Close Call !!!!!!!!!!!!!!

[BIGJON]

After some people in My guild were hacked . I decided to check my info on EA's site. I log in all my account's and one of them had my e-mail address changed in member info. Nothin gone have all my stuff. I changed the e-mail addy and changed my p-word. Now what should be my next step. Besides the obvious virus scan, runnin spybot atm.Guild member said call my IP provider, I am wondering what good that will do.

 

[imported_Spiritless]

Err, calling your ISP won't help you much.

Just keep your account name to yourself, use a secure password, change your email address and the password on the old email account and you're fine.

A secure password:

MjD43mN12f4H

A bad password:

secret123

Ensure you have no malicious programs running on your computer before this and you're good. Suggest telling all of your guildmates to use strong passwords too. Also do not use the same passwords for multiple sites. For example, if you use the same password for your UO account and email inbox, this isn't a good idea. Always use different passwords.

 

[BIGJON]

Changed p-word the old one was a good one as is the new one. Workin on the e-mail thing since it is thru my Internet provider.

 

[Kratos Aurion]

Not to start any accusations but the only way I see that many people in a single focal point being hacked is running software of some sort or visiting a sight of interest that has spyware and keyloggers that can be dl'd unintentionally.

Your best bet is to update your virus/spyware scan, clear the stuff out. Get rid of any recently DL software that you think may have been the cause and then research its history for example... has anyone else had problems using the software in similar related cases etc..

If its a keylogger, you wont really be safe until its gone because they can continually hack you until the keylogger is removed or at least taken offline so that it can't communicate the data back and fourth.

 

[Guest]

I would point out that if someone got your UO password, they may have gotten your email password too.

My general philosophy is that unless you know exactly how they got your password, back up your data (no programs at all) completely wipe your hard drive and reinstall Windows, install your anti-virus software, reinstall all your programs from disk/fresh downloads, patch it all and then carefully replace your data. Change all your passwords (UO, email, amazon, whatever) and keep an eye on your credit card bills.

It's a huge pain, but once someone gets into your system, you have no idea how much they took.

 

[imported_Spiritless]

Err, wiping a HDD and reinstalling Windows shouldn't be a first-resort thing. It's overkill most of the time; it is unlikely that a program was used to steal these credentials.

Methods should be used first and foremost to check for potential infections.

 

[BIGJON]

Well I was in the middle of doin a Hard drive update. Got a 500 gig installed. I guess now is a good time to start gettin that thing updated with windows and the like. Also My son just did a reformat of his puter so I guess I will be changin all my p-words on his puter till I get my new HD up thanks for the help

 

[Kratos Aurion]

<blockquote><hr>

Err, wiping a HDD and reinstalling Windows shouldn't be a first-resort thing. It's overkill most of the time; it is unlikely that a program was used to steal these credentials.

Methods should be used first and foremost to check for potential infections.

[/ QUOTE ]

Id agree that its not completely necessary but I know people who do it. You either delete the source from the registry (basically a virus scan) or just do a quick format.

Id be more likely to go with the format because I have all my install files stored on an external drive with data back ups as well

 

[imported_Sarphus]

you can also call EA and have them lock your account until you get things straightened out. If they lock your account, people won't abe able to get in even if they do have your password, so they can't take all your stuff.

all the other stuff people said here is a good idea too.

If you have a JRE (java runtime environment) installed and you don't need it, uninstall it. If you do need it, make sure it's fully updated. Even fully updated, sun's JRE is pretty insecure. The only viruses I've ever had have all come through various exploits of sun's JRE. It's really not secure software... I ultimately decided to uninstall java all together.

Make sure to run microsoft update to get any updates you need for microsoft products you're running. www.update.microsoft.com After it gets updates, keep running it until it doesn't get any updates. If an update applies a service pack, it may require updates to the service pack.

Make sure your anti-virus software is updated. If you don't have anti-virus software, get some.

Make sure you have a software firewall.

Don't click links in emails. If people want to send you stuff in your email or ICQ, ask them to send you the full URL, so you can copy/paste it into a web browser. This lets you avoid being re-directed to a site that you didn't realize you were going to. Also, make sure you're comfortable with any site that you go to... The reason you copy/paste the url is because it makes sure you go to the place the link says it goes; not because it magically makes going there secure.

 

[Guest]

<blockquote><hr>

Err, wiping a HDD and reinstalling Windows shouldn't be a first-resort thing. It's overkill most of the time; it is unlikely that a program was used to steal these credentials.

[/ QUOTE ]
Yes, it is overkill most of the time. The problem is that although you can clean 100% of the viruses you find, you have no idea how many are out there you don't find (and even the best virus scanners miss most custom malware that isn't assembled from a kit ... in a lot of ways, they are a placebo).

Everything has costs and risks and if you're content with a risk of missing something and never knowing about it, then just clean-and-move-on is a perfectly valid choice. I tend to lean towards a scorched earth policy myself, but that's also partly because I like to feel the cost of my mistakes.

(disclaimer: I know enough to be opinionated, but make no claim of being an expert at security)

 

[Guest]

I agree with Maplestone. =)

I like to reload my personal machines at least once or twice a year. Keeps them clean and running great. My customers, when given a choice of a full wipe or clean-up, usually go for the reload. If you have broadband access, the reloading sometimes takes less time, even with updates, than cleaning the machine up completely.

I suppose it depends on your setup, too. If you use a ton of programs, it would be more of a pain.

 

[Guest]

not to go agains the wave of people that are saying virus, but have you ever given close friends your info? alot of time that is the case. what, if i can ask, was the email it got changed to?

 

[Guest]

Yikes! I would hope that nobody shares out their passwords ... but it's likely a good thing you mentioned it.

 

[Guest]

Hi BIGJON,

Go through the Safety menu on the UO Toolbar, you'll find everything need to clean your system and help protect it.

You're using SpyBot, make sure you're running 1.5.2, have it's TeaTimer function turned on, and... turn on the Advanced mode, go to Setting, scroll down to Web Update, put a check mark in the box to "Display available Beta versions" (this is give you added defintion files for more protection).

Make sure your anti virus program -and- defintions are up to date, if the program is old and/or the defintions subscription is over... replace it, there are plenty of great, free AV products out there.

Whether you're using FF or IE, make sure you're using the latest version... and tighten it up. SpyBot's immunizations will help both browsers (others too, like Opera); but also use something like Comodo's VerificationEngine, McAfee's SiteAdvisor or WOT (anti phishing browser add-ons). Both FF &amp; IE have plenty of add-ons/extensions to help secure your browser.

IM a lot? ZoneAlarm's IMSecure works with most popular IMs, even Trillian. IMSecure doesn't work with Windows Vista yet just so you know.

Email. Please do NOT Outlook Express, but... Outlook 2003 or newer would be ideal. Don't have O2k3+ available... Eudora, Opera Mail and Thunderbird are all in the toolbar (take your choice, their all good). Never use a web email service (Gmail, Hotmail, Yahoo Mail, etc.) for accounts, like UO or anything else you pay through a credit card... use your own ISP for an email addy that is used only for that; never use it on a forum, friends, family, work, or anything else. In 2008 everyone should have at least 3 email accounts: Secret - financial use (don't even tell family), Private - only for family &amp; friends, Public - for public use on the Internet like on non-financial sites, forums, etc.

Yes, like several people here mentioned... more secure passwords are a must. Change them once in a while too, good time to update passwords is just after scanning your system for malware and having found it clean or cleaned it if you did find something. Password managers are a good thing... several in the toolbar.

Good luck.

 

[Guest]

If a circle of friends is hit, I'd suggest you also try and find out what you all did that was the same? Did you get any IM messages saying "look at this pic" type things? What email/web software do the infected players run, compared to yourself?

If one of you still the virus/spyware, it's possible that you'll be re-infected after cleaning your pc. So it's important that all of you clean up PCs thoroughly. It could also be that you haven't done something they did, eg giving out details on a dodgy website.

It would also be helpful to find out what antivirus/spyware programs your hacked friends were using. And whether they have scanned the daylights out of their systems. Have they found any infections?

You should scan the life out of your PC. If you haven't done so recently, backup any data that's valuable. It may be infected, so backup to CD/DVD. Don't put that disc into any pc until you know you're running software capable of cleansing it. It's just handy in case you have a virus which may do more damage to your data.

On a basic installation where you have only a few programs and minimal personal data, you may feel it's not too much trouble to format the drive. Just make sure you triple check for files you need to backup. Things like the UO desktop files for example

Wenchy