*scratches head*.

Is it possible that NCSOFT has a security leak somewhere? Perhaps insider... Perhaps someone has got direct access codes to databases? Sounds far-fetched, but I wonder..

So we've gone from the 2 main ones, people falling for phishing, or getting somthing nasty usually from mods but can be from other things.

But no you're computer is 100% secure and you infalible.

Instead either someone hack their servers and instead of just taking the bank details and bulk selling them (if they could get round encryption), decided to take account passwords (although i'm sure pw's are stored as hashes and as such useless for using to log in) and change your pw.

If it had been that (assuming they decided to log in and change peoples pw's) this would hit a very large chunk of the user base.

And as for an inside job why change your pw, giving you the opportunity to inform the game makers and your bank

Why not take details without changing pw leaving you unaware your bank stuff had been stolen?
Or take thousands of details and hit them all at once which would surely make aion newsletter.

Or finally someone brute forced a random 11 digit random alphanumeric password with the thousands of login attempts going unnoticed for months on end before him getting fantastically lucky and getting it before a decade.

Yeah that sounds more likley than your pc/you being at fault.

touch · 24 Mar 2010 at 19:57

jimmyt1988 said:
I am reasonably sure that a keylogger would find it difficult to send the details back to his/her computer as zone alarm would have triggered "your computer is acting as a server". I also have AVG installed.

You have a lot of faith in zonealarm.

Haggisman · 24 Mar 2010 at 20:00

Tefal said:
So we've gone from the 2 main ones, people falling for phishing, or getting somthing nasty usually from mods but can be from other things.

But no you're computer is 100% secure and you infalible.

Instead either someone hack their servers and instead of just taking the bank details and bulk selling them (if they could get round encryption), decided to take account passwords (although i'm sure pw's are stored as hashes and as such useless for using to log in) and change your pw.

If it had been that (assuming they decided to log in and change peoples pw's) this would hit a very large chunk of the user base.

And as for an inside job why change your pw, giving you the opportunity to inform the game makers and your bank

Why not take details without changing pw leaving you unaware your bank stuff had been stolen?
Or take thousands of details and hit them all at once which would surely make aion newsletter.

Or finally someone brute forced a random 11 digit random alphanumeric password with the thousands of login attempts going unnoticed for months on end before him getting fantastically lucky and getting it before a decade.

Yeah that sounds more likley than your pc/you being at fault.

Yeah, this pretty much sums up my thoughts on the matter too, security software can only do so much...

jimmyt1988 · 24 Mar 2010 at 20:01

I did not say I was 100% secure? I can be sure that I have done the best I can to avoid such things.

And I know my other thought was a wild accusation.

Just thinking of what else it could be. Can programs disguise themselves as others. For example. AVG asked to be a server to send those "help improve AVG" emails out. I allowed that to be a server.

Perhaps this, or another program may have been disguised?

Possibility 1 perhaps.

And I agree. I have zonealarm and AVG because I do not know a more secure way

Tefal · 24 Mar 2010 at 20:01

touch said:
You have a lot of faith in zonealarm.

You mean £20 quid security software isn't perfect? :eek:

tntcoder · 24 Mar 2010 at 20:03

jimmyt1988 said:
And I agree. I have zonealarm and AVG because I do not know a more secure way

Bury your PC in 20 feet of concrete, that's provably secure

edscdk · 24 Mar 2010 at 20:04

IP Address: 78.138.120.16
Hostname: 78.138.120.16
IP Country: Germany
IP Country Code: DEU
IP Continent: Europe
IP Region: Nordrhein-Westfalen
Guessed City: Düsseldorf
IP Latitude: 51.2167
IP Longitude: 6.7667
Organization: EETRUST Technology Co.Ltd
ISP Provider: INET-People - Providerservices

not that it helps or means anything