Page 1 of 3 1 2 3 LastLast
Results 1 to 10 of 28
  1. #1
    Player
    Livilda's Avatar
    Join Date
    Aug 2013
    Location
    Mist Ward 8 Plot 3 / ミスト 第8区3番地
    Posts
    268
    Character
    Iris Caldor
    World
    Balmung
    Main Class
    Red Mage Lv 70

    The Hacker and You: How gilsellers steal your account and advertise in your name.

    This afternoon, I logged in to my inn room at The Drowning Wench. All was quiet. I called for my retainer to check my sales, then geared up and ventured out into the world. Immediately, I was hit by a blast of URLs comprised of a swath of irregular unicode replacement characters and the promise of hundreds of thousands of gil in exchange for a few real-world US Dollars. It was happening approximately 1.3 times per second, which meant that anything I tried to say or my friends tried to tell me would be instantly swallowed up. In a haste, I opened my blacklist to add the spammer, and then opened my report window.

    A few minutes later, wandering idly around and wondering just how Square-Enix could possibly let this continue, I found her. A level 50 monk, dressed in Foestriker gear, mouth working - silently, as I'd just blacklisted her - and eyes staring, lifeless as the snows of Coerthas. Tuiyani Kusaragi was her name. It was not a string of random characters like RMT are wont to pick. It was not even a name randomly generated at the character selection screen. It was a name deliberated upon by a human being, particularly for the purpose of sounding Japanese-esque, but no less weightily considered. And it was stolen by a dirty gilselling scumbag, forcing their own words into her mouth.

    How did this happen? Are hackers somehow magically able to force their way into your accounts? In all likelihood, no. Not only is this sort of tragedy entirely preventable, it's also pretty damn easy, too.

    SO:

    How do they do it?
    People who want accounts - any accounts - do not specifically hack their way in. The effort involved makes this practice unfeasible for anything but personal reasons. Gilselling is a business; they seek to maximize profit and minimize effort. There are two main ways they gain access to your account:
    1. They trick you into giving them your password. You might be a customer for their very own RMT services, or you might have registered for one of their fake FFXIV fansites - believe it or not, these are myriad - one way or another, you may have given them your password without even realizing it.
    2. They've stolen it from somewhere else. Players who use the same password for many and multiple games are especially at risk - slight variations of the same password only slightly less so. Almost any game community you've ever joined might be a security risk for your one password. Once hacked into, the data extracted does not simply disappear; it is cracked. It is deciphered. It is sold, and it is bought.

    What can you do?
    Simple enough. Change your password. Not just for Final Fantasy XIV, but for your e-mail account as well. Use a good password. This stops almost all so-called 'hackers' in their tracks. They see that your old username and password didn't work, and move on down their list.

    What can Square Enix do?
    Also simple: attack the problem at the source.

    Today, I read a rather inspiring article about how ArenaNet implemented a mandatory password change. They took a database of every password previously attempted, combined with the most common passwords, and prohibited players from using them. According to hearsay, the rate of hacking dropped to 0.01% and has been further dwindling ever since.

    SEGA of Japan has implemented at least one 'change your password' campaign, and rewarded players who changed their SEGA ID password with prizes in Phantasy Star Online 2. Nexon has done several.

    I'm not calling people who get hacked out for using gilselling services, or even for not changing their password, but if you're using a recycled password (or perchance haven't changed your password since last you bought gil):
    You.
    Are.
    At.
    Risk.

    Quote Originally Posted by Smoey View Post
    I like how some mmorpgs use coin lock on your account if you log in from another location. Why not just lock your account (bags, messages, shouting etc..) until you verify your location. Takes 2 minutes.
    Because what is most often hacked is not your account, at least not directly. This feature is already implemented in Final Fantasy XIV, and is also easily circumvented if the account data stolen or otherwise obtained includes an e-mail address. If you've used the same password for the game and your e-mail, it's game over.
    Quote Originally Posted by Neptune View Post
    I have had my account targeted for "suspicious activity" multiple times since release. Every time I change my password and every time it is targeted again for "suspicious activity" and disabled out of precaution by SE. I believe that due to my security token they only hit the maximum allowable attempts before my account was locked out.

    And if that's true.. it means it's SE itself that is getting hacked or exploited and not necessarily the users. Sure keyloggers may be one avenue but how does that explain what's happening to me? I've clean installed since 1.0 and I haven't been to any fansites or downloaded any ARR related apps at all. I don't see how I could have a keylogger unless it shipped with the installer itself or the benchmark. Which, for all any of us know, may have been compromised on SE's servers a long time ago.
    I'm fairly certain that either you have a keylogger or your e-mail is compromised. I don't believe SE would allow anything on their servers without an MD5 hash, which is a code generated to identify a file - if it has been altered, the MD5 changes.
    (27)
    Last edited by Livilda; 09-14-2013 at 08:14 AM.

  2. #2
    Player
    Holyhunter's Avatar
    Join Date
    Jul 2013
    Posts
    223
    Character
    Azia Merot
    World
    Excalibur
    Main Class
    Thaumaturge Lv 51
    Quote Originally Posted by Livilda View Post
    lifeless as the snows of Coerthas.
    OBJECTION
    The snows of Coerthas are quite alive.
    (16)

  3. #3
    Player
    Livilda's Avatar
    Join Date
    Aug 2013
    Location
    Mist Ward 8 Plot 3 / ミスト 第8区3番地
    Posts
    268
    Character
    Iris Caldor
    World
    Balmung
    Main Class
    Red Mage Lv 70
    Quote Originally Posted by Holyhunter View Post
    OBJECTION
    The snows of Coerthas are quite alive.
    Holyhunter you are a butt. Go back to vinesauce. :P

    jk ily <3
    (0)

  4. #4
    Player
    Holyhunter's Avatar
    Join Date
    Jul 2013
    Posts
    223
    Character
    Azia Merot
    World
    Excalibur
    Main Class
    Thaumaturge Lv 51
    Quote Originally Posted by Livilda View Post
    Holyhunter you are a butt. Go back to vinesauce. :P
    holy shit

    who are you
    (0)

  5. #5
    Player
    Livilda's Avatar
    Join Date
    Aug 2013
    Location
    Mist Ward 8 Plot 3 / ミスト 第8区3番地
    Posts
    268
    Character
    Iris Caldor
    World
    Balmung
    Main Class
    Red Mage Lv 70
    Quote Originally Posted by Holyhunter View Post
    holy shit

    who are you
    I am ████.
    (0)
    Last edited by Livilda; 09-14-2013 at 08:04 AM.

  6. #6
    Player
    TrystWildkey's Avatar
    Join Date
    Oct 2011
    Location
    Till Sea Swallows All! Arrr
    Posts
    759
    Character
    Tryst Wildkey
    World
    Durandal
    Main Class
    Weaver Lv 50
    Thank you! That was all very useful information

    Hopefully, enough people will read this to spread the word and help keep us all safe.
    (0)
    Everyone thought paid retainers and fantasia would be the end of it.
    You were warned.
    Cash shop in, TrystWildkey out.

  7. #7
    Player
    Smoey's Avatar
    Join Date
    Feb 2013
    Posts
    9
    Character
    Smoey Alpha
    World
    Odin
    Main Class
    Lancer Lv 10
    I like how some mmorpgs use coin lock on your account if you log in from another location. Why not just lock your account (bags, messages, shouting etc..) until you verify your location. Takes 2 minutes.
    (0)

  8. #8
    Player
    Neptune's Avatar
    Join Date
    Mar 2011
    Location
    Gridania
    Posts
    2,062
    Character
    Neptune Deepsea
    World
    Balmung
    Main Class
    Thaumaturge Lv 50
    While we're on the subject, has anyone with a security token had their account hacked?

    I have had my account targeted for "suspicious activity" multiple times since release. Every time I change my password and every time it is targeted again for "suspicious activity" and disabled out of precaution by SE. Has anyone else been getting those emails? Even while you're logged into the game?

    I believe that due to my security token they only hit the maximum allowable attempts before my account was locked out.

    And if that's true.. it means it's SE itself that is getting hacked or exploited and not necessarily the users. Sure keyloggers may be one avenue but how does that explain what's happening to me? I've clean installed since 1.0 and I haven't been to any fansites or downloaded any ARR related apps at all. I don't see how I could have a keylogger unless it shipped with the installer itself or the benchmark. Which, for all any of us know, may have been compromised on SE's servers a long time ago. If something that big went down, it would explain the aggressiveness of the gil sellers since this would be an opportunity not to miss.
    (0)

  9. #9
    Player
    Arylian's Avatar
    Join Date
    Sep 2013
    Posts
    6
    Character
    Paige Frostwell
    World
    Coeurl
    Main Class
    Conjurer Lv 24
    Quote Originally Posted by Livilda View Post
    Snip.
    Thank you for posting. Timely, well thought out and fair. Very much appreciated.

    ../bow
    (1)

  10. #10
    Player
    Sadique's Avatar
    Join Date
    Aug 2013
    Posts
    43
    Character
    Yumi Shironeko
    World
    Behemoth
    Main Class
    Archer Lv 50
    Quote Originally Posted by Smoey View Post
    I like how some mmorpgs use coin lock on your account if you log in from another location. Why not just lock your account (bags, messages, shouting etc..) until you verify your location. Takes 2 minutes.
    what i dont understand is, before the head start, if anybody logged into your game from a new IP it would lock the account. It doesnt do this anymore and im not sure why.
    (0)

Page 1 of 3 1 2 3 LastLast