Originally Posted by Swoozie  |
| I don't understand how are people randomly getting hacked? Unless you download something.. |
Here's how it happened. Awhile back the major news outlets were reporting a rash of hackings. We picked it up here as well. Basically, hackers wrote a script, a simple easy little ActiveX script for IE7. You pick up the script on a page, it redirects you to a page for an important component, that component gets downloaded and installed, turns out to be a key logger. That little key logger sits on your computer and is dormant until you log onto a game, like FFXI, WOW, or a small number of other online games. As soon as this happens, the key logger detects the initialization, records the next dozen or so things you type, and sends them via IE to the website you got the key logger from, or another front website the hackers controlled. So, after a predetermined amount of time, a hacker will log onto this website (or drop site if you like MI-6 or CIA terms), and pull the files. By this time, that site will have hundreds of them. Each of these files now contains your login ID and password in those first 12 lines of text you typed in. It also contains a listing of the program that initialized it, (the game). All a hacker needs to do now is fire up that game and login when you're not on. In fact, the change to the WorldPass system SE made allowing us to pick servers and change them actually made this easier to pull off. A quick switch and a name change later and there's no evidence you even existed.
This wasn't a small operation, too. I remember somewhere reading something like 20~30 thousand accounts got taken in one fell swoop. It wasn't noticed until hack reports started flooding in, either. They peppered all kinds of sites, for FFXI it was Atlas, Somepage, and others. Because the script was a small addition, many of them didn't even notice they got hacked, or assumed someone was just trying to steal data, rather than planting files.
On Diabolos Server, we lost Mystical/Sondohado. Two weeks ago, all of us on his friends list logged on and noticed it listed him as being on Titan. Worried messages went out: "Hey, you switched servers on us before our mission runs, what gives?" He got hacked. He's on Titan now, with a changed name, all 8 of his HQ elemental staffs are gone, and both his characters are empty of all sellable gear. Myst was a SMN, so lots of what he had at 75 is R/E, like his Yinyang robe, but that's still 2-3 years of work gone. He may quit for good now. What'd Myst do wrong? He uses IE7, and logged on to Atlas. Maybe his security settings were low, maybe he accepted the wrong cookie or ran the wrong script. We know what the outcome was, though.
I liken it to what happened IRL last winter with a friend of mine. I got a frantic email from him that his car was just stolen. You're thinking carjacking, but this is Utah. He left it running in the driveway to warm up. Knowing Dan, there was probably even a nice cup of coffee in the cup-holder. Long story short, they find it 2 days later in a grocery store parking lot with no gas, the rims gone, and his stereo and stuff missing. Now, I could take any last one of you from your home right now, drop you directly in this scene and you'll think he's asking for trouble. It's in the driveway, running, unlocked, and the keys are in the ignition. Any idiot sees this is a bad idea. Dan got complacent, and that's why he's buying a new stereo. Doesn't matter how good your neighborhood is, or how low your crime rate is, if you ask for trouble, sometimes it'll show up. This is the same way many of us feel when we hear you're all surfing around popular sites with IE7. Maybe you do know the neighborhood, maybe you do feel safe, but your doors are still unlocked and the engine is running. Stuff like this is bound to happen.