Tobold's Blog
Tuesday, May 28, 2013
Cryptic servers hacked?

I am using unique and secure passwords for my various online game accounts. So guessing my passwords or solving them with brute force should be difficult enough to make that approach too expensive compared to the small value of those accounts. So I am very much surprised that I already got the second message from Cryptic in a week that they blocked somebody accessing my Neverwinter account from an IP in China.

Now I do like Cryptic's "account guard" system which require e-mail verification if an online account is accessed from a different IP. But I wonder how the Chinese hackers were able to try to log into my account in the first place. Twice. I have serious doubts that they were employing huge supercomputers to crack Neverwinter passwords by brute force, trying all possible password combinations against all e-mail addresses they could find on the internet. It is much more likely that they first got my e-mail and password from the Cryptic servers itself.

Is anybody else having problems with his Neverwinter, Champions Online, or Star Trek Online accounts being accessed by hackers? I only dabbled in those games, so losing that account wouldn't be a big deal for me, but I can imagine others having invested more time and money and being more worried. Have the Cryptic servers been hacked again?

I have had the same exact issue with Guild wars 2 even though i used a different email address for it Plus a all new password.

I stopped playing there after a month though so i just ignore the emails from Anet.

I is indeed rather disturbing to say the least.
I know that you are super-savvy and all that, so don't taunt me for asking: but are you sure that the warnings you received aren't phishing emails?
In the same vein as Oscar, are you sure your PC is secure? Any sort of keylogger would explain things nicely.
Is it possible that the account-guard kicks in before the password has been validated? That is, I could go try to login to your account and use a totally wrong password, and you'd still get the account-guard notification? Might be worth checking.
No messages from cryptic about my Star Trek account (not that I've been using it a lot recently.... could this be an explanation?)

I've got two "check your account" warning messages from Facebook, last week, saying someone from Canada was trying to login with my name.

That's pretty annoying. And scary.

Interesting. I got one of those too. Although my invader was from North Carolina or some such.

Is this part of a trend that someone has read about?
are you sure that the warnings you received aren't phishing emails?

The origin and the links provided in the mail appear legit. Furthermore they would make lousy phishing attempts, as nothing in the mail or the links they send you to is actually asking for information. They work the other way around: They provide you with a code which you would need to enter in addition to your normal login attempt when using a new computer.
No, I've not had any issues with my account being hacked on the Cryptic games. The only time I did have that issue was on WoW, and that was because of some malware I'd picked up from WoWWiki.

Having learned my lesson from that experience (that even regularly changing passwords doesn't protect you), my accounts for games that I pay for I make sure to add secondary authentication. The others I'm not quite so concerned about --I've never attached a credit card to them-- but I do use separate passwords.
I have also received an e-mail from Cryptic. I employ similar password practices and was shocked when I got the e-mail. We might possibly hear something from cryptic, later today? Or most likely.... Never.
This comment has been removed by the author.
I got 2 cryptic accounts, and someone tried to access both. One attempt 2 days ago and another one on my second account a few hours ago. So yeah the hacking of the servers seems likely.
I used to play Star Trek happily until one day I tried to log in to find my account was banned. I checked to see why but I never received an email explaining what offense I had committed, but there were two emails saying my account had been accessed from china. One from a week before and the other from the day before I was banned.

I predicted a steep drop in fun/hour while trying to recover my progress on a new account, so I just stopped playing.
Well it wouldn't surprise me if Cryptic's system is screwed up. I've been trying to play Neverwinter for weeks and have never been able to log in because it says my password is wrong. So I reset it, get confirmation that it was changed successfully, and when I immediately try to log in with the new password, it says it's wrong and the whole cycle repeats. I've been arguing with tech support for weeks.
Hacking accounts is done through brute force. It's easy to acquire the software to hack any password that follows a given standard. Most public lists have 200k+ passwords.

The tough part is the email address/account name. If you use an email address to login and that address is simple/public, they have more than enough to access your account.

If Cryptic was hacked, everyone would get a message. Odds are you're using a public email address (or a simple one) and a rather simple password (under 10 characters, replace letters with haxxor numbers, etc...)

Enough studies have shown that a password that's a sentence 16characters long is more secure than mnemonic passwords 8 characters long with alpha-nums.
They're not brute forcing thousands of people's passwords -- have you not noticed how long it takes to try to log into these games, and then if the password is invalid, to enter a new one and try again? It would take probably 10 seconds per attempt (per account) while going through thousands of possible passwords. There's just no way they have the time to do that (or I should say it's not worth the time).

Obviously the "hackers" have a list of email addresses for MMO players, and they are finding ways of getting the passwords somehow. I get phishing emails almost every day claiming that my account has been compromised from "ArenaNet" -- Guild Wars 2 is the only MMO I am currently playing, so it's pretty strange that the only phishing emails I am currently getting bombarded with are for GW2. How do they know I am not playing WoW, SWTOR, etc.?
I received the same email from account guard last night, the IP was also from China. I'm currently in Germany, I wonder if Cryptic has a regional login server that was dickered.
Most public lists have 200k+ passwords.

As I said, I use a secure password, that is not a "word" that would be legal in Scrabble, nor a variation thereof. Using small and capital letters, plus numbers. For a brute force attack a hacker would have to go through 62^8 or 2e+14 different combinations to find my password.
are you sure you do not have a keylogger on your system?
are you sure you do not have a keylogger on your system?

Yes, I am absolutely sure that I do not have a keylogger or other malware one my system. Plus several firewalls, hardware and software, which would make it difficult for any malware to "phone home".
Glad to see it isn't just me. I'm thinking they've been hacked. I haven't even used this account in months, changed the password to something more complicated, then got another log in attempt from China.
Post a Comment

Links to this post:

Create a Link

<< Home
Newer›  ‹Older

  Powered by Blogger   Free Page Rank Tool