Be Cautious Fellow Neopians

Submitted by desphair on Tue, 18/01/2011 - 11:13pm
Quoted from a neoboard that has been going on for a while now. "From the looks of it people from the PC and TC are getting hacked into and have their neopoint stolen. Even monophyte or whatever his name is got 200 million stolen. He had a PIN NUMBER, never visited UL, ECT. or so he said. It seems that the person can get you nps without stealing cookies or pins. (c) Yes attacked Right now it seems that the person is only getting into famous accounts. A few people have been hacked into but are super famous. If the person gets desperate though they may attack PCER for their pets.. so I'd advice you to stay low.. o_o You may say you have no nps but unconverted pets are highly sought after in the neopets black market *-* And..direct quote from monophyte: I talked to one of the hackers, and he said he is NOT SQL injecting. He can't say if the person who edited my neopoints is though, since the two schemes are unrelated. There are more than one hackers around T_T Directly quoted from the hacker: Let me clarify some stuff. - The NP editing thing is bs. - Not all accounts can be hacked. - Your email provider has nothing to do with this. - Your membership with any offline site has somewhat to do with this." That is just what the person telling about this horrible act has said. I am not saying that neopets has been 'hacked'. It may be something less complicated. However, if this is true, we should all be careful....again.
Forums: 
Neopets Misc
  • 13777 reads

They think it might be IDB, not 100% sure though. Dmitri did check the files here and everyone's info is safe, so they are not getting it from here.
irisheyez | Wed, 19/01/2011 - 3:52am |

Here's a post from one of the hackers, posted on the bd chat: supergoku001 7 Months Male ghogan0001 Active Neopet Posted: 19 Jan 2011 - 5:13 am [Report this message] 1. Self icing is stupid. What I would suggest is, moving you stuff to a side or such. 2. Change you emails up bro. 3. Repeating, no security leak/no np editing. 4. One part of the current disaster, is related to you being part of an offsite forum such as IDB, Neodrama, etc. 5. If you think you big and want to show off, go ahead bj is a cheater. kangin is the coolest bder.
irisheyez | Wed, 19/01/2011 - 5:21am |

They're having fun with this alright, they GAVE 750K to someones side in our mall, and yes, they had their side with the same PW as an offsite place, luckily not their main. They've reported it... As Dmitri has said 10000 times, don't use the same password offsite as you do on your Neo account!
zixianna | Wed, 19/01/2011 - 7:03am |

[quote]...don't use the same password offsite as you do on your Neo account![/quote] Even better, it may be a royal pain, but you should NEVER use the same password in multiple places/things. One word for one thing. [font=Courier New] -------------------------------------------------------------- Nubs [b] War [/b] Supply: http://www.neopets.com/browseshop.phtml?owner=whispering_acara&misc Total Plot profits: ~17.5m [/font]
whispering_acara | Wed, 19/01/2011 - 4:21pm |

Ouch, no one is safe anymore :( -------------------- http://www.neopets.com/browseshop.phtml?owner=leelo513&misc
-------------------- http://www.neopets.com/browseshop.phtml?owner=leelo513&misc
Leelo513 | Wed, 19/01/2011 - 4:49pm |

[quote=irisheyez]They think it might be IDB, not 100% sure though. Dmitri did check the files here and everyone's info is safe, so they are not getting it from here.[/quote] Yeah i did a quick scan of the root/core files. Seems to be unchanged and the directory structure remains intact too. I obviously can't reveal how it's done but there's a way to track changes to the file system. quite nifty I'd say :P ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color]
----------------------------- [color=purple]Protect your account[/color] http://www.neopets.com/~punchback_bob CG information & more
saudor | Wed, 19/01/2011 - 8:58pm |

Yes, but changes and access are different things altogether. Tracking Access to such a file would prove impossible for all I can think, since it's 'touched' every time someone authenticates, can you differentiate when someone reads it for something other than such authentication? Interesting thought - logging read access to a password file for access other than authentication by the system account itself. Possible? If this makes no sense whatsoever, I've had a few drinks - but then again, I have basic troubleshooting skills on potent psychedelics, proven over the last few weekends! I say that only because such statement would result in bans on Neopets :)
zixianna | Wed, 19/01/2011 - 9:44pm |

I haven't been on in a long time due to the fact that all this CG stuff was going on. I am so surprised the Neopets team hasn't done something about the security on the site. I wonder if they will ever will do something about it. hmm...
ugg | Thu, 20/01/2011 - 9:44am |

Wow. You sound like a real pro in computers. I'm currently taking a course of computer programming called C++. I'm such an illiterate person in computers but I need to take it for Engineering so I just have to suck it up. I was wondering if you know anything about it? WOW! Selling: Maps, Neggs, Stamps, Coins, Cards, ETC! http://www.neopets.com/browseshop.phtml?owner=1434sweet#p
WOW! Selling: Maps, Neggs, Stamps, Coins, Cards, ETC! http://www.neopets.com/browseshop.phtml?owner=1434sweet#p
1434neopets | Thu, 20/01/2011 - 6:52pm |

[quote=1434neopets]Wow. You sound like a real pro in computers. I'm currently taking a course of computer programming called C++. I'm such an illiterate person in computers but I need to take it for Engineering so I just have to suck it up. I was wondering if you know anything about it? WOW! Selling: Maps, Neggs, Stamps, Coins, Cards, ETC! http://www.neopets.com/browseshop.phtml?owner=1434sweet#p[/quote] Pro as in paid? Yes. Pro as in really good? No, I know enough to know there's a lot I don't know :) And to prove that point, I accidentally EDITED your post instead of QUOTING it. But now that I've made that mistake once, here's hoping I never do that again :*
zixianna | Thu, 20/01/2011 - 8:01pm |

Pages