Runes of Magic US / AU

Doh, sorry about that, sent you a PM explaining why

Would appreciate anyone and everyone sending me any names of players that are hacked. But PLEASE keep this to private messages. The list isn't complete as it was but I have a TON of names to re-add. The list may appear small right now but that list was from only a few days after this started. I have about 15 x the amount of names to add.

On with the show...we have our first OSHA victim

Quoted from "Dionaea;525582"

Merged threads again, we have one thread open for you to voice your concerns, we do not need several threads on this topic.

And UncleMart, I will continue to give you all the facts and information I have. And at this point, this information still is:

No security breach has been detected up to this point. Our investigation will continue.

Your suspicion is a rumor and no fact. I can not stop you from speculating, but still read our advices given in this thread and follow them anyways. It makes your accounts safer and it is something you can actively do on your side to improve the security of your account. We will continue on our side to do everything possible to ensure the security of your accounts and information. Every hacked account needs to contact our support for assistance.

If any new information comes up or the facts change, we will inform you. Please try not to panic, it is not helping the situation.

Yeah ok...so lemme guess the hacker/s made a tool where they can see exactly what people have ingame along with their computer info...hacker is like hmm lemme right click this dude to get his computer info and player info and see if he is worth hacking... Absolutely hilarious, it is pretty obvious there is unsecure code within the server/s, business pc/macs/chalkboards/crayons and whatever else the companies use these days, cause obviously its not up to date equipment with knowledgeable staff.

To be fair, Dio didnt deny the problem might be at Frogsters end, she did also state that investigation is ongoing in case of this. I'll need to see something pretty strong to indicate this leak is on the players end though. I'll keep an open mind but right now I don't see how it can be on the players end at all.

All indications are indeed that the problem is on the server end. Breach or spoofing or backdoor, whatever it is, I also dont see how the players can be responsible. The signs point to server issue.

But, lets be realistic here. These things are incredibly hard to detect. Anyone who dealt with computer security knows how complex and convoluted those systems can be. This is not TV, where computers are hacked in matter of few seconds, and the breaches are detected similarly fast. These things take a long time to secure, and even longer time to detect. So, yeah, Frogs can be watching and investigating and doing all they can realistically do, and the problem still would not be contained.

The gold spammer in question is not flight by night operation. They sell gold for about 3 dozen MMOs. That is heck of a lot of hacking. Exploiting or breaking that many systems takes great deal of skill. They are not rookies or amateurs, and they likely have more resources than any of the victims MMOs.

Quoted from "UncleMart;525650"

I'll need to see something pretty strong to indicate this leak is on the players end though. I'll keep an open mind but right now I don't see how it can be on the players end at all.

Ya because users cannot get infected. *eyeroll*

Have you not read the news in the past couple weeks? A single exploit in Java compromised over 600,000 Mac Users. I am pretty sure that not enough people know how to maintain a proper amount of security on their computers.

If you are not running through a VPN and without the having a good AV & Firewall active 24/7. You can easily get compromised. If you do not have actively check to see if something is contacting something you do not know about ... you are not doing enough.

As someone as paranoid as me, I take all the necessary steps to maintain the security of all my accounts and I have changed all my passwords the second this incident occurred and so far, I do not see my account screaming in the World selling gold.

Quoted from "mrmisterwaa;525669"

Ya because users cannot get infected. *eyeroll*

I never said that, nor did I even slightly imply it. Also, do you honestly think that if people could plant a trojan on someones computer they'd only hijack their MMO game account? I somehow think that they'd be going after credit cards/paypal. Also, we already have one person that has changed their password the day prior to being hacked.

yes, they would...gold selling isnt some minor business. they have tens of thousands of bots running 24/7, small countries' governments paid to give proxy support and custom trojan authors. win32.banker and those like it that steal financial info are much harder to mask because of all the safeguards they have to circumvent. masking a kit, dropper and psw for an mmo isn't difficult because it makes very few, subtle changes. hell one that had RoM in its library was written in assembly, had a blacklist of tons of dll's not to infect, used code cave for hiding the info grabber and was obfuscated with a poly crypter. they prob paid only $300 bucks for it, something that sophisticated that cheap is a bit frightening..imagine the return on that investment when it targets 8-10 games. mmo players are also a very high risk group simply because of just how profitable the industry is vs chances of being detected. we're targeted like this all the time.

and the 2 that just hit macs were zero day exploits, required no user action to infect and were more than likely test runs, not the real payload. hell the most famous is the one listed now as a weapon of mass destruction, targeting uranium enrichment/nuclear power plants' controlling software and is incredibly good at it. we can guess easily where it came from, but it's in the wild now so others are learning from it. Oo

more info to come later from a hit player's box

Without checking I'm pretty sure the big Mac one that just hit required putting in a password somewhere, I was reading a thread on another forum about it and saw that mentioned a few times. I wasn't reading the thread for any other reason than to see all the windows trolls poking the Mac users about security though

But yeah, im not ruling out the possibility of that happening, but its very low on my list.

Ahhhh, so that is what happened to this morning's thread entitled "Have YOU Been Hacked", or something similar to that. I wondered how long that particular thread would last. I knew it would be deleted. The same thing happened to the wiki page.

Requests by forum staff to keep certain information "private" lacks integrity, is intentionally disingenuous and stinks to the high heavens. Please do not hand me a plate of crap and try to convince me it's apple butter.

We have been advised at least twice "not to panic". As I have stated before, I have not observed anyone in a panic on these forums. I've also stated before; "panic" is running down a hospital corridor to the trauma unit to receive information about a loved one. The feelings displayed here on these forums are distrust, dismay, anger etc... The only one mentioning panic is the forum staff. I will ask again; would the staff please refrain from presumptions that may cause further damage?

Regarding sharing information on these forums; why the secrecy? Anyone involved in LE would tell you the more information they have; the more likely a conclusion will be reached and action taken.

What's wrong with people who have been victimized by these hackers explain what happened to them?

I've been convinced from the very start that these hackings have nothing to do with the customers. I'm convinced that these hackers are due to a security breach within the game system itself. Requests such as keeping information "private" under the guise of protecting the account holders (or any other paper thin excuse); lends further creedence to my belief.

The above post is part opinion, part fact. Please excuse spelling errors.

Quoted from "NaiSa;525648"

Yeah ok...so lemme guess the hacker/s made a tool where they can see exactly what people have ingame along with their computer info...hacker is like hmm lemme right click this dude to get his computer info and player info and see if he is worth hacking... Absolutely hilarious, it is pretty obvious there is unsecure code within the server/s, business pc/macs/chalkboards/crayons and whatever else the companies use these days, cause obviously its not up to date equipment with knowledgeable staff.

If I remember correctly, wasn't gold one of the things in the player rankings way back when? There was a big fuss over it here because many players thought it was too intrusive.

yea the initial version of flashback crashed a plugin and then asked for admin password to install the "new and improved version"...the latest variants hit an unpatched vuln in java. so most were defenseless against it. it also detected if the machine was virtualized and aborted if it was to slow analysis and some other nasty tricks. a significant % of all macs were/are infected and it's still evolving...

the gold spammers are always online...with sweat shops of ppl farming 24/7 it isnt hard to see when ppl are on or not. the chinese prisoners made to farm gold wasnt a made-up story.

more than likely it's simply a skewed observation since most rom players dont come to the forums, dont post, etc

Let this be a message to anyone who tries to inform the public about who has been hacked, Frogster will ban your game account for posting a link in world chat.

Within 5 minutes of posting the link that is, keep the information within your guild of who has been hacked, information is precious.

As for the forum moderators, this isn't a ban discussion, this is a warning for those who might otherwise try to spread the information on these forums or in world chat, so please keep this post where it is.

The game has an automatic protection to detect http links in world shout, I put a link in world shout a long time ago and roughly 5 minutes later I got banned. I had no idea why this happened until I spoke to a GM. He told me what happened and was unable to fix it with his powers. A day later it was fixed.

I'm pretty sure the same has happened here but a GM/CM will soon be able to check this for you. It may seem like you were banned for the reason you thought, but have a little faith I'd advise only putting that link into zone/trade type channels though.

Quoted from "UncleMart;525796"

The game has an automatic protection to detect http links in world shout, I put a link in world shout a long time ago and roughly 5 minutes later I got banned. I had no idea why this happened until I spoke to a GM. He told me what happened and was unable to fix it with his powers. A day later it was fixed.

I'm pretty sure the same has happened here but a GM/CM will soon be able to check this for you. It may seem like you were banned for the reason you thought, but have a little faith I'd advise only putting that link into zone/trade type channels though.

I don't think so, this line is a bit too oddly specific for me, when Tuna-shake said the same exact thing to me.

Quoted

This site contains links to known gold seller sites and the account names of several players. Therefore, it is not acceptable to post this link in our game or forums.

Kef you get a in game vacation?

Quoted from "regentego;525804"

Kef you get a in game vacation?

Well it is a one day vacation, Kef needed a break anyways he was spamming dailies all day until this happened, been a fun day, also had to have my car towed.

Sooooooo why is it a hypothetical guild leader I may or may not know can get banned for putting a URL in WC YET! This hacker has now been spamming WC for the past 20 minutes? I mean the hacker has Web addresses all up in this server!

Quoted from "Craigers;525612"

On with the show...we have our first OSHA victim

i was wondering why i havent seen any of this hacking until now, i guess osha got hit finally.

Hmmm, wonder if RoM will end up like a few other games that had rampant hacking. With the current trend seems like the hacking will dominate the game, like the many other games that are basically run by the hackers/goldsellers... Its like log in and the first thing you see in chat is goldseller spam and such . Is RoM gonna be abandoned since its fairly obvious the programmers at the companies have no clue what to do since they probably never even worked on the code, as the original people that maintained the game are gone...

Or is there gonna be a server wipe with a new client when CH.5 comes out...server wipe...new data...remake accounts...freshly hired security team for 24/7 cyber crime prevention (highly doubt the security team LOL)
Hire temps if understaffed to work round the clock on finding a solution/fix/guaranteed security patch. Its astonishing at how a company in the gaming business doesn't invest enough in data security.