It shows that there's always somebody out there with no respect for other people - common knowledge really, but unfortunately the rest of us need constant reminders like this to rememember to take measures agains sush d#"¤heads.
1. NEVER share ANY account info with other people. Not even your wife close family, unless you want to risk an argument about mis-spent IP points, lost items and credits (we all know how chicks like spending dollahs) ;p
2. Take measures to ensure such info does not get shared accidentally
3. NEVER enable auto-type password functionality in any program. This means that the password is being stored in a file, somewhere on your hard drive. Hackers know where to look for these files.
4. NEVER store your passwords on a system that has an internet or localnet connection.
5. Never install software you don't trust on a system that also contains personal information you want to protect.
6. DO install a firewall product and learn how to configure it. ZoneAlarm, Kerio, Norton and others will do in most cases.
7. IF you must install file sharing software, make sure you limit the sharing to specified folders that don't contain anything you don't want to loose.
The following quotes from the thread sum up some of the dangers that lurk:
Mindum
n00b
Joined: 07 Sep 2002
Posts: 25
Posted: Sun Oct 12, 2003 1:37 pm Post subject:
--------------------------------------------------------------------------------
Hmm, i know how to get the account information. As my parrent closed my account and i can't own a credit card since im under 18 years, I was looking for the possibility of playing for free. I searched the ao folder and found this special file: C:\Program Files\Anarchy Online Test\cd_image\data\launcher\anarchylauncher.prefs
If you replace this file with another (from another person) you get their account name and password (the password will be in ****)
With a simple program you can remove the masks and then you got both loggin and password.
I sent a e-mail to funcom about this problem. They said they would be looking into it.
About a month later I tried to check if they had fixed the problem. I went to a fileshare program (Direct connect). And offcoures i found lots of files (account). One of them was Deacons account, i sent him a warning that that i had obatined this account information. Offcoures he got upset and i got some flames but after all he changed his account information.
I'm sure I wasn't the only one able to access his account.
Now I was checking the latest news in strom and saw this threat, i thought this information might help.
At last, all people here SHOULD NOT share the C:\Program Files\Anarchy Online Test\cd_image\data\launcher\anarchylauncher.prefs , unless you want others to play on your accont.
If you of some reason must share this file, god knows why, then remove the check on remember password. That would also put a stop unwanted helpers.
Mindum
_________________
You know!
AO ain't good for you.
Stop playing now!
*sight, I want back*
Zerelia
r00kie
Joined: 10 Oct 2002
Posts: 82
Posted: Sun Oct 12, 2003 3:08 pm Post subject:
--------------------------------------------------------------------------------
Probably using a trojan, thats why "he" needs your email. If you use outlook express as your email program remember to turn off autopreview...Having an uptodate antivirus program is also a good idea.
Just a few tips:
NEVER open attachments in email that you dont know who is from or what it might be.
trojans that might be used for hacking AO accounts are like keyloggers and similar like backorifice etc.
Also get a personal firewall, zonealarm is a good choice. If it detects anyone trying to hack your computer it will make a log you can file to his ISP and most likely he will loose his internet line unless the ISP is unserious.
Hacking others people computer and accounts is a serious issue, and if Funcom lets hackers walk free they are not a very serious company imo. It is infact illegal by the law (rl law not the stupid mmorpg law).
Back to top
Kinkychick
pl33b
Treydor
Expert
Joined: 31 Aug 2002
Posts: 1989
Location: Texas
Posted: Sun Oct 12, 2003 6:14 pm Post subject:
--------------------------------------------------------------------------------
Mindum wrote:
I went to a fileshare program (Direct connect). And offcoures i found lots of files (account).
Hmmm...I've known about the anarchylauncher.prefs file for a long time in doing that trick. Since about the time I started playing over 2 years ago...that one was sort of obvious. There are a few other ways to get the password too...some of which are very simple and can be done remotely in some instances (got a firewall?). Your IP address can be found in the headers of an email sent from you...which Deacon, this is probably the reason he wanted you to email him.
I didn't think about searching those p2p sharing programs for the files though...lots of those programs want to just share about everything...which yea, would be a problem. That's a good warning for those of you who might want to run Kazaa, DC++, etc...make sure you know exactly what you are sharing.
_________________
Wolfenstein - Enemy Territory It's free, why not try it?
Check out my AO Reference Editor
Back to top