Go Back   Neko-Sentai » Final Fantasy MMO » FFXI Stuff

Notices

Reply
 
Thread Tools
Old 08-11-2008, 03:19 PM   #1
Kickern
Forum Police
Dat Modder
 
Join Date: Jun 2006
Location: Michigan
Posts: 2,964
Thanks: 67
Thanked 235 Times in 122 Posts

Default Question

What do I do when my Playonline password has been changed without my knowledge? If I've been hacked, someone is going to die.
Kickern is offline  
Reply With Quote
Old 08-11-2008, 03:23 PM   #2
Uzuki
Nothing
Forum Member
 
Join Date: Oct 2006
Posts: 2,921
Thanks: 38
Thanked 249 Times in 166 Posts

Default

Call customer service, tell them you want your password reset. They'll ask for the last four digits of the credit card on your account. If that's been changed, you're phucked.
Uzuki is offline  
Reply With Quote
Old 08-11-2008, 03:31 PM   #3
Shinrasin
The Divine King
Forum Member
 
Join Date: Jul 2006
Location: Divine Castle
Posts: 696
Thanks: 13
Thanked 62 Times in 28 Posts

Default

Quote:
Originally Posted by Jujubee
Call customer service, tell them you want your password reset. They'll ask for the last four digits of the credit card on your account. If that's been changed, you're phucked.
Shinrasin is offline  
Reply With Quote
Old 08-11-2008, 03:32 PM   #4
Miayoko
Hurr Durr
Forum Member
 
Join Date: Dec 2006
Location: Kansas
Posts: 967
Thanks: 1
Thanked 4 Times in 4 Posts

Default

More than likely Kick youve been haxxord :( /comfort
Miayoko is offline  
Reply With Quote
Old 08-11-2008, 03:35 PM   #5
Kickern
Forum Police
Dat Modder
 
Join Date: Jun 2006
Location: Michigan
Posts: 2,964
Thanks: 67
Thanked 235 Times in 122 Posts

Default

Yeah, great. Thanks. :?
I don't know how it is even possible for me to be hacked, I never need to type my password, and I don't have windower or any of that other crap either. :roll:
Kickern is offline  
Reply With Quote
Old 08-11-2008, 04:09 PM   #6
Miayoko
Hurr Durr
Forum Member
 
Join Date: Dec 2006
Location: Kansas
Posts: 967
Thanks: 1
Thanked 4 Times in 4 Posts

Default

Quote:
Originally Posted by Kickern
Yeah, great. Thanks. :?
I don't know how it is even possible for me to be hacked, I never need to type my password, and I don't have windower or any of that other crap either. :roll:
RMT have gotten freakin smart :/ for of my PS2 onry buds got the pwn stick too ; ; luckily SE does semi-care these days :/ if they can give my ex his account back when he lost his codes :P I'm sure they will do the same for someone who knows
Miayoko is offline  
Reply With Quote
Old 08-11-2008, 04:32 PM   #7
Uzuki
Nothing
Forum Member
 
Join Date: Oct 2006
Posts: 2,921
Thanks: 38
Thanked 249 Times in 166 Posts

Default

Negative. Square only cares about the person paying for the account. It's only the last four digits of the credit card that matter. No other information is good enough for them, I would know because this is what happened to me. I gave them everything, account creation date, character names (even deleted ones), registration codes, time periods in which the subscription was suspended, you name it. I knew everything but the credit card number of asshole who stole it. Think about that for a minute. If your account is hacked and all the person has to do to permanently keep it is change the billing info, how will you get it back without knowing THEIR personal information? It's completely illogical and shows just how much they care about their customers. The day Square changes their stupid ass account security policy, someone let me know.

EDIT: Actually, I did some research on this and it seems due to so many 'compromised' accounts Square finally got the point. If you call in and tell them what happened they'll email you a notary form for you to print out and mail back to them. Once they receive that form they'll investigate your account and determine if it was really stolen. Mines was compromised over two years ago but I'm going to try and get it back using this method. Let me know if it works out for yours.

Source 1
Source 2
Uzuki is offline  
Reply With Quote
Old 08-11-2008, 06:34 PM   #8
Kickern
Forum Police
Dat Modder
 
Join Date: Jun 2006
Location: Michigan
Posts: 2,964
Thanks: 67
Thanked 235 Times in 122 Posts

Default

After waiting about 3 hours, I got a new password... when I logged in, I noticed a new e-mail...
It's as I feared... I was hacked.


Edit: Hey look! I'm in Cait Sith server now instead of Hades. Oh yeah, and I sold my Noble's tunic, blessed trousers, blessed pumps, templar mace, penitent's rope, and god knows what all else (haven't checked my mules yet), and then I have 0 gil!
Attached Thumbnails
Click image for larger version

Name:	omfg_116.jpg
Views:	25
Size:	119.7 KB
ID:	25585  
Kickern is offline  
Reply With Quote
Old 08-11-2008, 07:43 PM   #9
Mythago
the Angry Iku
Forum Member
 
Join Date: Oct 2006
Location: In the cookie jar
Posts: 3,480
Thanks: 1
Thanked 49 Times in 38 Posts

Default

And now SE will do absolutely nothing to help you! :D
Mythago is offline  
Reply With Quote
Old 08-11-2008, 07:55 PM   #10
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 21,908
Thanks: 1,923
Thanked 6,279 Times in 3,326 Posts

Default

O_o

ewww, how ya get hacked or think ya got hacked by?

and i thought SE restores items/money lost in hacks or they don't do that still?
Gulkeeva is offline  
Reply With Quote
Old 08-11-2008, 08:01 PM   #11
Mythago
the Angry Iku
Forum Member
 
Join Date: Oct 2006
Location: In the cookie jar
Posts: 3,480
Thanks: 1
Thanked 49 Times in 38 Posts

Default

Call me bitter but they didn't restore jack for one of my good friends when he got hacked. Sucked because he was probably in Kickern's position, I never really discussed FF-11 with him.
Mythago is offline  
Reply With Quote
Old 08-11-2008, 08:16 PM   #12
Kickern
Forum Police
Dat Modder
 
Join Date: Jun 2006
Location: Michigan
Posts: 2,964
Thanks: 67
Thanked 235 Times in 122 Posts

Default

Quote:
Originally Posted by Gulkeeva
O_o

ewww, how ya get hacked or think ya got hacked by?

and i thought SE restores items/money lost in hacks or they don't do that still?
No idea how I could've been hacked, seriously. I got hacked by RMT obviously though, since all that was lost was a few money items and then world transferred my characters. :x

Anyways... I called a GM after I got a new password and logged in and...
They have my account locked until they have it fixed, so now I get to wait...
Attached Thumbnails
Click image for larger version

Name:	pol_2008_08_11_20_02_18_99_210.jpg
Views:	138
Size:	307.2 KB
ID:	25589  
Kickern is offline  
Reply With Quote
Old 08-11-2008, 08:37 PM   #13
Sekkite
Invisible Bat Bike
Forum Member
 
Join Date: Aug 2006
Posts: 113
Thanks: 58
Thanked 37 Times in 4 Posts

Default

It depends on the customer service agent you talk to. Some of them can be very helpful and revert your character to a pre-hack state (although that could end up being 3 months before you were hacked), or some could be like the ones that have been mentioned in this thread. SE's policies have improved leaps and bounds over what they used to be, and there's a good chance you'll be able to get the account locked and eventually restored.

That being said, keylogger can be a misnomer. Yes, it logs keys, but it isn't restricted to such. If the keylogger is programed to do so, it can record anything you copy and paste and/or record the position of your mouse when it clicks.

After you've done a scan of your system (assuming it was from your computer that it was stolen) and removed the offending files, I'd highly suggest getting Firefox and using the noscript addon.

Relevant links:
Info on character restoration:
http://www.bluegartr.com/forum/showthread.php?t=52801

Virus scanner:
http://free.avg.com/
http://housecall.trendmicro.com/

Firefox:
http://www.mozilla.com/en-US/firefox/

NoScript:
* http://noscript.net/

*When you have noscript installed, do the following:
1) In Firefox, click on the 'S' in the bottom-right hand corner of your screen and select Options.
2)Click on the Plugins tab.
3)Make sure the following options are checked. Not all will be enabled by default:
-Forbid Java
-Forbid Adobe Flash
-Forbid Microsoft Silverlight
-Forbid other plugins
-Forbid <IFRAME> -- many of the RMT hackings have involved iframes, and Forbid <IFRAME> is not enabled by default.
-Block every object coming from a site marked as untrusted.
-Ask for confirmation before temporarily unblocking an object.
-Show placeholder icon.



Of course, if all else fails or if you want to be absolutely, 100% certain that you are virus-free, reformat your computer. Use Firefox + noscript afterwards.

If you already knew all this, then this can be a reference to anyone who doesn't.
Sekkite is offline  
Reply With Quote
Old 08-11-2008, 09:14 PM   #14
Kickern
Forum Police
Dat Modder
 
Join Date: Jun 2006
Location: Michigan
Posts: 2,964
Thanks: 67
Thanked 235 Times in 122 Posts

Default

Quote:
Originally Posted by Sekkite
It depends on the customer service agent you talk to. Some of them can be very helpful and revert your character to a pre-hack state (although that could end up being 3 months before you were hacked), or some could be like the ones that have been mentioned in this thread. SE's policies have improved leaps and bounds over what they used to be, and there's a good chance you'll be able to get the account locked and eventually restored.

That being said, keylogger can be a misnomer. Yes, it logs keys, but it isn't restricted to such. If the keylogger is programed to do so, it can record anything you copy and paste and/or record the position of your mouse when it clicks.
Good to know.

I'll see how well they restore my account and post here again after they work it out and e-mail me.
Kickern is offline  
Reply With Quote
Old 08-11-2008, 10:56 PM   #15
Lalana
Regular Forum User
Dat Modder
Forum Member
 
Join Date: Jul 2008
Posts: 1,108
Thanks: 0
Thanked 1 Time in 1 Post

Default

Wow Kickern, that really, truly sucks. I hope they restore everything you lost... I'd be crushed if i was still playing and my account got hacked :\ I'd probably just quit without giving SE a chance. Good to see you're optimistic about it though :)
Lalana is offline  
Reply With Quote
Old 08-12-2008, 12:00 AM   #16
Corrderio
Man Who Sold The World
Forum Member
 
Join Date: Jul 2006
Location: South Dakota
Posts: 9,211
Thanks: 54
Thanked 396 Times in 204 Posts

Default

Out of curiousity Kickern...

1. What are you using to browse the internet? Firefox or IE?
2. Is your Adobe Flash Player up to date?
3. What FFXI related sites have you been on?
Corrderio is offline  
Reply With Quote
Old 08-12-2008, 12:08 AM   #17
Kickern
Forum Police
Dat Modder
 
Join Date: Jun 2006
Location: Michigan
Posts: 2,964
Thanks: 67
Thanked 235 Times in 122 Posts

Default

Quote:
Originally Posted by Corrderio
Out of curiousity Kickern...

1. What are you using to browse the internet? Firefox or IE?
2. Is your Adobe Flash Player up to date?
3. What FFXI related sites have you been on?
1. Firefox
2. Don't know, but probably not
3. Here, ffxidats.com, ffxi-atlas.com, ffxiclopedia.com, ffxiah.com, and a couple of my ls websites
Kickern is offline  
Reply With Quote
Old 08-12-2008, 12:19 AM   #18
Corrderio
Man Who Sold The World
Forum Member
 
Join Date: Jul 2006
Location: South Dakota
Posts: 9,211
Thanks: 54
Thanked 396 Times in 204 Posts

Default

Hmm... I do know FFXI Atlas had that I-Frame exploit on it. However if you had NoScript installed for Firefox it shouldn't have bothered you.

There is also a flash exploit now, you should see if your flash files are up to date.
Corrderio is offline  
Reply With Quote
Old 08-12-2008, 12:31 AM   #19
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 21,908
Thanks: 1,923
Thanked 6,279 Times in 3,326 Posts

Default

I'd use fireflox to block scripts, I even block scripts on this site, incase someone somedays does hack the site for an I-frame exploit 9so I'd notice it)
Gulkeeva is offline  
Reply With Quote
Old 08-12-2008, 04:06 AM   #20
Sekkite
Invisible Bat Bike
Forum Member
 
Join Date: Aug 2006
Posts: 113
Thanks: 58
Thanked 37 Times in 4 Posts

Default

Quote:
Originally Posted by Gulkeeva
I'd use fireflox to block scripts, I even block scripts on this site, incase someone somedays does hack the site for an I-frame exploit 9so I'd notice it)
As far as noscript is concerned, that script would be coming from the offending website as that's where the code for it is located. Allowing neko-sentai wouldn't be allowing the offending script. Even so, it's important to manually set iframes to be blocked in the noscript settings as it won't be blocked by default. I've had LS mates who used firefox + noscript get hacked as they were unaware of that :(.

As Aikar has mentioned on the BG forums, it is very likely that the RMT have a massive backlog of keylogs to sift through. People who visited a compromised website months ago are being hacked daily.

Edit: Yes, as Corr mentioned, there is a flash exploit out and one of the more recent keyloggers out there takes advantage of this.

To check your flash version, go to http://kb.adobe.com/selfservice/view...nalId=tn_15507
If your flash player version is an earlier one then 9.0.124.0, then you are vulnerable to this flash player exploit. If you're using noscript, you'll need to allow adobe.com to check your version.

Download the patched flash player at http://www.adobe.com/shockwave/downl...ShockwaveFlash


Editedit: Apparently there's a new flash player vulnerability out :(. No known FFXI keyloggers are using this vulnerability (but it's likely to be implemented soon), but it currently affects all versions of Flash. I will post here again then a patch for this comes out.
Sekkite is offline  
Reply With Quote
Reply

Lower Navigation
Go Back   Neko-Sentai » Final Fantasy MMO » FFXI Stuff

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -5. The time now is 05:03 AM.

design by: Themes by Design


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
punch-dnaAll company, product, system names and/or company logos and marks are the registered trademarks or trademarks of their respective owners. If you are the copyright holder of any material found on this site and believe it has been used unfairly please contact one of the forum administrators.