Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

WoW Account hacking, exceptionally much?

124

Comments

  • CeridithCeridith Member UncommonPosts: 2,980

    Originally posted by jimmyman99

    ...

    You are stretching it buddy... now you are saying hackers are PAYING to hack other accounts... they expose themselves to be backtraced to their account and real identities... hmmm... not likely. And what does that mean i need to brush up on security? did you hack me? did you get through my hardware firewall? and then software firewall? oh my, i need to check my open ports (none) for established connections (firefox, winamp open, avast just closed a socket)... mmmm. Nah, my security is just fine, thanks for your concern. But keep bashing please, I wonder how many more crazy ideas you come up with.

    The gold selling industry is touted to be a billion dollar industry, and banner ads don't cost all that much. Drop a couple hundred dollars to create a point of infection for potentially thousands, if not tens of thousands, of victims. All it would take is a few resulting breached accounts to easily make back the cost of the banner ad from selling off of gold, items, and even the characters or accounts themselves. Besides, they probably use stolen credit card info to pay for the ads anyways, and fake identites to register them. Heck, that's what the "hackers" do to get into breached inactive accounts, they reactivate them with stolen credit card info.

    As per you brushing up on your security, I mean that you don't quite grasp the full extent of IT security. Despite your hardware and software firewall, despite your anti-virus, malware scanner, using mor esecure browsers and security add-ons, there is STILL the possibility to have your PC breached. All it takes is one person with malicious intent to find one of the many security flaws in the myriad of software we all use everyday, and they can potentially exploit that to slip past all of your security without you realizing until it's too late. That's simply a fact of being on the Internet, and to arrogantly proclaim that it's entirely the user's fault for being hacked, is just blind ignorance. Sure, the user may have been a contributing factor in some manner, but there are many cases where a user can do everything "right", and still get hacked from something as harmless looking as a banner ad sitting at the top of a webpage.

  • jimmyman99jimmyman99 Member UncommonPosts: 3,221

    Originally posted by Astro6

     

    You really need to brush up on your security as a security expert 25 yrs in the field getting hacked by adverting banners is real not fake look at my post, it has happened many,many times what they do is pay someone to place the ads that have no affilation with the hackers.

    It is the most common vector to catch fake av's/rootkits-keyloggers/malware because it is on a web advertising ring it may reach as many as 20,000 websites.

    As a matter of fact it happening with the piratebay atm and 100's of other websites just past week i had 4 customers that had thier accounts hacked from keyloggers in advertising banners on facebook they had microsoft security essentials,threatfire,immunet installed.

     

    http://news.cnet.com/8301-27080_3-20002267-245.html

    http://www.wowwiki.com/Talk:Thorium_Brotherhood

    http://copyfight.corante.com/archives/2009/04/20/copyfight_is_everywhere.php

    I can post over 200 links to security websites with information about keyloggers in ads on curse gamaing,allakzam,wowmatrix and many more sites including the chicago tribune.

    http://www.maximumpc.com/article/home/adobe_plugs_six_critical_security_holes_flash_player

    http://www.adobe.com/support/security/bulletins/apsb10-16.html

    LOL, as a 25year old security veteran, you have no idea what you are talking about. What kind of security are you an expert of? The internet was commercially available in 1990... thats... 20 years ago. Being a security guard at the local bank branch does not make you an expert in Internet security.

    ThreatFire:

    "ThreatFire continually protects your PC against attacks by detecting malicious behavior, such as capturing your keystrokes or stealing your data, instead of only looking for known threats like normal antivirus software. By implementing sophisticated real-time behavioral analysis ThreatFire is able to stop never- before-seen "zero-day" threats solely by detecting their malicious activity." - ThreatFire has a pre-set behavioral signatures to detect malicious software - just like anti virus program, except that AV has signatures of the viruses themselves. In human terms, instead of having a mug snapshot of a criminal, it has a description of what that criminal can do. I can see where it might have a slight advantage over AV, but at a huge cost - you CAN get infected with a virus, as long as it does not make any malicious action that ThreatFire recognizes. AND, it seems that ThreatFire does not really block/detects keylogging AT ALL. Read about it on their forum HERE.

    Immunet - not a standalone AV product. I've read several reviews, and while it does block some mallware, it is not a replacement of a stand alone AV product.

    So the person who got infected basically had its doors open for a virus - a user error.

    I visit thepiratebay/facebook daily - never been infected. I visit porn sites and sometimes when I venture off the mainstream sites into the jungle of low level sites with viruses and mallware, I never got infected. My firewall/AV blocked whatever danger I was in. Furthermore, I use MS tools (process explorer/ tcpip view) to check for open connections or for unknown EXEs.

    I am the type of player where I like to do everything and anything from time to time.
    image
    http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
    imageimage

  • jimmyman99jimmyman99 Member UncommonPosts: 3,221

    Originally posted by Ceridith

    Originally posted by jimmyman99


    ...

    You are stretching it buddy... now you are saying hackers are PAYING to hack other accounts... they expose themselves to be backtraced to their account and real identities... hmmm... not likely. And what does that mean i need to brush up on security? did you hack me? did you get through my hardware firewall? and then software firewall? oh my, i need to check my open ports (none) for established connections (firefox, winamp open, avast just closed a socket)... mmmm. Nah, my security is just fine, thanks for your concern. But keep bashing please, I wonder how many more crazy ideas you come up with.

    The gold selling industry is touted to be a billion dollar industry, and banner ads don't cost all that much. Drop a couple hundred dollars to create a point of infection for potentially thousands, if not tens of thousands, of victims. All it would take is a few resulting breached accounts to easily make back the cost of the banner ad from selling off of gold, items, and even the characters or accounts themselves. Besides, they probably use stolen credit card info to pay for the ads anyways, and fake identites to register them. Heck, that's what the "hackers" do to get into breached inactive accounts, they reactivate them with stolen credit card info.

    As per you brushing up on your security, I mean that you don't quite grasp the full extent of IT security. Despite your hardware and software firewall, despite your anti-virus, malware scanner, using mor esecure browsers and security add-ons, there is STILL the possibility to have your PC breached. All it takes is one person with malicious intent to find one of the many security flaws in the myriad of software we all use everyday, and they can potentially exploit that to slip past all of your security without you realizing until it's too late. That's simply a fact of being on the Internet, and to arrogantly proclaim that it's entirely the user's fault for being hacked, is just blind ignorance. Sure, the user may have been a contributing factor in some manner, but there are many cases where a user can do everything "right", and still get hacked from something as harmless looking as a banner ad sitting at the top of a webpage.

    Stolen credit cards? i would think its more profiutable to actually STEAL money from stolen CCs, not pay for some banner advertisement that may or may not result in anything...

    There is a very small chance that my security could be breached because I am an educated computer user. I work in the field of programming/website design/internet security. While I am no expert at any given subject, Ive worked in so many IT fields that I know them fairly well. So yes, if a hacker really does want to crack my puter open, he will succeed. But how can that user know my computer? They do not! Inet is not like a street where you open a yellow book and get their address. Computers hooked up to INET are virtual, not physical entities. Their IPs change in 95% of cases, they go offline, they get turned off. It is highly... no, VERY highly improbable that anyone would direct a specific attack on a specific computer. In 99% cases hackers throw a wide net of phishing attacks and then continue once someone gets hooked up. If you have a decent AV/firewall and average computer literacy, you will identify 90-95% of all phishing attacks.

    I am the type of player where I like to do everything and anything from time to time.
    image
    http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
    imageimage

  • AnubisanAnubisan Member UncommonPosts: 1,798

    In the overwhelmingly vast majority of cases, 'hacked accounts' are nothing of the sort. Someone got the login information through something the player did or did not do which resulted in their vulnerability. It really is the fault of the player in most cases. I know it sucks to get your account information stolen, but if you don't take proper precautions, you have only yourselves to blame.

    I have played WoW on and off since release as well as many other MMOs and I have NEVER been hacked despite many many attempts made to trick me into giving away my account info. A little common sense and caution goes a long way...

  • CeridithCeridith Member UncommonPosts: 2,980

    Originally posted by jimmyman99

    Originally posted by Astro6

     

    You really need to brush up on your security as a security expert 25 yrs in the field getting hacked by adverting banners is real not fake look at my post, it has happened many,many times what they do is pay someone to place the ads that have no affilation with the hackers.

    It is the most common vector to catch fake av's/rootkits-keyloggers/malware because it is on a web advertising ring it may reach as many as 20,000 websites.

    As a matter of fact it happening with the piratebay atm and 100's of other websites just past week i had 4 customers that had thier accounts hacked from keyloggers in advertising banners on facebook they had microsoft security essentials,threatfire,immunet installed.

     

    http://news.cnet.com/8301-27080_3-20002267-245.html

    http://www.wowwiki.com/Talk:Thorium_Brotherhood

    http://copyfight.corante.com/archives/2009/04/20/copyfight_is_everywhere.php

    I can post over 200 links to security websites with information about keyloggers in ads on curse gamaing,allakzam,wowmatrix and many more sites including the chicago tribune.

    http://www.maximumpc.com/article/home/adobe_plugs_six_critical_security_holes_flash_player

    http://www.adobe.com/support/security/bulletins/apsb10-16.html

    LOL, as a 25year old security veteran, you have no idea what you are talking about. What kind of security are you an expert of? The internet was commercially available in 1990... thats... 20 years ago. Being a security guard at the local bank branch does not make you an expert in Internet security.

    ThreatFire:

    "ThreatFire continually protects your PC against attacks by detecting malicious behavior, such as capturing your keystrokes or stealing your data, instead of only looking for known threats like normal antivirus software. By implementing sophisticated real-time behavioral analysis ThreatFire is able to stop never- before-seen "zero-day" threats solely by detecting their malicious activity." - ThreatFire has a pre-set behavioral signatures to detect malicious software - just like anti virus program, except that AV has signatures of the viruses themselves. In human terms, instead of having a mug snapshot of a criminal, it has a description of what that criminal can do. I can see where it might have a slight advantage over AV, but at a huge cost - you CAN get infected with a virus, as long as it does not make any malicious action that ThreatFire recognizes. AND, it seems that ThreatFire does not really block/detects keylogging AT ALL. Read about it on their forum HERE.

    Immunet - not a standalone AV product. I've read several reviews, and while it does block some mallware, it is not a replacement of a stand alone AV product.

    So the person who got infected basically had its doors open for a virus - a user error.

    I visit thepiratebay/facebook daily - never been infected. I visit porn sites and sometimes when I venture off the mainstream sites into the jungle of low level sites with viruses and mallware, I never got infected. My firewall/AV blocked whatever danger I was in. Furthermore, I use MS tools (process explorer/ tcpip view) to check for open connections or for unknown EXEs.

    IT security has existed long before the Internet. The existance of the Internet in a more commercial manner has simply increased the need for it.

    You can keep your head in the sand and believe that all of that software is going to keep you safe, but the truth is that it can't keep you completely secure. Every time you connect to a site, particularly the more shady ones, you're opening up your PC to another potential breach, even despite all of the software you seem to put all of your faith in. The fact that you're so certain you won't be hacked, will likely result in you being hacked in the future, because you'll do something stupid as you seem to believe that your PC isn't at risk.

    You may have minor awareness of IT security, enough to install a few programs to mitigate the basic threats, but compared to people who actually work in the industry, you know next to nothing.

  • jimmyman99jimmyman99 Member UncommonPosts: 3,221

    Originally posted by Ceridith

    IT security has existed long before the Internet. The existance of the Internet in a more commercial manner has simply increased the need for it.

    You can keep your head in the sand and believe that all of that software is going to keep you safe, but the truth is that it can't keep you completely secure. Every time you connect to a site, particularly the more shady ones, you're opening up your PC to another potential breach, even despite all of the software you seem to put all of your faith in. The fact that you're so certain you won't be hacked, will likely result in you being hacked in the future, because you'll do something stupid as you seem to believe that your PC isn't at risk.

    You may have minor awareness of IT security, enough to install a few programs to mitigate the basic threats, but compared to people who actually work in the industry, you know next to nothing.

    Maybe I did not make myself clear enough, i am NOT relying on a software. My message is - I rely on my own common sense and computer literacy to identify threats. The software is there to help me make a decision (example: is that a legit svchost.exe trying to access INET from C:WINDOWSSystem32 or is it a fake one from C:WINDOWSsomefolder ). It is rare when my AV hits the "A VIRUS HAS BEEN DETECTED ON YOUR COMPUTER" with me not being prepared for this (browsing a bad site, etc)).

    Another example. I just received another email about my WoW account being changed. Everything seems legit, the email came from Blizzard Entertainment , and the letter on itself seemed legit - no spelling errors, all links were legit (TOS, billing, phones etc). Except for one link, which was inviting me to login to make sure my info was not changed. The link looked like it would take me to http://www.worldofwarcraft.com/account/billing/ but in fact, it would take me to http://us.battle.net.XXX-XXX-blizzard.com/ (i masked parts of the link so people won't go there). I wouldn't even have to check the headers to know this email was fake. But just for the kicks of it, full headers told me that that email did NOT come from blizzard.com domain. It came from: 

    Received: from 127.0.0.1  (EHLO blu0-omc4-s15.blu0.hotmail.com) (65.55.111.154)

      by mta1046.mail.sk1.yahoo.com with SMTP; Thu, 12 Aug 2010 20:14:59 -0700

    Received: from BLU0-SMTP70 ([65.55.111.137]) 

    The originating email was: cote_22_leproso@hotmail.com

    So really, if someone were to fall for this and get their account hijacked - whos fault would that be? I did not rely on my software to protect me, I used common sense.

    Oh and please DO inform me what IT security you know BEFORE the Internet? It was basically non existant. Few Av products to scan for pirated games with viruses that, at worst, would simply wipe your HDD of data and you would just reinstall it on your PC. The only way to spread at that time was for you to physically spread it with a floppy disk or CD in later years... LOL. Those were the times.

    I am the type of player where I like to do everything and anything from time to time.
    image
    http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
    imageimage

  • Astro6Astro6 Member UncommonPosts: 240

    Huge amount of ads now carry malware source here : http://www.net-security.org/malware_news.php?id=1431
    One good reason why i use adblock plus sorry but if advertisers can't keep their ads clean i won't allow ads of any kind on my machine.

  • KingKong007KingKong007 Member Posts: 149

    Here's a good laugh.

    I did the following test: started the computer - visited this ONE website after the Google page showed up ... and here is what my BitDefender showed me after a visit to www.mmorpg.com

    Cookie.Apmebf

    Cookie.BS.Serving-Sys

    Cookie.DoubleClick

    Cookie.Mediaplex

    Cookie.Metriweb.

    All these were considered harmful by BitDefender and deleted.

    Perhaps you can all do the same tests. Perhaps someone on www.mmorpg.com can come up with an explanation.

    A little browsing on the web showed the "apmebf" thing was quite dangerous.

    I have to say though I've never been hacked in 5 years.

     

  • CaralthinCaralthin Member Posts: 7

    I know that this might be a dead horse that doesn't need the flogging, but I'd like to toss in something else to consider here.  My WoW account was attached to a hotmail address.  I haven't played WoW in over 2 years, but did see that WoW accounts are being rolled into BNet.  I transferred my account to my current e-mail address and consolidated into a BattleNet account, so there shouldn't be any more WoW account.  Since doing so I've received numerous phishing e-mails.

    What makes my experience troubling is when I received one of these e-mails stating that I had purchased SC2 on a credit card which had the last 4 digits of the credit card on file for WoW.  There is a chance that this was happenstance and that the phisher just happened to make a 1 in 6561 lucky guess about the last four digits, but I don't think so.  I'm more inclined to believe that some disgruntled Blizzard employee is selling the information.

    Either way, I won't be returning to WoW and have serious reservations about using BattleNet under the RealID system that they have in place.

  • CahillCahill Member Posts: 7

    I too keep getting these Phishing emails claiming to be from he wow accounts department saying someoene is trying to alter my eail address, and to follow this link to confirm, or so forth.  I went to show original and hte source is not whom they claim to be, it's from some hotmail account.

     

    I sent that account a message, told em the account they were tryingot hack was a 7 day free account that had 4 hours on it, and wasn't worth their time to hack. Still getting the darn things.

  • Demonspirit8Demonspirit8 Member Posts: 54

    I recently reactived my account roughly 3 weeks ago. within 15 minutes of reactivating i started getting emails from "Blizzard" saying my account is frozen etc etc basically phishing emails. Didnt open any deleted every single one. I only visit ign.com mmorpg.com and msnbc.com only 3 websites i look. i noticed on the 14th i recieved 4 phising emails i deleted all then the 15th i recieved 4 more. then 15th in the afternoon my account was hacked. Now i won't claim its not one of the 3 websites i visit cause who knows. I Do have a issue with the fact i started getting the weird emails literally 15minutes after reactivation. To me the whole thing smells like possibly a way to push people to paying 8 bucks for an authenticator.

  • miagisanmiagisan Member Posts: 5,156

    Originally posted by Caralthin

    I know that this might be a dead horse that doesn't need the flogging, but I'd like to toss in something else to consider here.  My WoW account was attached to a hotmail address.  I haven't played WoW in over 2 years, but did see that WoW accounts are being rolled into BNet.  I transferred my account to my current e-mail address and consolidated into a BattleNet account, so there shouldn't be any more WoW account.  Since doing so I've received numerous phishing e-mails.

    What makes my experience troubling is when I received one of these e-mails stating that I had purchased SC2 on a credit card which had the last 4 digits of the credit card on file for WoW.  There is a chance that this was happenstance and that the phisher just happened to make a 1 in 6561 lucky guess about the last four digits, but I don't think so.  I'm more inclined to believe that some disgruntled Blizzard employee is selling the information.

    Either way, I won't be returning to WoW and have serious reservations about using BattleNet under the RealID system that they have in place.

    same, since they went to Bnet, my account has been hacked 4 times, and i get tons and tons of phishing emails since...and i havent played the game in over 2 years, nor has it been installed on my comp in the last 2 years.

    image

  • SyncrosonixSyncrosonix Member Posts: 341

    Originally posted by Caralthin

      I'm more inclined to believe that some disgruntled Blizzard employee is selling the information.

    Either way, I won't be returning to WoW and have serious reservations about using BattleNet under the RealID system that they have in place.

    seems like the troubles really began when they merged the battlenet accounts with the warcrack ones. i've been getting multiple phishing emails every single day, and i have noticed my email account is no longer on blizzard's file, and my password is incorrect. oh well, at least the card i had been using is long gone, and i have not played that shitty game for almost 2 years now.

    as for the theory of the source of the info getting out, i was thinking about it off and on while i was driving between atlanta, GA and richmond, VA. the phishing emails used to be pretty random and uncommon. now it's gotten out of hand, and i don't see blizzard really doing anything to combat it.

    fuck it, i won't bother buying anymore of their products until they've tamed that beast. that means diablo III won't be touched by me.

    image
  • Daffid011Daffid011 Member UncommonPosts: 7,945

    How exactly can blizzard stop your email address from getting spam? 

    I'm not sure where people get these types of expectations.

  • Astro6Astro6 Member UncommonPosts: 240

    Originally posted by jimmyman99

    Originally posted by Astro6

     

    You really need to brush up on your security as a security expert 25 yrs in the field getting hacked by adverting banners is real not fake look at my post, it has happened many,many times what they do is pay someone to place the ads that have no affilation with the hackers.

    It is the most common vector to catch fake av's/rootkits-keyloggers/malware because it is on a web advertising ring it may reach as many as 20,000 websites.

    As a matter of fact it happening with the piratebay atm and 100's of other websites just past week i had 4 customers that had thier accounts hacked from keyloggers in advertising banners on facebook they had microsoft security essentials,threatfire,immunet installed.

     

    http://news.cnet.com/8301-27080_3-20002267-245.html

    http://www.wowwiki.com/Talk:Thorium_Brotherhood

    http://copyfight.corante.com/archives/2009/04/20/copyfight_is_everywhere.php

    I can post over 200 links to security websites with information about keyloggers in ads on curse gamaing,allakzam,wowmatrix and many more sites including the chicago tribune.

    http://www.maximumpc.com/article/home/adobe_plugs_six_critical_security_holes_flash_player

    http://www.adobe.com/support/security/bulletins/apsb10-16.html

    LOL, as a 25year old security veteran, you have no idea what you are talking about. What kind of security are you an expert of? The internet was commercially available in 1990... thats... 20 years ago. Being a security guard at the local bank branch does not make you an expert in Internet security.

    ThreatFire:

    "ThreatFire continually protects your PC against attacks by detecting malicious behavior, such as capturing your keystrokes or stealing your data, instead of only looking for known threats like normal antivirus software. By implementing sophisticated real-time behavioral analysis ThreatFire is able to stop never- before-seen "zero-day" threats solely by detecting their malicious activity." - ThreatFire has a pre-set behavioral signatures to detect malicious software - just like anti virus program, except that AV has signatures of the viruses themselves. In human terms, instead of having a mug snapshot of a criminal, it has a description of what that criminal can do. I can see where it might have a slight advantage over AV, but at a huge cost - you CAN get infected with a virus, as long as it does not make any malicious action that ThreatFire recognizes. AND, it seems that ThreatFire does not really block/detects keylogging AT ALL. Read about it on their forum HERE.

    Immunet - not a standalone AV product. I've read several reviews, and while it does block some mallware, it is not a replacement of a stand alone AV product.

    So the person who got infected basically had its doors open for a virus - a user error.

    I visit thepiratebay/facebook daily - never been infected. I visit porn sites and sometimes when I venture off the mainstream sites into the jungle of low level sites with viruses and mallware, I never got infected. My firewall/AV blocked whatever danger I was in. Furthermore, I use MS tools (process explorer/ tcpip view) to check for open connections or for unknown EXEs.

    Haha very funny security on computers existed before the internet sorry to say your antivirus is not enough protection and either is your firewall read all about it here.

    http://www.cyveillance.com/web/news/press_rel/2010/2010-08-04.asp

    Did you not read they also had microsoft security essentials its called an anti-virus.

    Firewalls can be bypassed by a number of methods there is no such thing as a safe software firewall.

    How can you know if your not infected if you have a rootkit your antivirus will not pick it up that is what it is desgined to do and here is the info on piratebay and others serving up malware through ads.

    http://torrentfreak.com/the-pirate-bay-user-pages-blocked-by-google-090315/

    http://www.net-security.org/malware_news.php?id=1431

    So your saying viruses and modems did not exist before 1990?

    I have owned my own computer store for 26 years and have also been a computer tech building and repairing, cleaning on average i clean 10 machines a day of malware and viruses and most of my work is done by hand because av's miss too much i use tools like process explorer and autoruns by sysinternals , i also setup and maintain servers for businesses and set up security solutions.

    Btw that article you pulled up on threatfire is old there was an update sometime back that fixed the problem for my customers i use 3 type of av to prevent conflicts 1behavioral  ,1 normal, 1 cloud to cover as much as possible.

  • jimmyman99jimmyman99 Member UncommonPosts: 3,221



    Originally posted by Astro6


    Originally posted by jimmyman99


    Originally posted by Astro6

     
    You really need to brush up on your security as a security expert 25 yrs in the field getting hacked by adverting banners is real not fake look at my post, it has happened many,many times what they do is pay someone to place the ads that have no affilation with the hackers.
    It is the most common vector to catch fake av's/rootkits-keyloggers/malware because it is on a web advertising ring it may reach as many as 20,000 websites.
    As a matter of fact it happening with the piratebay atm and 100's of other websites just past week i had 4 customers that had thier accounts hacked from keyloggers in advertising banners on facebook they had microsoft security essentials,threatfire,immunet installed.
     
    http://news.cnet.com/8301-27080_3-20002267-245.html
    http://www.wowwiki.com/Talk:Thorium_Brotherhood
    http://copyfight.corante.com/archives/2009/04/20/copyfight_is_everywhere.php
    I can post over 200 links to security websites with information about keyloggers in ads on curse gamaing,allakzam,wowmatrix and many more sites including the chicago tribune.
    http://www.maximumpc.com/article/home/adobe_plugs_six_critical_security_holes_flash_player
    http://www.adobe.com/support/security/bulletins/apsb10-16.html

    LOL, as a 25year old security veteran, you have no idea what you are talking about. What kind of security are you an expert of? The internet was commercially available in 1990... thats... 20 years ago. Being a security guard at the local bank branch does not make you an expert in Internet security.
    ThreatFire:
    "ThreatFire continually protects your PC against attacks by detecting malicious behavior, such as capturing your keystrokes or stealing your data, instead of only looking for known threats like normal antivirus software. By implementing sophisticated real-time behavioral analysis ThreatFire is able to stop never- before-seen "zero-day" threats solely by detecting their malicious activity." - ThreatFire has a pre-set behavioral signatures to detect malicious software - just like anti virus program, except that AV has signatures of the viruses themselves. In human terms, instead of having a mug snapshot of a criminal, it has a description of what that criminal can do. I can see where it might have a slight advantage over AV, but at a huge cost - you CAN get infected with a virus, as long as it does not make any malicious action that ThreatFire recognizes. AND, it seems that ThreatFire does not really block/detects keylogging AT ALL. Read about it on their forum HERE.
    Immunet - not a standalone AV product. I've read several reviews, and while it does block some mallware, it is not a replacement of a stand alone AV product.
    So the person who got infected basically had its doors open for a virus - a user error.
    I visit thepiratebay/facebook daily - never been infected. I visit porn sites and sometimes when I venture off the mainstream sites into the jungle of low level sites with viruses and mallware, I never got infected. My firewall/AV blocked whatever danger I was in. Furthermore, I use MS tools (process explorer/ tcpip view) to check for open connections or for unknown EXEs.

    Haha very funny security on computers existed before the internet sorry to say your antivirus is not enough protection and either is your firewall read all about it here.
    http://www.cyveillance.com/web/news/press_rel/2010/2010-08-04.asp

    BAHAHAHAHAHA, did you not read what I wrote? You are confirming my own words - AV and Firewall is NOT enough to protect yourself. It is in the hands of the USER to use what tools he has (AV,Firewall, other tools like the Process Explorer, TCPIP viewer, port monitor, Process Monitor! Look, you can throw in any number of years of experience in "security" you want, 25 years, 50 years, I don't care. Your knowledge is above basic, but doesn't look like its even on intermediate level, you are floating somewhere in between.


    Originally posted by Astro6

    Did you not read they also had microsoft security essentials its called an anti-virus.
    Firewalls can be bypassed by a number of methods there is no such thing as a safe software firewall.

    The day Microsoft releases a decent AV product is the day humans evolve into energy beings. And yeah, depending on the firewall, some are sucky, but, what you DON'T know is that there are firewalls that block ALL ports on your computer (except for the port 80 on the webserver and 443 for SSL)), making it virtually invisible to the outside world. For advanced users, blocked ports = stealth ports. If your PC is completely unreachable, it is also un-hackable without an effort from your side (visiting malicious website and having your security turned off, etc). What you seem to not understand is also that firewall do not just act as a preventive measure from outside, they also prevent malicious programs from accessing Internet from the INSIDE. This knowledge is not that secretive, an average PC user would know that. Since you don't, it just confirms that you do not know your stuff well. Heres a hint: scan your ports (and other security holes): http://www.grc.com


    Originally posted by Astro6

    How can you know if your not infected if you have a rootkit your antivirus will not pick it up that is what it is desgined to do and here is the info on piratebay and others serving up malware through ads.


    Let's assume that somehow I managed to get infected by a rootkit. This rootkit will HAVE to send the information to the hacker - guess what, he CANT! The firewall stops all connection unless I specifically allow it to. Depending on the firewall, it detects when other programs try to load and use legitimate programs for sending that info (myprog.exe loads Iexplorer.exe object to try and contact hacker's website gets intercepted by the software firewall that according to you does not exist!)


    Originally posted by Astro6

    http://torrentfreak.com/the-pirate-bay-user-pages-blocked-by-google-090315/
    http://www.net-security.org/malware_news.php?id=1431
    So your saying viruses and modems did not exist before 1990?


    Did you read my post at all? I said viruses existed, but before there was Internet, the only way to spread the virus was to physically carry it on a floppy/CD from computer to computer. Since there was no Internet, there were no Worms or rootkits, there were just viruses that deleted/corrupted/encrypted your data. Those viruses did NOT steal anything, they just destroyed it. You can't steal anything from a PC that is not connected to the Internet (because it does not exist). For a 25 year security veteran, you sure are lacking in some basic PC knowledge... were you in a coma for like 10-15 years? sorry for being a bit sarcastic here, but people that throw around numbers like 25 years in business and then lack some basic concept on the subject just... throw me off balance.


    Originally posted by Astro6

    I have owned my own computer store for 26 years and have also been a computer tech building and repairing, cleaning on average i clean 10 machines a day of malware and viruses and most of my work is done by hand because av's miss too much i use tools like process explorer and autoruns by sysinternals , i also setup and maintain servers for businesses and set up security solutions.



    So you do very basic stuff, big woop. Try cleaning system DLLs, try figuring out which DLL is a legit one and which aint, try looking at which EXE or even DLL that is used by EXE is having an open connection or if its just listening on a port that shouldn't be open.



    Originally posted by Astro6

    Btw that article you pulled up on threatfire is old there was an update sometime back that fixed the problem for my customers i use 3 type of av to prevent conflicts 1behavioral  ,1 normal, 1 cloud to cover as much as possible.


    Lets assume you have your PC store and you have 25 years of experience of selling PCs, assembling them, cleaning up malicious programs. None of those things make you a seciruty expert. If you go to a drug store to pick up medicine, is the guy behind a counter a doctor? No, he just hands you prescription medicine. You know how to use some tools, but you lack some critical knowledge of how they work. The important thing is NOT how to clean up your computer, but how to NOT get infected in the first place. I am not gonna lie here and throw a 25 year experience in security, I have a mere 10 years of IT supervisor position - we have 4 offices with around 20 PCs, with 2 servers that host 1 internal and 1 external website, they are secured, the network is monitored, the website is monitored, backed up on a daily basis. We were never hacked once (although I caught a DOS attack once). So yeah, your 25 years beats my 10 by 2.5 fold. Guess your e-peen is bigger then mine, eh?

    I am the type of player where I like to do everything and anything from time to time.
    image
    http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
    imageimage

  • Astro6Astro6 Member UncommonPosts: 240

    "So you do very basic stuff, big woop. Try cleaning system DLLs, try figuring out which DLL is a legit one and which aint, try looking at which EXE or even DLL that is used by EXE is having an open connection or if its just listening on a port that shouldn't be open."

     

    That is exactly what i do by using process explorer and autoruns from winternals as well as checksum verification of dll's looking for patched exe's,sys and dll's  ie. atapi.sys is a common file that is patched by rootkits to hide malware the rootkit can not only hide files, but fake closed ports you could not tell if the port is open sending data unless you can detect the hooks the rootkit is using.

    I also program in asem,C++,java,perl,autoit and a whole slew of programming languges also i set up security cameras,pvrs,pc home security systems.

  • sakersaker Member UncommonPosts: 1,246


    Originally posted by Dameonk

    Originally posted by Rednecksith

    Besides, they obviously have some way of knowing when an account goes inactive, as those seem to be the ones getting hacked the most recently by far.
     
    My WoW account (inactive since before BC) hasn't been hacked.  But when the BNet switch over occured I went ahead and activated my WoW account on BNet because Blizzard recommended it (and hey, I might resub someday).  About 3 months later I started getting WoW fishing email about my [inactive] WoW account being hacked, or needing to change my password, or update my billing info, etc.
    The really weird part is the email I used to register WoW is ONLY registered to WoW.  I have never used it for anything else, except for signing up for the WoW beta test before it was released.

    My account likewise sat unused since way back, before any expansions, and not till this whole linking to bnet thing did I see any of the email phishing, and my account was hacked. Had to jump through all sorts of hoops to get it cleared up (only did that because I just wasn't about to let the shit-bags win, don't expect to re-sub ever). Have never had any other hacking issues.

  • jimmyman99jimmyman99 Member UncommonPosts: 3,221

    Originally posted by Astro6

    "So you do very basic stuff, big woop. Try cleaning system DLLs, try figuring out which DLL is a legit one and which aint, try looking at which EXE or even DLL that is used by EXE is having an open connection or if its just listening on a port that shouldn't be open."

     

    That is exactly what i do by using process explorer and autoruns from winternals as well as checksum verification of dll's looking for patched exe's,sys and dll's  ie. atapi.sys is a common file that is patched by rootkits to hide malware the rootkit can not only hide files, but fake closed ports you could not tell if the port is open sending data unless you can detect the hooks the rootkit is using.

    I also program in asem,C++,java,perl,autoit and a whole slew of programming languges also i set up security cameras,pvrs,pc home security systems.

    Ok, lets stop arguing who is more experienced at what and lets get back to the issue: from your last post before it snowballed down I understood that you claim that a lot of hacked computers are from banners and advertisement.. could you please present a proof of how this is done? Thank you.

    I am the type of player where I like to do everything and anything from time to time.
    image
    http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
    imageimage

  • Daffid011Daffid011 Member UncommonPosts: 7,945

    Just do a quick google of 'flash exploit' and you will see a ton of ways banner ads are being exploited.  It may not explain everything in detail, but it should give a good idea of how frequent and wide spread they are. 

     

  • jimmyman99jimmyman99 Member UncommonPosts: 3,221

    Originally posted by Daffid011

    Just do a quick google of 'flash exploit' and you will see a ton of ways banner ads are being exploited.  It may not explain everything in detail, but it should give a good idea of how frequent and wide spread they are. 

    I googled and read several articles.

    Some articles write that it was fixed by a patch already(as in withing a month or so), some write that windows with DEP on (it is on by default) will mitigate most if not all the damage even without a patch...  Most respectible sites do not carry malicious banners, well, maybe they do slip once in a while, but its rather an exception then a rule. I do not think that this vulnerability would affect a large number of people. The number of people that got infected by this vulnerability and play WoW is even smaller. So I do not think this has anything to do with WoW accounts getting hacked. To add another argument to my reasoning, does anyone remember all those waves if trojan infections that infected millions of PCs in the past? Well, if we did not have an explosion of hacked WoW accounts then, why would anyone assume that this much smaller in scale vulnerability is responsible for increase in hacked accounts? I think we need to search for the reason somewhere else.

    I am the type of player where I like to do everything and anything from time to time.
    image
    http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
    imageimage

  • csthaocsthao Member UncommonPosts: 1,115

    Originally posted by Beermangler

    There's no such thing as account hacking. 

    Instead, there's plenty of stupidity around. People clicking every single link they get via email / IM, not checking the redirection URL in the browser's address bar, not using safe passwords etc. And still they're the ones complaining. I wish so hard that stupidity would hurt as hell... 

    Just my two cents.

    You just cant teach common sense, its gotta be learned by the one who made the mistake...

  • jimmyman99jimmyman99 Member UncommonPosts: 3,221

    Originally posted by csthao

    Originally posted by Beermangler

    There's no such thing as account hacking. 

    Instead, there's plenty of stupidity around. People clicking every single link they get via email / IM, not checking the redirection URL in the browser's address bar, not using safe passwords etc. And still they're the ones complaining. I wish so hard that stupidity would hurt as hell... 

    Just my two cents.

    You just cant teach common sense, its gotta be learned by the one who made the mistake...

    I also think this is the case, all because of the sudden influx of phishing emails and hacked WoW accounts respectfully. I think people lacking basic computer knowledge (recognizing fake links, fake emails, having decent AV/firewall, etc) is the major cause of all the outcry from the public. But I am willing to discuss other theories too. Some are pretty interesting.

    I am the type of player where I like to do everything and anything from time to time.
    image
    http://en.wikipedia.org/wiki/Holodomor - pre-WW2 genocide.
    imageimage

  • Astro6Astro6 Member UncommonPosts: 240

    Here is an example of how a keylogger can beat a firewall and AV and is in the wild atm.

    http://www.net-security.org/malware_news.php?id=1373

    These new keyloggers use port 80 problem is if you block port 80 have fun surfing lol.

    No matter how good of an av you have it can't really protect you against 0 day threats , that is why people must learn how to stay safe on the internet.

    For business use though one could use Hackalert and scan webpage for zero day threats before surfing there.

    https://hackalert.armorize.com/

    But even if you are experienced with new exploits using clickjacking what you see say is www.facebook.com on link on left bottom of browser but if you click on link it takes you to a whole new website that contains malware here is a real example.

     

    http://www.technibble.com/forums/showthread.php?t=19305

    Although using noscript in firefox which i use may protect you from this exploit.

    Even games that can be downloaded at trusted gaming sites can be comprimized by hackers replacing the original with one that has a keylogger more info here:



    http://www.stopbadware.org/home/alerts

    How to prevent your router from being hacked:

    http://blog.trendmicro.com/protecting-your-router-against-possibl-dns-rebinding-attacks/

     

    Not all people keep their windows up to date only 20% of windows users have all of the security updates installed many rootkits are designed to prevent users from doing so, this allows sites with exploits to bypass your anti-virus and firewall.

    Vectors used for zero day attacks adobe flash,javascript,adobe reader,shockwave it is best to keep these up to date or use:

    Securina PSI which is free which patches zero day exploits: http://secunia.com/vulnerability_scanning/personal/

     

    What is a good antivirus here is a good article: http://www.maximumpc.com/article/features/security_shootout_10_top_antivirus_apps_put_test

  • Lizard_SFLizard_SF Member Posts: 348

    It's interesting how many of these "I was hacked!" stories include some phrase along the lines of "I know this 'cause I got an email from Blizzard."

    I can't be 100% certain, but I'm *99*% certain Blizzard never sends any such emails. Think about it. Imagine if, every time you logged in from a different IP address, Blizzard's automated systems decided you were being hacked and shut down your account and sent you an email. Their tech support would be flooded with complaints if they did that.

    So how many of you who knew your account was hacked because you "got a letter" clicked some link in that letter to "contact Blizzard" or "verify your email" or "re-enter your password" or any other such thing? (Or, hell, just opened the email in some mailer that renders HTML so Ghu-knows how many bugs and exploits could come through? Plain text, people! Plain text! It also makes phishing much more obvious, unless you think "www.blizzzard-accounts-security.com.ru" looks like a real address to you, in which case, you deserve what you get.)

    Because when I look in my spam box, I see about 10-20 emails a week telling me "Your account has been hacked!", and if I was stupid enough to click on even one of them... it probably WOULD be.

    Oh, you haven't been invited to the Cataclysm beta, either.

    PS:That prince from Nigeria? Not real.

Sign In or Register to comment.