Hacked Account

Hi

I'm from Diamond server (for obvious reasons I won't tell my nick, class or guild), someone hacked my main char account, the weird part of this is that I triple checked my computer, no spyware, keyloggers or virus, since the CO 2.0 upgrade all my files are "normal" (I used before the COloader, the modified itemtype, etc... you know, all the good , safe stuff from this site). And now all my stuff, money, equipment, everything is gone :? the hacker stole everything from my account and from my wife's house.

My point is. It is possible to hack (real hack, no scam or using a keylogger) a CO account? btw, my nickname, ID and password are very different and non-related between them, so it's pretty impossible to guess that info.

P.S: I filled a hacked acc report for the GM's and I'm still waiting for their response, but I guess I'm going to quit after this I just want to know what the hell happened, and where's the security breach used by the hacker

first of all...the gms arent going to respond. i tried 8 times and they still havent responded their asses are wayy to lazy to respond to one little person....like me or you.... oh and btw anything is possible

Quote:

Originally posted by _Ice_@Dec 17 2005, 21:07 Hi I'm from Diamond server (for obvious reasons I won't tell my nick, class or guild), someone hacked my main char account, the weird part of this is that I triple checked my computer, no spyware, keyloggers or virus, since the CO 2.0 upgrade all my files are "normal" (I used before the COloader, the modified itemtype, etc... you know, all the good , safe stuff from this site). And now all my stuff, money, equipment, everything is gone :? the hacker stole everything from my account and from my wife's house. My point is. It is possible to hack (real hack, no scam or using a keylogger) a CO account? btw, my nickname, ID and password are very different and non-related between them, so it's pretty impossible to guess that info. P.S: I filled a hacked acc report for the GM's and I'm still waiting for their response, but I guess I'm going to quit after this I just want to know what the hell happened, and where's the security breach used by the hacker

PM me..

There's a solution to everything, and the solution to your problem is... *drums*... buy one bulk-pack then e-mail them.
They'll return everything you lost or at least some other items with equal value.

Well actually it's the solution to all CO problems :P

how would i get my account back? for co2 alpha that is.....

hacking conquer accounts is damn hard

did your password accidently only excists out of numbers?

as far I have readed here and there on this forums, the accounts are encrypted as a 128-bits (MD5?) Hash...meaning the password is converted to a line of all random characters..

example...a 32-bit MD5 hash of "111" would look like this
698d51a19d8a121ce581499d7b701668 (total of 32 characters)

there is no way to to convert that long ass number back to the original 111, instead they convert the 111 to that long ass line, compare that line with the one in the database, and if they match they let you log in...

now, you could try to "bruteforce" the password (trying all possible combinations and see which one matches), but this could take days to crack.

so if your account truly got hacked and you dont share it with somebody...I think you attracted a damn good hacker...as he (probably):
*needed to get acces to your account name
*needed to get into the account database, and look up to your encrypted password
*than bruteforceing it...

I think you shared the account with somebody, or had a easy to crack password...

i didnt..... it wasnt all numbers....i never shared my account.....NEVER

mind is correct u either shared or he really does not like u or u had 2 l337 quips and he wanted em

however, was this done before or after they disabled the secret question?

if so, he could have guessed the number and answered the sec question, which might not be as hard as you think...

guessing a number and question is impossible

If given enough time, and with a lil searching your targets background. It can be done. Most people have simple passwords that mean something to them, and the secret question is like "What is my favorit color?" Which.. there is only a handful of atempts you gotta do until you get it.

Quote:

so if your account truly got hacked and you dont share it with somebody...I think you attracted a damn good hacker...as he (probably): *needed to get acces to your account name *needed to get into the account database, and look up to your encrypted password *than bruteforceing it...

The evulhotdog case, my case, etc remind me about a guy in my server, he had a damn good equipments lvls to 130 before reborn (he was a trojan) and the day after he reach 130 someone hacks him, stole everything of his account and reborns him into an archer. Again that was a non-shared acc, not easy pass, and the hack was in the best/worst moment................so that means that someone have access to the acc database and he just hunt down accounts :eek: creepy


[img]text2schild.php?smilienummer=1&text=Goes to buy a BulkPack....Now the GMs are going to give me super equips' border='0' alt='Goes to buy a BulkPack....Now the GMs are going to give me super equips' />

damn man that must be really deveastating or however u spell it, it wud really have to be a good hacker that can get in and out quik, also it might just be a corrupt admin or gm or something or someone who has access to databank

yah my equipt wasnt the best....all leet.....+1s here and there...... more of a hunter char.... so i dont know

the guy with the trojan-archer was lucky, he can make a water-trojan now and poon with both ^^ love trojan-archer they own.


anyway genraly the hacker would need to get the account ID atlest. i have alot of account all with random ID's and passwords that aren't that easy to guess. havent been hacked yet, and as i don't accoutn share with anyone but family and such, don't think i will be.


i was told by some people that they could lump the whole CO database onto tehre computer with all account information and such, if thats true though...