Joymax DB Hacked [strong proofs]

xBongosx · 02/21/2012, 14:52

Ofc Joymax wouldn't confirm it cuz they will lose then all players/reputation/money. But it's almost a 100% confirmed that a DB got hacked.
I will use my copy/pasta skill to show u that.

Quote:

Over the past few months, many user have started thread related to database leaks.
I use accounts on each server to record stats on rev6, those account are level 1, naked, useless account...
10 of the 48 accounts I have got hacked in the past few week, which 6 of them got hacked this week ALONE!

If you have a stall in hotan in those town:
Mercury, Oasis, Olympus, 2xTibet, Venus, Xian
Odds are the hacker emptied your account, or logged your account and will hack your account RIGHT before or after this inspection.
Change your password now if you are in those server. Keep reading for more information.

I have personally forwarded the information to Joymax.
Though, I believe again, that I am being ignored.
Time to make this subject public.

Is there a Database Leak: Yes
Can you prove it: Yes

In the past 3 months, due to multiple complaints from users, we at rev6 started a new program to have a dedicated player login on every ISRO server on Silkroad Online. Thus for the past 3 months, there hasn't be any or rarely any unique kill that was missed, and the new Global Chat section rarely miss recording any global chat.

How did we manage to do such a thing?
We have 48 accounts which login to Silkroad after each Server inspection and stay online 24/7 recording all the statistic.
In the past 3 weeks, there was a total of 10/48 accounts which we use that have been hacked.

First I will go in detail about what account I used.
Due to my laziness, I didn't felt like creating 48 accounts.
We released publicly in the past a list of 40,000 Silkroad account created in 2006 using the password 123456. Those are super old unused account created by random player all around the world.

So we took the courtesy to use those account, created a new player for each server in early January 2012. Everything was running smoothly up until the beginning of February. In the past 3 weeks, there was 4 accounts which got a password change from 123456 to something else. Weird... Maybe the account wasn't inactive, thus I though.

This week alone, past 4 days, there are 6 accounts that got a password change. Now that wasn't just weird, but suspicious.
Those account contain a level 1 player to record stats for rev6, they are useless account but are setup near the Global chat/reverse scroll Silk seller stall in Hotan (figured recently that the account got hacked because the hacker is attacking every stall in Hotan now)

I started analyzing all the account that got their password change and realized something.
The 10 accounts that got a password change do not have any e-mail confirmed but still use the secret answer method.
The accounts where created in 2006 and have no silk on them and most of them have no players or a player lv1-30 range and the account was abandoned.

How can someone be able to change the password of 6 accounts in 1 week? or 10 accounts in 3 weeks?

There is 2 theories:
#1 - The player who created the account in 2006 realized that someone logged on he's account and he used he's secret answer to change the password.
#2 - There a database leak (SQL Injection most likely live still happening now as you read this).

Please note, the account was created in 2006.
There is no player on those account higher than level 30.
The account has been dead for 5 years
Nobody should know the secret answer on those account, even those that created the account must of forgotten the secret answer by then.
Nobody should be able to know the account name just by looking at a level 1 player in hotan.

Now the question is Why would someone hack a level 1 player standing still in Hotan inside the following servers:
Azteca, Eos, Mena, Mercury, Oasis, Olympus, 2xTibet, Venus, Xian

Those server are at HIGH risk of player being hacked.
Thus the question, why would a level 1 standing in a crowd of stall selling global chat and reverse scroll get hacked?
The hacker has targeted high level on lots of servers and is now targeting Silk seller and stall in Hotan.
Odds are if you have a stall char, you have lots of gold/silk.

So basically by looking at a level 1 stall with a random name.
The hacker is able to obtain the following information:

Account Name
MD5(Password) Hash
E-mail address
Secret Answer

In my case, he changed the password as my accounts where logged 24/7 and auto re-log in the server on disconnect.
But he was able to get the account name and secret answer, the only thing that truly confirm that it a database leak.
Is that the hacker was able to get the Secret answer.

Thus if your account isn't email protected.
The hacker can just use your secret answer and change your password.
Then he can hack your account and empty it or create an email and steal your account forever.

If your account is e-mail protected, your only line of defense stand in your Password MD5 HASH
When you send a password to joymax, they apply the famous MD5 algorithm without any SALT to protect your password.
If Joymax would of used a SALT to secure your password, your account would of been safe from a database exploit.

The only way you can protect your account at this point is by the following:
Change your password into a 10-16 characters password using lower case, upper case, numbers and symbol inside your password.
If you want to be truly secure, use one of the following symbol in your password: ,./;'[]\<>?:"{}|
There exist a lot of database and website dedicated to reverse MD5 password that do not use SALT.
Most database reverse password using symbol such as: !@#$%^&*()-=_+

At this point of time, blocking the best player stats or any type of Rev6 stats page would be meaningless.
If anyone know anything about how or where the exploit is executed, please come forward.

We forward the issue 24h ago to Joymax, we believe that they will maybe fix the issue.
But we fear that when they do find and fix the issue, they won't let anyone know about it.
Thus, until Joymax claim that the issue is fixed, your Silkroad Account on Silkroad or Silkroad-R security is compromised.

It is your choice to trust or not what I'm saying.
Due to the increase of player complaints I have released a prevention method on if a database leak existed.
Now this exploit confirm that the database leak DOES exist.

Hacker was able to obtain the secret answer of 6 accounts within 5 days and change their password.
For those that believe Joymax will do a rollback, there has been worst exploit made public that Joymax refused to acknowledge that existed and refused to do any rollback.

from rev6.com

{^_^} · 02/22/2012, 07:51

it's not a valid proof yet but as far as i know, there are a lot, i mean, a lot of accounts being hacked already. as for the perpetrator, no one knows if a jm employee or a really good hacker is doing this.

papapajo · 02/23/2012, 08:52

well idk if you saw this on rev6, but there are on every server like 2-10 ppls which got hacked with legend+12 set and some other with rare too.
so since this are tons of accounts i think there have to be a leak in the DB, but since JM don t give a **** about the costumers we will never know it...

{^_^} · 02/24/2012, 06:32

these are all pure speculations until a valid report has been shown from JM website, and until then we can say that it's a DB leak

papapajo · 02/24/2012, 08:01

check

imbackbizatch · 02/24/2012, 08:40

if you would just read that link, do these NOW to protect your accounts:
1. verify email
2. change pw with symbols and numbers
i added this one 3. LOCK your magic+12 to legend+12 and dont leave any silk on your account so they can buy a key for the locked items

papapajo · 02/24/2012, 08:42

for the key they need your email account because it sends an unlock code to your email and you have to enter it at the items, same system as the locks, just that it unlock the items

~~revenido~~ · 02/24/2012, 16:07

Quote:

Originally Posted by {^_^}

these are all pure speculations until a valid report has been shown from JM website, and until then we can say that it's a DB leak

and do you actually expect joymax to say "we are terribly sorry it seems that we had a db leak and like 100+ full legend+12 accounts were lost - we are sorry for your 5 year time spent and 2000$ + spent money - meanwhile you can still support us by buying silk "

do you really think they ll do that? trololLOL
Those are not pure speculations , my silk stall char got hacked and i lost like 2500 silk and like 10 prem+ , lots of devil res , lots of pickpet res...now dont tell me those are pure speculations.

~~xXVirus21Xx~~ · 02/26/2012, 18:18

Well,if that hacker is caught he will go to jail for ever maybe . O_O
That's my opinion.

{^_^} · 02/27/2012, 11:01

Quote:

Originally Posted by revenido

and do you actually expect joymax to say "we are terribly sorry it seems that we had a db leak and like 100+ full legend+12 accounts were lost - we are sorry for your 5 year time spent and 2000$ + spent money - meanwhile you can still support us by buying silk "

do you really think they ll do that? trololLOL
Those are not pure speculations , my silk stall char got hacked and i lost like 2500 silk and like 10 prem+ , lots of devil res , lots of pickpet res...now dont tell me those are pure speculations.

all my characters were not hacked, i do have legend weapons +12

so, if there really was a db leak then all of the accounts will be compromised

also, i didn't even change my password for like 3 years

as they always say, proof of the db leak (screenshot or clip) or it didn't happen.

~~revenido~~ · 02/27/2012, 11:46

Quote:

Those are not pure speculations , my silk stall char got hacked and i lost like 2500 silk and like 10 prem+ , lots of devil res , lots of pickpet res...now dont tell me those are pure speculations.

You need glasses? Or do i need do make a drawing?
Or you re just that type of guy who says "NO,thats not right" to everyone ?

Look around, login servers, see how many ppl are quitting game because their full legend char was hacked.

{^_^} · 02/27/2012, 13:03

Quote:

Originally Posted by revenido

You need glasses? Or do i need do make a drawing?
Or you re just that type of guy who says "NO,thats not right" to everyone ?

Look around, login servers, see how many ppl are quitting game because their full legend char was hacked.

maybe you're understanding the meaning of getting hacked & db leak.
oh please, try to get a dictionary to tell you the meaning of both since you still don't get it. before you start something, get your facts straight!

~~revenido~~ · 02/27/2012, 15:46

IS IT SO HARD TO UNDERSTAND ??
MANY SILKROAD ACCOUNTS GOT HACKED DUE TO A DATA-BASE LEAK!
ITS PERFECTLY RIGHT. NOTHING WRONG IN MY STATEMENT
ENGLISH BASICS.

{^_^} · 02/28/2012, 05:45

Quote:

Originally Posted by revenido

IS IT SO HARD TO UNDERSTAND ??
MANY SILKROAD ACCOUNTS GOT HACKED DUE TO A DATA-BASE LEAK!
ITS PERFECTLY RIGHT. NOTHING WRONG IN MY STATEMENT
ENGLISH BASICS.

omg, many accounts got hacked and you're now saying that it's a db leak? oh com'on, i'm 100% sure that you're one of those idiots who doesn't know anything about how things are running in silkroad. for how many years are you playing silkroad? and still you don't know ****!

~~revenido~~ · 02/28/2012, 09:20

Im off now, i cant argue with this dumbfuck.