1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Greetings Guest!!

    In order to combat SPAM on the forums, all users are required to have a minimum of 2 posts before they can submit links in any post or thread.

    Dismiss Notice

From the Hackers point of view

Discussion in 'UHall' started by linko50, Jun 16, 2008.

  1. linko50

    linko50 Guest

    this is not meant as a post about how to anything, this is meant as assistance, i am curious, there are allways people coming in here after being hacked, and stating that they were hacked, but they never say how or anything.

    I would like a few people to say "if they were a hacker" how they would do it,
    do not state any names of programs, or specifics that would help anyone who would be a hacker, just a vague statement that is a realistic way.

    the goal in this is to let people who are unaware of how people do it to better prepare themselves, and their computers for breaches. because like it or not, all of our belongings in this game and whereever else we may roam, are valuable to us. Some are even worth something irl if you take that route.....
     
  2. Sarphus

    Sarphus Guest

    I think a lot of the true "hacks" involve getting someone to download a keylogger and using the data from the keylogger to get their account name and password.

    You can do a few things to help protect yourself from these hacks.
    1. Don't click links in IM
    2. Don't click links on msg boards
    3. Keep your OS up to the latest updates using windows update
    4. Uninstall your JRE if you don't need it for something. The JRE is pretty much wide open to a plethora of attacks such as buffer overruns.
    5. Use anti-virus software and make sure you keep it updated with the latest virus definitions.

    There's more you can do, but these basic steps should keep you relatively safe.
     
  3. christy1221

    christy1221 Slightly Crazed
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    1,329
    Likes Received:
    18
    I wish I knew how they hacked into mine. they got seven accounts and one had not been logged into in over a year so I don't think a keylogger did it. They all had different passwords and some had different email addresses. I hadn't clicked on any links so who knows how they did it.
     
  4. Desperado_SE

    Desperado_SE Journeyman
    Stratics Veteran Stratics Legend

    Joined:
    May 12, 2004
    Messages:
    298
    Likes Received:
    0
    Social engineering, plain and simple. Get to know someone fairly well (enough to develop thier trust in you) and most will readily give you thier account names and passwords. While it is just my opinion and nothing that I can prove, I personally believe most of the hackings that are mentioned here are from this method.
     
  5. Sarphus

    Sarphus Guest

    Also very true... The best way to get someone's password is to ask for it.
     
  6. Tomas_Bryce

    Tomas_Bryce Rares Collector Extraordinaire | Rares Fest Host
    Stratics Veteran

    Joined:
    Aug 14, 2006
    Messages:
    2,212
    Likes Received:
    3
    Posting your account email on Stratics (or anywhere else) is a great way to exponentially increase your chances of getting hacked.
     
  7. Omnicron

    Omnicron Stratics Legend
    Stratics Veteran Stratics Legend

    Joined:
    Dec 14, 1999
    Messages:
    7,689
    Likes Received:
    40
    Probably through your email account. If people are smart enough they can get all the information they need about your, "secret hint" from the various places you post on the web. Myspace is a huge place to gather information on potential "marks." People seem to have a way of filling out all the stupid surveys and putting ALL their personal info out there. A half assed "hacker" can get your info that way and gain access to your personal email and get account names and pass's/\.
     
  8. linko50

    linko50 Guest

    Have to mention, one thing i noticed the other day, i was on myspace, and i got a comment, a random one but from a close friend, it was an advertisement type comment but about the game, i was about to click on it, but then i realized htat they didnt play the game, so i looked into it, this is what happens when you click it...

    1. click the picture/add and it takes you to what looks like the homepage for myspace, only you are not logged in. It wants you to log in, and you are assuming that you just meed to log in, or back in...

    2. when you log back in it takes you back to the screen you were at before, normally i guess you would go about your day not knowing anything.

    what this does is it logs your username and password and then it has access to your myspace, and probably whatever else you use that password for, such as email, or games.....
     
  9. Omnicron

    Omnicron Stratics Legend
    Stratics Veteran Stratics Legend

    Joined:
    Dec 14, 1999
    Messages:
    7,689
    Likes Received:
    40
    I dont click ANYTHING people send me. Hell when my wife sends me those silly glitter messages on myspace, I dont click them sumbitches either.
     
  10. Alrich

    Alrich Guest

    phishing websites are another big one, which happens alot on places like myspace (ever clicked someone's pictures link or such and suddenly you have to relog into myspace?) 95% of the time, you enter that info, and someone just phished your email and a password from you.

    That compounded on the fact that people use similar passwords for everything. Extremely dangerous. But even if not all they need is your email and they get more tries to get at your information.

    Its just as funny as a big exploitation at file sharing programs like limewire and kazaa, etc. So many people just share everything on it, do a search for passwords.doc or accounts.doc (xls, txt, etc) and you could be absolutely amazed at how stupid and thoughtless some people are.

    Finally a last and more archaic way of it, if someone has your login name, they can simply script a dictionary program and common passwords list to try millions of common combinations. This doesn't work so well due to account lockout timers and the such but still possible to a degree. Pick passwords that are more secure. (tonyspizza bad, t0nYsp122a, you just reduced the risk of someone simply guessing your password to next to impossible)
     
  11. Llewen

    Llewen Grand Inquisitor
    Professional Stratics Veteran Stratics Legend Campaign Supporter

    Joined:
    Mar 3, 2006
    Messages:
    4,699
    Likes Received:
    200
    I posted this thread a short while ago, which seems to have been widely ignored... ;)

    Other than, of course, to have someone accuse me of being a hacker...
     
  12. love2winalot

    love2winalot Guest

    Well, there is always the old fashion way. Make up a name that is most likely someones account name. And just start typing in different passwords. If your account name and pass word go together, then you should change it. 1+1=


    and if 2 is your password, then that is just to easy. :popcorn:
     
  13. linko50

    linko50 Guest

    lol, when i very first started uo, in 1998 i found one that was down like that, i never did anyhting with it, but it was nameuser and the password was wordpass, lol.....

    omg,...... does that make me a hacker!
     
  14. Loqucious

    Loqucious Guest

    Ummm............what is a JRE?
     
  15. Alrich

    Alrich Guest

    JRE = Java Runtime Environment.

    used for alot of web based applications. If you use it make sure it is kept up to date (though I REALLY wish SUN would end its partnership with Google...) just make sure to uncheck that crap known as google toolbar from installing.

    If you don't use it (honestly you probably don't, unless you are on a workstation for job or such) just uninstall. weeee.
     
  16. Llewen

    Llewen Grand Inquisitor
    Professional Stratics Veteran Stratics Legend Campaign Supporter

    Joined:
    Mar 3, 2006
    Messages:
    4,699
    Likes Received:
    200
    Java is used for a ton of online stuff. You probably do need it. But definitely do not install the Google toolbar, or any other toolbar, and use Firefox with noscript and make it your habit to block scripts unless you know what they do, and if you unblock for a site, remember that you don't need to unblock scripts for the advertisers on that site.
     
  17. Alrich

    Alrich Guest

    Java yes, JRE, no.

    You can run java web**** without JRE being installed.

    JRE actually downloads and runs applets on your pc. Java just reads them.
     
  18. Spiritless

    Spiritless Seasoned Veteran
    Stratics Veteran

    Joined:
    May 12, 2008
    Messages:
    486
    Likes Received:
    466
    Err, no you cannot. You are obviously confused about how Java works.

    The Runtime Environment contains the Virtual Machine and class libraries necessary to execute Java programs. You need a JRE installed on your computer to run Java applications. Web-based programs execute Java apps by using a browser plugin which interacts with the runtime environment.

    Also, for the record, there are currently no security advisories against the latest version of Sun Java. You don't need to uninstall Java. If you didn't use it, it wouldn't be installed in the first place.
     
  19. linko50

    linko50 Guest

    any other ideas?