Galyna
Joined: 16 Jul 2010 Posts:
|
re: Got hacked
by Galyna on 2012/01/04 2:23
All, posting what happened to me so that you may all learn from it.
Monday around midnight CET (1 hour after I logged) somebody else locked into my account and hacked me / stripped all my chars. The total loss is around 1000 gold (scales, symbols, sigils, relix, runes, crafting stuff - everything u can imagine). Turbine later disabled my account based on automatic fraud detection and the call centered restored my access Tuesday around 11 PM CET.
The interesting points are the following:
1. I play from corporate laptop with latest protections (Symantec Corporate Ediiton with daily & weekly full scan / update, Firewall, etc...) whatever you can imagine.
2. I found only a "tracking cookie" on my PC which was probably missed by the daily scan but the weekly i ran found it. I could not trace its origin's.
3. My LOTRO client automatically contains my username so it is only the password i enter from keyboard - which means that somehow they got my username without me entering it!!! (as i ve not entered it in the last 2 months for sure - since my last reinstall).
4. I dont visit any "strange" sites - and as i work in IT i am normally cautious as you can imagine...
5. I dont use Turbine forums (e.g. just read them, not posting, not logging into forum).
6. I had the same password used in other websites / web services - and they were not touched.
The only conclusion that i am currently left with is the following:
1. It was a targeted attempt - going after only LOTRO.
2. I likely got the cookie from sites i consider trusted - and relates to LOTRO (like this kinsite, turbine sites, or other sites having LOTRO content on them - e.g. site of other kins, guides etc....)
3. It has been a more sophisticated attempt as somehow they got the username that i dont enter (e.g. cannot be key logged).
So BE CAREFUL!!! CHANGE YOUR PASSWORDs.
On the positive note - LOTRO phone support was very helpful - i currently have tickets open to try to get back my most important stuff...
I hope you learn from this. Cheers!
|
|
|
|
re: Got hacked
by Rinoanor on 2012/01/04 5:18
sorry to hear this mate they are usually very good at giving back all the stuff you lost via a hack, but it takes some time.
its more likely they obtainned your username/password from the official turbine forums. security on them isnt as strong as it should be, which is why they had to take the forums down for weeks a while back when it was rumoured someone found a simple DOS prompt that let them see others account details....
thanks for the heads up, whenever i hear someone has been hacked i change my password to be on the safe side so will do that now
_________________ Rinoanox~105 CPT - Rinoanor~100 HNT (R9 - Retired) - Saelene~85 BRG - Valorond~75 MNS - Grimvalo~85 WRD
|
|
RucagornLeader
Joined: 12 Aug 2009 Posts: 9201
|
re: Got hacked
by Rucagorn on 2012/01/04 12:45
Darn, bastards! Really bad news friend...
Can Turbine share some heads up? Like from where was accessed... If came from any computer that often plays the character X...
I know sometimes hard to find clues and if persons do this they have extra careful to dont get busted... Just ''curious'' because I hate when this stuff happens.
Will change also my password myself... Must say though that I kinda use lotro forums this days but I also use a kaspersky browser security , hope that helps a bit.
''Protected myself atm with Kaspersky Internet Security + Malware bytes", but sometimes this things happen from nowhere...
Hope you can ''recover'' the stuff lost and that this things stop happening...
I myself use almost always different passwords... atleast for the most important stuff.
_________________
Courageous and honorable as men
Beautiful and brave as elves
Mighty and friend as dwarves
Powerful and wise as wizards
Agile and clever as hobbits
Proud with the splendor and glory of Kings of yore
He is Rucagorn, Captain, Guardian of the Free Peoples
Proud and honorable leader of the Fellowship of Guardians
The White Guardian
|
|
|