1. 1 Week Ago  

    Someone cracking account passwords

    While nothing been stolen, someone hacked into my account and activated my two factor authentication via app, preventing me from logging into this account, until I disabled it via email.
    I obviously immediately changed the password for both accounts and activated two factor authentication via email.

    It was probably wasn't done via keylogging, as my main account which was much more active but had same password wasn't hacked.
    Nothing was stolen, what make me believe they are looking for donor accounts with coins on them they can sell.

    I mainly make this post in order to warn people who use weak passwords and don't use two factor authentication to increase their security as someone is probably cracking into accounts.

    The IPs of the people who hacked into my account: was the IP on which my two factor auth was enabled on. was another IP on which someone logged into my account (last login on character info) 3 days ago.
    probably both are from VPN, but I'm not sure, so no issue about posting them.

    1st IP is from USA, 2nd IP is from Slovakia, I'm from neither of those countries.
    Edited: 1 Week Ago

  2. 1 Week Ago  
    This happens on basically every game and website where people are reusing usernames/emails/passwords that were leaked from a previous breach, not necessarily from the same place, and it's why we all but force everyone to have 2FA enabled.

    I highly recommend everyone uses 2FA and if not email then use an app (there's more than just ios/android) and make sure you save that unique key somewhere safe.

  3. 1 Week Ago  
    Been there... one year ago someone stole my entire **** and sent it to another character, as I'm quite sure, that was not the adressee but just a link of a bigger chain... since that day I activated my 2FA, and a few times I've received a few notifications on my mail...
    But indeed, that happens everywhere on the net...

  4. 1 Week Ago  
    Yea, I know this thing is common, but most people just ignore it as the chances it will happen to them are really low.
    I made this post in order to warn people that currently someone actively cracking passwords, so increasing their account security would be a smart move.

  5. 1 Week Ago  
    Don't use any password listed here: https://raw.githubusercontent.com/da...op-1000000.txt
    And don't repeat the password from any other service you use. This works both ways. If website X leaks passwords they can log into into Y, if Y leaks it, they can log into X.
    Consider looking into password manages and remember one master offline password.

  6. 1 Week Ago  
    I've been using a friend's old phone number as my password (when I was young he gave me his second SRO account, because I didn't know how to make one, and as I didn't know how to change the account's password I just got used to typing it. It had his username and email, so no connection to my Warmane account), so it's obviously not on that list, and really hard for people who know me to guess it, but since it was made of only numerical characters it was pretty easy to crack.

    In addition to that, my main account which I have been much more active on but had the same password, wasn't hacked, which make me believe it wasn't a keylogger, plus the fact that I barely download any executables, and when I do I scan them beforehand.

  7. 1 Week Ago  
    I was fully aware of the email leak after molten got hijacked but for some reason even though my email was compromised I changed the password in order to prevent anything to happen, yet it happened anyways. After researching in password lists like the one Dolcokidol provided I reached the conclussion that the person entering my account and stealing all the valuable items and gold from it could only have been an ex-staff member from a previous server I was playing, probably under spite or vengeful intentions. I would also advice to not use the same password on all private servers especially if they are low tier unlike this one.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts