• Hail Guest!
    We're looking for Community Content Contribuitors to Stratics. If you would like to write articles, fan fiction, do guild or shard event recaps, it's simple. Find out how in this thread: Community Contributions
  • Greetings Guest, Having Login Issues? Check this thread!
  • Hail Guest!,
    Please take a moment to read this post reminding you all of the importance of Account Security.
  • Hail Guest!
    Please read the new announcement concerning the upcoming addition to Stratics. You can find the announcement Here!

ICQ Hacked

G

Guest

Guest
Since I had several other rares dealers on my ICQ, posting this here.

Not sure how, but as it states above. I have exhausted my methods of trying to get it back under my control. Yes, have multiple firewalls and virus protection.

If you get any messages asking you to do anything, borrow anything, links or whatever... it is NOT me. Please spread the word to help keep those in this community safe. Thank you.
 
T

Tomas_Bryce

Rares Collector Extraordinaire | Rares Fest Host
Stratics Veteran
Stratics Legend
I just got some strange uo site link from the last person I would expect to spam that. I am afraid he mustve gotten his icq hacked too.

Repeat with me: Don't go to any sites you have not heard about before.
 
G

Guest

Guest
Assia, how old is your ICQ number?

My original ICQ number, 6840996, was originally linked to a very very old hotmail username before hotmail made it to hwere you can't register a username that went inactive. An unscrupulous individual created the hotmail account (it had been inactive for many years) and used that method to steal my ICQ # to get a password sent to them >.<
 
Basara

Basara

UO Forum Moderator
Moderator
Professional
Governor
Stratics Veteran
Stratics Legend
Wiki Moderator
UNLEASHED
Campaign Supporter
Also, if you are using ICQ Pro 2003, get rid of it. IT was the "full-featured" version contemporary with ICQLite 4. Those older versions of ICQ (especially Pro 2003) has P2P elements in them that were easily hackable.

If you use ICQ, to be much safer, you really need to be using a modern version (I think the current version is 6.something). The more easily hackable elements were removed with ICQ 5 and the discontinuation of 2003 (Which I think you can still download, but it is heavily flagged as being non-supported software).
 
Nails Warstein

Nails Warstein

Royal Explorer & Grand Archaeologian Of Sosaria
Professional
Alumni
Stratics Veteran
Stratics Legend
UNLEASHED
Campaign Patron
<blockquote><hr>

Since I had several other rares dealers on my ICQ, posting this here.

Not sure how, but as it states above. I have exhausted my methods of trying to get it back under my control. Yes, have multiple firewalls and virus protection.

If you get any messages asking you to do anything, borrow anything, links or whatever... it is NOT me. Please spread the word to help keep those in this community safe. Thank you.

[/ QUOTE ]

I was asked to visit this site by you last night, but fortunately I didn't, cause you wouldn't respond to me afterwards. So everyone don't click or copy/paste this link, but perhaps find out who owns it and shut them down.

http://ultima-traders.t35 dot com
 
G

Guest

Guest
I've been using this messaging client for years now so I'd suggest everyone look into using it. It's alot safer than ICQ and you can use aim,yahoo,msn,icq from the same client and share the same buddy list window etc.

www.trillian.cc

You can download trillian basic for free or pay or find the pro version yourself. Customizable skins with the features of every chat program for the most part.
 
G

Guest

Guest
since the first part is a subdomain i looked up the last part.

WHOIS Underlying Registry Data:

=-=-=-=
Visit AboutUs.org for more information about t35.com
AboutUs: t35.com

Registration Service Provided By: NameCheap.com
Contact: [email protected]

Domain name: t35.com

Registrant Contact:
WhoisGuard
WhoisGuard Protected ([email protected])
+1.6613102107
Fax: +1.6613102107
8939 S. Sepulveda Blvd. #110 - 732
Westchester, CA 90045
US

Administrative Contact:
WhoisGuard
WhoisGuard Protected ([email protected])
+1.6613102107
Fax: +1.6613102107
8939 S. Sepulveda Blvd. #110 - 732
Westchester, CA 90045
US

Technical Contact:
WhoisGuard
WhoisGuard Protected ([email protected])
+1.6613102107
Fax: +1.6613102107
8939 S. Sepulveda Blvd. #110 - 732
Westchester, CA 90045
US

Status: Locked

Name Servers:
NS1.T35.NET
NS2.T35.NET

Creation date: 30 Mar 1999 00:00:00
Expiration date: 30 Mar 2012 00:00:00


When you go to t35.com you get the following:

Welcome to T35 Hosting - Free Web Hosting with PHP

Free website hosting allows you to instantly store your web page to be seen by billions of people around the world! T35 Hosting is one of the nation's leading free web hosting providers and has hosted millions of web pages since it was launched in 1997.

T35 Hosting is also proud to be the only free hosting provider that has always offered services with unlimited web space and unlimited transfer. This is accomplished by placing small ads on free hosting sites --- the more space and bandwidth you use, the more the ads get served! When you're ready for ad-free paid hosting, T35 offers two great packages with features such as mysql, unrestricted php, email, and an advanced control panel provided by cpanel.

What are you waiting for? Sign up now for our free hosting plan and start using your free web space!


So it's a subdomain. Report it to the company that gives them free web space. I will be when I get home after appts.
 
Ryna

Ryna

Sage
Alumni
Stratics Veteran
Stratics Legend
Trillian is much better than ICQ itself... not only for the security reasons but because you can also connect to irc, aim, yahoo, and msn - multiple names at the same time as well.

&lt;/plug&gt;
 
G

Guest

Guest
Thanks everyone for your advice and support.

ICQ number is pretty darn old. It is the ICQ I have been using for many years, including my days when I used to broker under Centurio and De. Its connected to my email on my private server, so not sure how they got it and didn't find any "password retrievals" in my email so obviously it was a direct grab.

Obviously, I got something from something, but I'm really careful about surfing and such. To be honest, I would have much rather them perhaps hacked my accts (which so far appear safe) than my ICQ. Rather lose a billion+ gold than have people at risk over trusting my reputation and getting hurt from it.

My McAfee is updated regularly and scans and obviously didn't catch this, nor did anything ask to "access" the internet through my firewall.. Even after it happened, didn't get anything showing up, but obviously it has to be there. Trying my other scanners and we'll see how it goes. I might do a wipe if nothing brings it up as I'm paranoid about stuff like this.
 
Ryna

Ryna

Sage
Alumni
Stratics Veteran
Stratics Legend
Perhaps it was just pure brute force?

I'm not sure if ICQ has a failed sign in limit or not...
 
G

Guest

Guest
I woke up to an icq letting me know another person on LS was hacked yesterday....this has really begun to get out of control!
 
Ryna

Ryna

Sage
Alumni
Stratics Veteran
Stratics Legend
I had to move a post (and a few attached) that had the site linked.

If you get a site from the sub-domain "ultima-traders" at "t35.com", don't go to it.

It attempts to install a "flash plug in" .exe file that isn't.
 
G

Guest

Guest
I'm going to be sending a formal email to the free site company about the subdomain and the malicious ware it has on it, as it's against their Terms and Conditions.
 
You must log in or register to reply here.
Top