Jump to content
Forums

Ncsoft's "security" system


tucky

Recommended Posts

Hello,

Warning for you all :

My bro's account got hacked this morning. He doesnt know how.

The "fun" thing is, if someone gets into you ncsoft account via the website (keylogger or something), they can change your pin code without a simple mail verification. The pin code which is supposed to be a protection against keyloggers can be changed if the hacker gets your password via a key logger. Very clever, ncsoft.

And the fail doesn t stop here. The hacker can also set up the 2 step authentificator via the website WITHOUT a mail verification. So now his account is probably stripped of everything, and he cannot get to it. Good job Ncsoft. Maybe you shouldn t skip security 101 courses next time? You know, like requiring MAIL VERIFICATIONS for security changes in account!

 

To sum up : don t be like us and believe the pin code actually protects you. It's just for looks, and to make you click like a dumbass at the game startup, thinking this somehow protects you. IT DOES NOT.

Set up the authentificator in advance before some hacker gets trough ncsoft dumb security policy.

 

Link to comment
Share on other sites

Yup i thought being in the game industry for 10 years + maybe they would have learned a few things... Guess not. 20 moonwater stones and 100 g down the drain. He had all of our savings. we liked this game so bought premium. Not going to continue if one can be hacked so easily...

Link to comment
Share on other sites

It serves you right. There arent random "hackers" on the internet that spread keyloggers around for no purpose. Do you think the hacker was like:" I got the user/pw for some random game, i'll download it just to screw with that guy!" ???    Im 99.9% certain that you, or your brother, without your knowledge went on one of those "buy gold at xxxxx" sites that are spammed on chat.

Link to comment
Share on other sites

With all the respect, if you get hacked its not NCSoft mistake, but yours. 99% of hacking is because keyloggers and they dont just grow on your computer by themself.
Use simple tools like Spybot S&D + SpywareBlaster + AV + firewall and you hardly get hacked.
Personally i use Comodo Internet Security since years and never had a problem.

Said that, i agree there must be a double verification before change the pin or add a sms verification is even better.

Link to comment
Share on other sites

While the bandwagon goes "dun go round sharing ur info" which I wholeheartedly agree with, I think yer all missing the point (aside from LiriC)... 

Where the security at BnS?

 

The fact that they can't even get rid of bots in both game and forum shows there's nothing to protect BnS from any threat like hacks or DDoS...

But then again at the end of the day, common sense is what will truly help... don't share accounts whatsoever....

 

Link to comment
Share on other sites

1 hour ago, Vexe said:

Next time, don't (try to) buy gold and don't give your password to any "friends".

Assume much? I earn my gold. If you don t have anything useful to say, don't say anything thanks

 

1 hour ago, Remlnx said:

With all the respect, if you get hacked its not NCSoft mistake, but yours. 99% of hacking is because keyloggers and they dont just grow on your computer by themself.
Use simple tools like Spybot S&D + SpywareBlaster + AV + firewall and you hardly get hacked.
Personally i use Comodo Internet Security since years and never had a problem.

Said that, i agree there must be a double verification before change the pin or add a sms verification is even better.

NCsoft's security is full of holes (no mail verification for security changes, REALLY?). If it wasn t the case i wouldn t have been hacked period. So yeah, people may have to do all these things because ncsoft skipped security 101 i guess. Is it ok though? Hell i don't think so.

Link to comment
Share on other sites

its kinda your "bro's" fault to begin with, if he didn't want his account to get hacked he should stop clicking links from unknown people, downloading exe files, etc etc.

 

yes, I agree that the pin system is useless, you don't even have to do a recovery, since the game plays itself in windowed fullscreen, if you get backdoored, he can see you press the buttons.

 

at the end of the day its not NCSOFT's fault.

Link to comment
Share on other sites

NCsoft always claimed they had fine security.

It was obvious it is not in 2010 when hundred of accounts got stolen because of a login bug on aion forum that made people land in random account and were able to change verification email without the password.

Few hundred of accounts were stolen that way, even people that weren't playing aion. NCSoft always claimed it was hacker with password lists.

 

Link to comment
Share on other sites

This community is so...

 

BnS does nothing to protect your account, everybody blames you. Also, I'm sure there are other ways of getting keyloggers than buying gold so how about we stop making wild accusations?

 

@OP: Run, never look back, the game isn't worth putting up with these kinds of people and Ncsoft does not care.

Link to comment
Share on other sites

9 minutes ago, Centimani said:

BnS does nothing to protect your account, everybody blames you. Also, I'm sure there are other ways of getting keyloggers than buying gold so how about we stop making wild accusations?

 

What ways are there of getting keyloggers that would lead to losing your Blade & Soul account?

I'd say it's pretty much only

1. Visiting gold farmer spam / forum spam websites or opening other highly suspicious links.

2. Trying to download bad software (B&S hacks).

3. Believing impostors (stuff like "your account was hacked, go to *phising website* and change your password" or "your account is bugged and will be deleted in a week, please give us a password so we can fix it")

Link to comment
Share on other sites

1 minute ago, Vexe said:

 

What ways are there of getting keyloggers that would lead to losing your Blade & Soul account?

I'd say it's pretty much only

1. Visiting gold farmer spam / forum spam websites or opening other highly suspicious links.

2. Trying to download bad software (B&S hacks).

3. Believing impersonators (stuff like "your account was hacked, go to *phising website* and change your password" or "your account is bugged and will be deleted in a week, please give us a password so we can fix it")

 

1. Shady link on the forums.

2. Downloading addons from unofficial websites.

3. Sharing your computer with somebody (it might even be a friend doing this, who knows?)

4. Phishing

 

All options that have nothing to do with buying gold or doing anything illegal by op.

Now can we stop the witch hunt?

Link to comment
Share on other sites

The "security" system is just there to create the wrong impression of safety. As long nothing happens, the illusion works. ^-^

 

One of the most important things today is: Use a different PW for all accounts.

Why?

Because your game accounts get hacked, when someone steals data from XYZ and the combination from e-mail/accountname + PW apply to other accounts. And about password strengths always remember the "correct horse battery staple"!

Link to comment
Share on other sites

@tucky Sorry, but TBH blaming NCSoft security system is kinda unfair.

 

1. Like you said yourself, someone got your account. Via keylogger or whatever, this are not the mistakes of NCsoft.

2. NCsoft provide additional security in form of 2 step authenticator, that you and your brother did not use it is also not the fault of NCsoft. If you and your brother used it, #1 the leaked/stolen account is probably more difficult to access.

 

Link to comment
Share on other sites

1 minute ago, Rief said:

@tucky Sorry, but TBH blaming NCSoft security system is kinda unfair.

 

1. Like you said yourself, someone got your account. Via keylogger or whatever, this are not the mistakes of NCsoft.

2. NCsoft provide additional security in form of 2 step authenticator, that you and your brother did not use it is also not the fault of NCsoft. If you and your brother used it, #1 the leaked/stolen account is probably more difficult to access.

 

 

I agree, you should know better than to play a game published by ncsoft.

 

/s

 

they can change your pin code without a simple mail verification. The pin code which is supposed to be a protection against keyloggers can be changed if the hacker gets your password via a key logger. Very clever, ncsoft.

And the fail doesn t stop here. The hacker can also set up the 2 step authentificator via the website WITHOUT a mail verification.

 

Link to comment
Share on other sites

you don't understand how is the pin code system works 

when u log in the security system asks for verification code , which have been send to your email and when u verify it

u can choose to save your IP (this option is useless if you are using VPN or your ISP gives you Static ip)

so you don't have to open your email every single time you need to enter the game or the forum just insert your username and password 

 

when they have created the bin code system they didn't create it to protect your account in case of your email have been hacked 

if your email have been hacked ,then all the hacker needs to do to get your account is to reset password

and that is not ncsoft fault it's yours the system works just fine if u didn't get your email hacked just like any other system

 

so check your pc for trojen or keyloger , or check your fiend's pc who knows your account info

 

their account protection system is the good but ingame protection against cheats and bots is really bad 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...