Odd Player Hack Story

As long as you keep paying, sure they don't care. Now hacking someone = a customer who will stop paying (and more possible customer who won't buy/start FF XI because they heard of hacks). No reason to do that.

Something odd happend to me today. lost my connection in whitegate and when i tried to log back on i got some weird error message (cant remember the msg). took about 10 min before i could log back on, and when i finally got back on my char wasnt at the same spot where it was when i d/c. Made a GM call about it and their explaination was that i had "probably been wandering around before the server disconnected me". Although i wasnt wandering around at all, was just standing in 1 spot chatting. nothing was missing though.

Just stating
I know what you mean ^.^

Salut salut :P c'est pas tros tard chez vous

hmmm lol SE are actualy making us pay real money in order to play the game... the are trading us the right to play the game in exchange for real money... it's extremely funny to see someone accusing SE or real money trading... they're in fact the only only ones allowed to, according to their very own ToS XD

i always get a goodlaugh at how some people have no idea what RMT even means or where the words originally came from, RMT is the new word for *communist!!!! o_O* haha

back to the subject... your story is weird... i hope your friend finds an answer

Apparently someone never had to deal with SE, or their customer service yet...

Actually if RMT really equated to Communism then we would all get equal amounts of gil without paying, solely for the fact that we exist and live in a communist society and do some sort of work...

I'm fairly sure what he's referring to is the fact that things were labeled as "Communist" when it was generally not approved of, or went against the American norm. RMT is now a buzzword.



I've dealt with their customer service plenty of times, and have never once had a shitty experience. I'm sorry that so many others have, but it's just not what I've experienced.

First post in here, but since my friend Ninian usually lurks about and asked me about this, I read some of the first few pages and figured I'd give my thoughts on the matter.

To start off, I do freelance tech as a hobby. I deal with people who do all sorts of stupid things to their computers and fall for the stupidest phishing things. Although I never learned to hack, I do do a fair amount of security work, keep up with the tech scene, and know enough about hacking to have a general idea of the basic methods people use to gain access (though I myself never learned to hack; I'm one of the techies on the repair/data recovery end). That being said, there's little that can be done for those people who can't read a browser bar properly or use common sense. That doesnt seem to be the issue for the OP though.

Oddly, if the stated security provided by the token is accurate, and noting that all the stories in here (sorry if this is in accurate, I only read the first page in its entirety) seem to be tied to the use of a security token, then my guess is that there is a security flaw in the token that the hackers are exploiting to gain access to the accounts. Whether SE is aware of the nature of the flaw (first step towards fixing) or has a fix in the works if they know what it is is unknown, but my guess is that what is going on is similar to the way Microsoft releases all those security patches for the OS when holes are discovered (but until then unlucky you if you get exploited).

If SE is using an algorithm generator that follows a certain code, it is more than possible that whoever is behind the account breaches has developed a corresponding key, much like the keygens used in cracked software. Also if this is the case, I doubt SE's security algorithm is more advanced than Adobe's, and we know how quickly Adobe's software gets cracked upon a new version release.

Anyway, I don't know enough to say don't use the tokens, but it seems odd to me that it is a common theme if you rule out error by an absence of common sense. The concept of SE deliberately selling tokens so that they can hack your account seems ludicrous to me, self defeating, and unnecessarily complicated. They could just generate those items themselves without pissing off their player base. Just a casual player's two gil.

--------

Edit: Okay I finished reading the other pages. Malware including keyloggers are almost always acquired because of unsafe browsing habits. If you have to install or get anything else you werent intending to in order to get something you want, and it's from something you've never heard of before, chances are it's not safe. Simple common sense. If you still want to take the risk and dont have enough knowledge yourself, go ask a techie friend who will know better. It is quite possible to safely surf the internet with no more than your router's own firewall if you know what you are doing and use a bit of common sense (though I still recommend anti virus as a backup).

On the topic of malware, while keyloggers can record passwords you put into SE, I think the creators will find it much more profitable to get the PW to your bank account or credit card. I can assure you that your SE account does not have nearly enough gil to compare against those others. Even if someone wrote a keylogger to target FFXI players, there are only so many FFXI players, of whom only so many will pick up this specific malware, of whom only so many will be high enough level to have enough to be worth stealing. I'd say the chances of losing stuff in your SE account due to a keylogger is almost nil. Your bank account on the other hand...

Obviously, the majority (Read: not EVERYONE) has never dealt with SE's lousy customer service.

Let's assume SE =/= RMT. But I still get spammed daily with gil selling ads. Just recently, a new ad popped up, and these *** SPAM you once every 3 minutes. What is SE, as a company, doing about it? Absolutely nothing. So in my eyes, that makes them just as guilty as if they were behind the RMT ads themselves.

Other games have implemented ways to counter RMT ads being spammed on your screen. Everquest 2 limits their trial accounts. You can't send tells to people unless you have them on your friends' list, and they on yours, you cannot speak in the public channels unless you're a paid account. You can't use the AH. So any RMT ads or RMT behavior being done is being done by the paying accounts, which are much easier to track.

It's pretty *** pathetic that all I have to do to report an RMT spammer is simply write their name in a GM ticket. I don't have to write a full on explanation. If Ceriutoihfgkjh spams me an RMT tell, my GM ticket will say "Ceriutoihfgkjh" and that's it. Then I get some automated crap from the Senior GM team telling me they are taking care of the problem.

So we've effectively got GMs that sit around and do nothing but ban RMT trail accounts. When I had a legitimate game issue, where my *** keys for my DRK AF coffers disappeared, it took the GM FOUR HOURS to get back to me. And there were only 6 calls in front of mine. That's pretty pathetic.

You can't be prosecuted for stealing somebody's virtual items. It's less profitable but infinitely safer.

My idea is this: they're spreading a virus that embeds itself into the computer and acts as a keylogger. If the account(s) active on that computer is fairly profitable to clean out (some millions in gil and sellables), move to the next phase. In this phase, your login/session is hijacked through an as-yet unknown method (there are some good guesses floating around though) and your account is cleaned out as much as possible in a matter of minutes.

ya if ur credit card account gets hacked its called fraud and the federal government gets involved, as well as the credit card company, and they have resources to trace where your money went.

now, virtual items, then cant trace, and rmt KNOW se doesnt do anything about it, so in essence its a safe way to steal items, which can be converted to gil, which can be converted to real money. the trail is so untraceable, in essence its a safe form of fraud which is not covered by any laws. its like the perfect scam.

Thank you, Kata for speaking up. I know you personally had this problem happen to you also, so it made me glad to see you voice your opinions.

Does RMT tell activity differ wildly by server or something? On Unicorn lately I get like, one RMT tell a day if even that... Maybe it's because my name is later in the alphabet, lol.

Scary hearing about the hacking and personaly knowing an ls friend who was hacked and quit the game after a 2 week break that made him realise he didnt "need" to play the game anymore.
Just a thought here read a couple posts on SE making money out of the tokens, not sure how many ppl did this but i removed a mule when i bought mine so its like free over 8 months if you put it that way since its same amount of spaces with the satchel and £1 saved each month on the mule.

Somebody's virtual items, wait what ? Everything belongs to SE. You do not own your items... Nobody can steal from you something you do not even own.

no but i pay for my character, so in essence, im renting it. which means no one else should be able to access it and take things. its like having an apartment. you rent it, so no one else should be able to live there. if someone breaks in, you still call the police.

your apt complex puts up fences, gates, security systems, etc to protect your apt while you rent.

SE still has many holes in their "security" of your character.

its like living in the ghetto. SE has implemented some things, but theres still holes in their operation. mainly customer service and resolution for when your account is hacked. and in three or four years, they have made no progress in that customer service at all. which is a blatant lack of concern on their part. they dont even address the issue in public statements. they just blow smoke up our *** about the next shitty security game that they want our money for. i wont play ffxiv if they dont fix all of this stuff.

as a question, how does blizzard combat rmt activities in wow?

do they have the same issues we do, are they this severe to resort to hacking our pc's and stealing our characters?

I know no one probably cares, but this story of someone getting hacked with a token isn't the first and only. BG has their own thread going on, and many people are reporting their friends, with tokens, are getting hacked.

The tokens were released sometime between March and June. I remember because that's when my account was in limbo on a different server during my hacking. It's August and someone has already figured out a way around the system.

Way to go Square Enix! Your failures never cease to amaze me!

Also:

To the ridiculous sediment that SE owns our characters because the ToS says so, get over it. Seriously. They don't own my credit card, and when my account is accessed illegally, according to their ToS, and fraudulant charges are made to it, then it becomes a federal crime issue. Federal laws trump Square Enix's *** ToS, mkay?

BTW, hai2u Jiko!

SE *** up again. Nothing to panic about. This is normal.

I'm fully aware of how SID tokens work. I'm also fully aware of SE's HELP I AM TRAPPED IN 2006 PLEASE SEND A TIME MACHINE policies, some policies that they fail to update on their own website.

I'm also fully aware that the other MMORPG's out on the market don't have to rely on some 10 dollar keychain to ensure stronger account security. They rely on their employees to keep their customers happy and the accounts (which pay their salaries I might add) safe, not some piece of plastic designed by a third party company only worried about their bottom line.

Yeah seriously, crap you can download through web sites aside, we have no idea how much 3rd party software people that are getting hacked use that could be loaded with whatever.

Would just like to point out that the biggest MMO on the market also uses a security token (though they only charge $6.50) and I recall that when SE first came out with the token, it was pointed it that they even use the exact same token. Don't quote me on the last part though, don't have anything concrete on it.

Well, just to give you an example: Q&A Response To Hacked Account Outside Of Business Hours

Take note of the last line: "If you have a separate account, please log into that account and make a GM call."

A GM won't even speak to you unless you're on the hacked account. Many have tried and got the "Due to security policies, we cannot discuss activities related to a seperate account. Please log into the account you are inquiring about."

Contradictory at best.

Hmm, one of the blogs I read, reported on someone with a token getting their acct hacked. That person was able to get on another char which used the same token and succesfully requested that a GM temporarily block their acct. Maybe it's because both accts were attached to the same security token? Either that or JP GM's have different policies, lol.

Every company is worried about their bottom line and the token did absolutely nothing for profit. They lost money making that and implementing it. They did that to help players. I'm not saying they do everything right, far from it, but they aren't evil and they aren't intentionally trying to *** all of us... They just need to keep improving. You have to admit they've come a long way from what it use to be. If that isn't good enough for you stop giving them your money.

Doesn't change the fact that :

1. SE cannot be held responsible (unless the person hacking/using your CC info was a SE employee or unless SE got their servers directly hacked)
2. You still doesn't own anything and won't be allowed to ask for compensation because you lost "your" char or w/e.

Not like it's SE fault if you got hacked, just like if someone hack your PP or amazon account, he'll be able to use your credit card to make purchase... Yeah it's a federal crime issue and what are you gonna do if the hacker actually lives in China or in a *** 3rd world country like Nigeria ? Going to call Interpol lol ?

At best SE will have to refund you but that's it.

You know....just a thought here, but if it is the RMT's that are hacking into ppl's accts. (I'm assuming to steal gear that they can sell on their websites for real money), wouldn't it stand to reason that if everyone just stopped buying stuff from them, there would be no reason for them to hack and steal since no one would be buying anything from them? Just my 2 cents, but maybe if some ppl would actually spend the time and the effort acquiring stuff instead of just buying it from a website, maybe all of this would just go away?