People in maplestory are getting hacked left and right

This is an archive of the mabination.com forums which were active from 2010 to 2018. You can not register, post or otherwise interact with the site other than browsing the content for historical purposes. The content is provided as-is, from the moment of the last backup taken of the database in 2019. Image and video embeds are disabled on purpose and represented textually since most of those links are dead.

To view other archive projects go to https://archives.mabination.com

LeonSilvis wrote on 2011-10-25 07:06

I"m kinda afraid of playing on vindi now.

I havent played on maple but my account did get hacked. Heck even my account password was changed and all my avatars in DFO were gone. They even found how to reset my goblin pin number in game.

atm, i'm hesitant to play any nexon games until this is over with
TA wrote on 2011-10-25 07:45

Nexon needs Authenticators like Blizzard has. I imagine it'd help quite a lot...
Loopulse wrote on 2011-10-25 12:40

Quote from TA;634806:
Nexon needs Authenticators like Blizzard has. I imagine it'd help quite a lot...

And what's that do exactly?
TLCBonaparte wrote on 2011-10-25 17:22

good thing my brower saved my password and account name so I only have to press login to start playing :D
Excalibuurr wrote on 2011-10-25 19:06

Quote from TLCBonaparte;634963:
good thing my brower saved my password and account name so I only have to press login to start playing :D

Nexon website is being a douche, won't work for me. D:<

Also, I WILL NEVER GET HAXORED
whocares8128 wrote on 2011-10-25 19:07

Quote from TLCBonaparte;634963:
good thing my brower saved my password and account name so I only have to press login to start playing :D

Your browser remembering your password will only protect you from keyloggers; your username/password are still being sent. If someone were able to intercept communications between you and Nexon, they could still get to this information, though it should be encrypted.

Quote from abc33kr;631397:
I read that when you try to log in with the wrong password, nexon gives the hacker your encrypted real password. and all the hacker needs is a simple program to retrieve your password.

This doesn't make any sense to me. There's no reason for Nexon to give anyone your password, encrypted or not.

In general, your encrypted password is stored on the server (as your actual password doesn't even need to be stored anywhere). When you log in, what you typed for your password runs through the same encryption process on the server and is compared to the stored encrypted password on the server. Everything should be happening on the server, and all it should return to you is a yes or no.

When customer databases have been hacked in the past, it was these encrypted passwords that were stolen. It would be beyond dumb for Nexon to send the encrypted password to someone failing a login attempt.

Also, most encryption algorithms for passwords are cryptographic hash functions, and thus not reversible, meaning that some information is lost in the encryption process and you cannot (feasibly) determine from the encrypted password what the original password was, even knowing the encryption process.
TLCBonaparte wrote on 2011-10-25 21:09

Quote from whocares8128;635015:
Your browser remembering your password will only protect you from keyloggers; your username/password are still being sent. If someone were able to intercept communications between you and Nexon, they could still get to this information, though it should be encrypted.

This doesn't make any sense to me. There's no reason for Nexon to give anyone your password, encrypted or not.

In general, your encrypted password is stored on the server (as your actual password doesn't even need to be stored anywhere). When you log in, what you typed for your password runs through the same encryption process on the server and is compared to the stored encrypted password on the server. Everything should be happening on the server, and all it should return to you is a yes or no.

When customer databases have been hacked in the past, it was these encrypted passwords that were stolen. It would be beyond dumb for Nexon to send the encrypted password to someone failing a login attempt.

Also, most encryption algorithms for passwords are cryptographic hash functions, and thus not reversible, meaning that some information is lost in the encryption process and you cannot (feasibly) determine from the encrypted password what the original password was, even knowing the encryption process.

It is possible to know the password through decryption either by knowing the key number (There is this number they use to form encryption), or you just need to spend ten year or so trying stuff out :P
whocares8128 wrote on 2011-10-26 13:53

Quote from TLCBonaparte;635122:
It is possible to know the password through decryption either by knowing the key number (There is this number they use to form encryption), or you just need to spend ten year or so trying stuff out :P

That depends on the type of encryption used. Password encryption algorithms are generally created in such a way that they cannot feasibly be decoded, where there is no 1:1 relationship between the hash and the original message. Obviously this is not the case for encrypted communications over the internet, as the intended recipient must be able to decode the message.
What wrote on 2011-10-26 18:03

Everything sent to Nexon is practically in plain text. That includes your username and password.
Iyasenu wrote on 2011-10-26 22:08

Oh I got hacked and lost 8k NX when someone got on my account and used the MTS to buy crossbow arrows for a dumb amount.

I wonder if this means I'll get compensated as well. :T

I just wish I could have my sense of security back, too. :(
Kollin wrote on 2011-10-29 16:16

Is it safe to log in again? Or should I just continue to avoid Maplestory?
Lolicon wrote on 2011-10-29 19:43

I'm afraid to check my MS account.
Bride wrote on 2011-10-30 00:43

Quote from Iyasenu;636477:
Oh I got hacked and lost 8k NX when someone got on my account and used the MTS to buy crossbow arrows for a dumb amount.

I wonder if this means I'll get compensated as well. :T

I just wish I could have my sense of security back, too. :(

wow how crappy :(
i actually dreamt my ms account got hacked last night and with this thread i'm really paranoid x.x
i don't play maple much but i'd be devastated if my account ever got hacked
TLCBonaparte wrote on 2011-10-31 04:30

Quote from tink;641602:
wow how crappy :(
i actually dreamt my ms account got hacked last night and with this thread i'm really paranoid x.x
i don't play maple much but i'd be devastated if my account ever got hacked

That's still better than my dream. I watched TB and Jesse's terraria playthrough yesterday and dreamt about finger size worms crawling all over the place and one got on my back. I screamed until my voice was gone but no one came :(

« First ‹ Prev 1 2