Accounts Being Hacked.

This.

Also, people like to share their accounts way too much. Truth is, in most cases, people are "hacked" by their friends meaning that they are even more of an idiot than just not having an antivirus or being cautious.

Who knows what happened in these guys' situation. When it comes to online games, I'd say it's easily 80/20 in term of friends/keylogger responsible for a theft. Especially when it comes to FINAL NICHE XI.

When I was hacked the customer support was fairly helpful and I got my account back good as new (minus a newly purchased ring) after a week, on Christmas Eve even.

Issue is Keyloggers can go undercover and the Antivirus won't detect it. Pretty much need a Firewall patrol to prevent anything connecting to the internet that you don't know, like Comodo Firewall.

Every case of account hacking I've seen always comes down to the same thing, user stupidity.

I didn't look at the either of your profiles but are you 2 players that have hundreds of millions of Gil on your account that would make you a prime target? I mean they aren't gonna target an account an account that might only have 2m and maybe 20k plasm

Yes and no (*** you very much lol). You get lax in your security or have a brain fart. Maybe you're tired from work. As quiznor said, we have skype calls with friends. The links to imgur / tinyurl fly left and right. 99.9% of the time it's an image or an article or a retard on GW who abused a hashtag etc.

This happened to be a tinyurl link to what looked like a legit ffxi related site (from memory the url even looked legit). I'm not proud of getting hacked and it wasn't my shining moment. However, you also make it sound like I click every link and mail my password to everyone who PM's me.


I've played since NA release. I made it 11 years before i got popped once. ***happens.


Exactly. These guys don't have a magical "token cracking tool" or "super asian math wizard to crack the algorithm". They just log your password with a keystroke and screenshot your "remove my token" id when you log in.

The thing is, especially now in 2013 and with the current state FFXI is in, it was either a targeted attack or a friend. Either way, the person lacked security. Do you remember Minidragon being hacked? Because I personally don't, and if there were people worth hacking in the history of FFXI, he's easily in the top 10, unlike the people who report hacks on these forums (you included if my memory serves me right).

There are more reasons to be hacked than just having money, hate for example.

The chances that suddenly, after posting a screenshot of yourself with 4 characters at capped gil, all mythics and about 50 millions plasms, everyone and their grandmother want to hack you are very, very, very low. Sure there are still people taking this game as serious as we were taking it back in 1972 and doing things such as stealing their friends/keylogging targeted people, but they are so rare that you have to be really stupid either way to get hit by it (or unlucky for the very small % that are actually cautious, nothing is perfect).

We're not in 2006 anymore, hacking someone with 20+M won't allow you to buy a boat or a cruise on the Nile for your honey moon.

No, I am not a player with 500m gil, but certainly they would hack me if they had a chance to do so.

I received funny/dumb emails with obvious hack/trojan attempts before and even at one point a good friend of mine had her hotmail web access hacked, and then a low life tried to trojan the people on her email address book. Because she was quick on recovering it, she was able to then send warnings for everyone who was affected.

I certainly can easily tell when a site has bogus contents. And while it's unfortunate to do so, I am obligated to block advertisings on all sites I visit using NoScript.

I trust NoScript even more than I trust my antivirus software as the main vector for infection is aways the web browser.

Back to the hacking subject, they will hack anyone they can if they are given a chance. It could happen they log into your account, see how lame/poor you are and then leave you alone (lol). But certainly I can imagine them having a priority/goal/target list, Acey ... lol

I'm not gonna lie. I didn't bring it up before due to worry about an inundation of morality douches (it amazes me how many people in ffxi still whine about even windower).

I had just gotten home on an update day. Cupper was broken by the update. Literally every update someone posts a new on in call when it's available. The guy who normally gets it directly from the legit source was at work so someone else posted a link to an "updated one".

Quite a few people were hit by this particular "chocobo icon clipper". I'm not proud of how it happened. It was stupid on my part and if I was going to use 3P tools I should have gone straight to a approved site etc. It was just one of those "couple close friends together so didn't even get suspicious". It was definitely my fault and it was a costly lesson.

That being said I know that quite a few people on each server got hit by it (the guy actually tried to distribute it on the official site before they popped him). i WAS stupid but it wasn't above average stupidity.

Well, even a trusted source can eventually become untrusted. While I don't use windower (or any other sort of 3P tool which attach to the game while gameplay is happening) I've used plenty of 3P tools such as the model viewers, music players, parsers. I don't look down to people who use them either. I just don't use them myself.

Also there's aways a possibility of you getting a virus or a trojan on something "innocent" or innocuous such as Altana Viewer, for example.

What happens about Windower is that when you download it outside of the original developer you're exposing yourself to the possibility of someone having tampered with the source code adding stuff. Same way as the bots war we had a few years ago. Where the bot maker was taking control over the chars with the bot installed and making so the players got banned for shouts and stupid behavior.

That wasn't pretty ... lol

Wish I had friends that let me play their accounts. Would rob them blind. /Wink.

The part that drives me nuts about it is the shock and indignation at people who have had this happen. "You lost your character? WHAT IN THE WORLD COULD YOU HAVE POSSIBLY DONE TO LET THIS HAPPEN?! NO. NO WAY. I DON'T BELIEVE WHAT YOU'RE SAYING ABOUT WHAT HAPPENED TO YOU! LE ME TELL YOU WHAT REALLY HAPPENED. I CAN'T BELIEVE THIS. YOU MUST DEAL WITH THE SUPER SHADY PART OF THE FFXI WORLD! YOU'RE COMPUTER MUST HAVE BEEN SO *** UP THAT YOU WERE DOOMED ANYWAY, HOW COULD YOU POSSIBLY LET THAT HAPPEN? WHAT'S WRONG WITH YOU?!" It's ridiculous.

That's why i didn't mention Clipper at first. You could get it downloading sanctofzita.mp3 for that matter. Heck, I know people who got a re-direct by going to vanadiel atlas years ago. The url was perfect but the site had been compromised.

We know. The primary infection vector is actually the web browser advertising.

NoScript, people ! NoScript !

Maybe Scragg could do something to keep flash based ADs from showing ? Is that even possible ?

You could aways keep the computer without flash and JAVA installed. lol

It's ok ash,when you move to FFXIV 2.0,3.0,4.0 and beyond with us,by then you'll have blood,hair and stool sample login procedures :D

I do at work, only because the way it's set up my account is an admin account and the single sign on program they use won't let me run things as another account other than my 2 main ones easily. I guess I could set up a local account for my other domain account and run it as that and see how it goes, but hey.

As for the token: you don't need it to deactivate it. You'd need all sorts of account information though.

I recall needing the activation code for something the one time I contacted SE's online chat, I don't recall for what though.

This.


And let us not forget that Windower addons are developed by other people. Some of those other people are malicious. Which ones? Do you know?

Wait FFXI is worth hacking ?

Exactly what I was talking about when I said a *paid* bot author were using his bot program to control characters of his customers. What a piece of human garbage he is. But whatever, a bot user deserves be screwed like that for cheating, by another cheating ***.

Here we're talking about people being scammed and cheated by robbers instead. /nod

Not trying to nitpick or blame, just genuinely curious, were you not using any sort of antivirus? Or did it just not pick it up?

At any rate, sucks. How long did it take to get your account back? I've had friends hacked without tokens, and have heard some other pretty awful horror stories, and you're pretty much at the bottom of the line for getting your stuff back (as in can take 4-6 months or longer..).

I wonder if there is a version of Windower with only the macros scripts as enhanced gameplay.
I barely use any plug ins since there is barely any use for most of them and I'm a bit annoyed when I have to go through v4 and its boat of ***I have to load/install/download/use left and right.

1) You can observe the source to literally every windower addon.
2) I'd be beyond impressed if somebody hacked you with a Lua file that operates solely through the plugin's api.

me as well.

<3 noscript.

Moron.

I do. No one. If they are, their addons do not get into our repository. Yes, we actually do screen every single addon these "other people" submit.

Aside from that, the Lua API is mostly restricted to very harmless functions, used in display of information. There is no way to modify memory with it, for example. There is a way to inject packets, but even that is heavily regulated. Only incoming packets can be injected somewhat freely, with a few select packets on the blacklist. Outgoing packets can currently not be injected at all until we add some packets we deem harmless to the whitelist which regulates it.

And even if we allowed all of that, none of it is related to security from hackers, only security from SE finding out you're using Windower. There's nothing in Windower that enables third party hacking in any way.

this^

I have multiple ffxi accounts (mules) and never got hacked because it's all security tokened, it's just bs. A lot of people tends to share their account information to "trusted" ls members. That's just wrong.

And why would you click a tinyurl that redirects to your account and enter you information? it's obviously a scam, another bs from someone as well

Accounts can be recalled very easy by just putting the security question and password anyways. You're a fools if using a computer with no antivirus

The last time I've read someone getting hacked even whilst using a security token was several years ago. It was happening a lot more back then than it is now.

But, it is entirely possible to be hacked even with a token. If you can dig up the old posts on BG Forums, you will find players that have been hacked even with the token. It takes either a combination of a rootkit (hardest to detect), or a keylogger (harder to detect in some cases), or a trojan delivering one or both (hard to detect), or a combination of all of them.

I don't want to be insensitive but to put it bluntly, it is technically the player's fault to get into this situation.

Rootkits, keyloggers, and trojans do not magically appear on your computer or magically get programmed or compiled on your own PC. It has to take a physical action from the user to get them onto your own computer. That can be anything from visiting a website with a hidden Javascript nestled inside an iframe not noticeable to you at first glance unless you view source of the website. That Javascript can actually load a trojan or malware onto your computer without knowing it. Years ago when a lot of the hacking of players' accounts were taking place, legitimate FFXI websites would have these embedded on their web pages. How they got there? Most likely their websites were compromised or were installed by the webhosts themselves. It could be anything. Other times, the code to load a malware onto your computer could also come from banner ads. A lot of the ads coming from Google Adsense were notorious in loading them back then. I don't know about now if that's still happening or Google wised-up and cleaned up some of the ads or blocked them. If you see a FFXI Gil-selling banner ad, always be suspicious about it.

Another method is visiting Gil-selling websites. It would be profitable to them to obtain an MMO character and/or their gear and money for "free" by stealing it from an MMO player who is visiting the website. Basically visit the website, load a trojan or malware/rootkit/keylogger through a hidden iframe/Javascript code and just wait for them to log onto their MMO account. I'm not going to say this has ever happened, but going to an RMT site of ANY MMO should be the one place you should NEVER visit.

If it's not from an RMT site, then it's possibly from other compromised websites like what happened to Vana'diel Atlas years ago and FFXI Allakhazam pre-Zam. I think it happened to FFXIclopedia as well years ago pre-Wikia merge.

The last and final way I can think of is downloading-- pirating-- programs from dubious places. Those can also load trojans or malware onto your computer.

All in all, it takes a physical action to get your computer infected even if you unknowingly did so such as visiting a compromised website.

Best prevention is always common sense. Do not go to websites such as Gil-selling sites or community-made websites for MMO games that have not been updated in years. Most likely those have been compromised. If you are going to pirate software, and I hate to be a devil's advocate of such a practice, but do it smartly. Go to legitimate sites that have very strict rules in place in regards to infected software such as private torrent sites or private direct downloading sites. Pirate Bay and IsoHunt should be the one place you should typically avoid getting stuff from.

Also, don't be a dumbass and click links inside phishing emails you get in your inbox. I cannot emphasize that enough.

If you see the sender's address is something like...
... your brain should immediately have a red light flashing and sounding alarms in your head warning not to click anything inside that email. Mark the email as junk and/or report it to the legitimate websites. Paypal and Blizzard have specific email addresses you can forward the email to. They'll respond within 24 hours roughly telling you whether or not the links are legitimate or not, and they always are not legitimate.

If not and you click on any of the links inside that email, then you deserve a bitchslap from right to left across your face and deserve your account being hacked.

The best backup to common sense are the following:

• OpenDNS - Create an account here and replace your DNS server addresses in your network properties to 206.67.220.220 and 206.67.222.222. Under your OpenDNS account on their web page, go to Personal Networks then settings and then select your network you're on. Select Web Content Filtering and then Custom then put a check mark next to what you want blocked and filtered by Open DNS such as Adware or Web Spam. If you know the web address that is delivering infected banner ads, do that under Manage Individual Domains and set them to Always block. Next, go to Security on the left and make sure Malware/Botnet Protection and Phishing Protection is enabled.

• Use NoScript for Firefox. Under Options then Embeddings, be sure to put a check next to Forbid <IFRAME>. Only whitelist websites you trust and set to untrusted any web domains that are suspicious.

• Keep your software updated such as antivirus and antimalware software.

• Install a good antivirus software especially ones that do real-time scans while you are on your PC and real-time heuristics identifying infections based on known patterns. Microsoft Security Essentials does not have real-time heuristics and relies on updated virus definitions, but AV software like Kapersky (paid), Avast (free) and Bitdefender (paid) do.

• Extreme method is to install a firewall software and not use Windows Firewall. The best I've ever used so far was Comodo Firewall. It's free and very thorough. I've uninstalled it a few years ago because it was too thorough, but it does a really good job monitoring processes and programs that access your network and tells you about it. But, you will have to do a lot of manual setup to get it working so it doesn't block legitimate programs on your computer.

Lastly, to the OP, hope you get your account restored. If I recall, depending on how lucky you are with customer service, they can restore your character to a previous backup. Now, mind you, you may or may not lose items or anything you've obtained past the time the backup was created. SE usually performs weekly backups and if going by my friend's experience, it can be anywhere from a week to 3 weeks ago (at the extreme).