|
|
楼主 |
发表于 6-6-2012 11:55 AM
|
显示全部楼层
本帖最后由 poisonsoup 于 6-6-2012 11:57 AM 编辑
How You Got Hacked 你是怎样被hack
The "hackers" are doing this by rolling through a database they've built up over the last 10+ years of username/email/password combos.
These lists are compiled from the following sources:
- Phishing scams*
- Fake fansite fronts
- Hacked fansites
- Hacked online games that have been compromised
- Hacked email and social sites
- "Powerleveling" services
- Keylogging trojans (rarest form)
Any of these are almost assuredly NOT related to Diablo 3, this list was made over the last several years. It could even be the pokemon fansite account you created for your kid 4 years ago.
* Regarding phishing scams, ask yourself if, in the last 10 years, you have ever signed up for a beta, responded to a support ticket, or kept your account from being locked after unauthorized use...for ANY game, Blizzard or otherwise.
Your email address/username may be connected to several passwords spread over many such databases. Hackers/phishers compile these lists and sell them to gold selling sites for pennies per name. These gold sellers often are working from several different compiled lists.
What they all count on is that you use the same password or few passwords over and over again to do various things around the nets. They use this to get access to your account easily, or to your email where they can reset your password and again get access to your account easily.
What Happens Now?
Now here is where the bot scripting sets in. Once they access your account, the following happens in order by use of a very easy botting macro program.
1) A level 1 character is added to your friend's list. This character is on a second computer than the one running the script.
2) This character creates a session in a town with a fixed location for the stash, etc.
3) Your character is invited to the session, the macro accepts the invite.
4) The macro (still in control of your character) proceeds to give the Level 1 all your stuff, all your gold, and walks your character to the stash where everything is cleaned out of the first tab and handed to the level 1.
Recently (in the last day or so) they've just been taking gold instead of totally stripping a character. This can cut precious seconds or even a full minute off their hack time.
5) The macro runs fast, and not very thoroughly, ergo usually its just the last character you played that gets cleaned out in this manner. It ensures they get the gold.
5b) if they're babysitting the macro and notice you have multiple characters, they'll clean it out by hand instead of letting the macro run, this is rare though.
6) Profit.
7) If they're feeling ballsy, a second macro will run, creating a first level character and then continuously spamming ads for gold sites on the trade/chat channels until the account gets reported enough.
Update - Watch in the video as an account thief actually demonstrates:
http://www.youtube.com/watch?v=sxVM06owyuk&feature=related
Things It Was Not
There is no actual hacking or "session hijacking" involved in this process, you are simply being logged in from another location. If you were online at the time, you'll be kicked. This is not a "session hijacking". There was also no "monkey in the middle" attack or other assault on the English language that a hacker used to get your stuff. They had your password, end of story. The passwords are also not being brute-forced, people who believe so are idiots.
It has nothing to do with anyone seeing you in game, your friends list, whether you played alone or in a group, or used the auction house.
It also has nothing to do with how fancy or long your password was, Blizzard's security, game session security, how new your comp is, how much antivirus you run, or how many years you've been a clown working as IT.
Make Yourself a Hard Target
Like I tell my classes when I do security training, you don't need to outrun the bear, you just need to outrun your buddy.
2 main lines of defense to make yourself a hard target:
1 - Change your password for Bnet AND the attached email account to something you have never used before. It doesn't need to be anything too fancy, just not a complete real word is good enough with a character and number mixed in somewhere, and don't do the obvious like names and dates or, god forbid, your bank card PIN (seen this a lot). DO IT NOW.
2 - Get an authenticator that actually works for D3.
http://us.battle.net/d3/en/forum/topic/5642267887?page=2
总结是account info被出卖,然后用bot大量的侵略帐号 |
|
发表于 23-5-2012 06:56 PM
本周最热论坛帖子
1661 
67
