<p>There has been an explosion of account security related hacks since a few weeks before Xmas. Account usernames and passwords were captured by those responsible and lev 90 characters were left naked, guild banks looted, personal banks looted... This is happening across all the servers. The accound support forums is filled with tons of us who are locked out of our accounts, and/or have accounts filled with naked toons.</p><p>Before people start saying that my computer was infected with a keylogger etc, I have to say my computer is clean, I run security programs, malware and anti-script programs constantly. I have never bought plat, never had a toon power leveled. I do not have my ProfitUI set to auto-log me in, nothing. It seems to me the only place where my username and password are used in conjunction is to log onto these forums and to my account page. I can only think that SOE's security failed in someway allowing our information to be visible.</p><p>The lack of customer support for those that have been robbed is aggravating. The chat and phone support people are unable to access any information regarding in-game investigations or petitions, and can not give us even a ballpark guess on when our accounts can/will be restored.</p><p>Here is the most recent email from in-game support:</p><p><span ><em><strong>"We apologize for any miss-communication. Your petition is not closed. Your account has been verified and secured and, <strong>for the moment, due to the shear volume of petitions, we are temporarily putting the restoration of compromised accounts on hold.</strong> You will not go to the back of waiting line; the handling of your petition will be respected by the order in which it came. Thank you for your comprehension."</strong> </em></span></p><p>So there we are, accounts suspended or characters naked, and they are putting account security petitions on hold due to the sheer volume. They will continue to bill us, refunds are not an option per customer service. I believe this was a lapse in SOE's security as the number of increased account hacks has exploded timed around the holidays and server merges.</p><p>Please please to ANY TSRs out there, give us an ETA on our account fixes, any word would be appreciated. Many of us have been with EQ2 since the Beta, to be left out in the dark like this is infuriating. We know this has been over the holidays, and believe that the attacks were timed for them. But the lack of communication, even a short message saying they are looking into the issues, anything would make those of us in this position feel like someone at least is working on it.</p>

<p><cite>Gaffitis wrote:</cite></p><blockquote><p>Before people start saying that my computer was infected with a keylogger etc, I have to say my computer is clean, I run security programs, malware and anti-script programs constantly.</p></blockquote><p>Of course you have to say that, everyone who is "hacked" always does. The simple fact is, unless you are an IT expert (and possibly even then) you can NOT definitively say your computer has not been infected with a keylogger or something similar. People who use those types of things create new ones every day to find ways around all forms security programs.</p><p>Don't get me wrong, I am NOT saying it IS on your end, just that it COULD be, despite your precautions and confidence that it is not.</p>

<p>Most Keyloggers and Trojans don't usually come from disruputable sites these days (but they can and will come from there).</p><p>Its actualy from legit sites using ad feeds. MSN.com, CNN.com, any big name that uses adfeeds can infect your computer. You need to be running anti-virus AND malware protection (such as Malware bytes).</p><p>Another safety net is running Firefox with Adblocker and NoScript addons installed. This way flash addons can't put these things on your computer. Also do not login from public networks. Firesheep can pick up Myspace, Facebook, Twitter logins. Many people use these logins and passwords for their EQ2 or other MMOs.</p><p>Unencrypted wireless connections will spread your login info through the airwaves to anyone setting a reciever to 2.4Ghz (I believe is the current standard, don't quote me there) when you login.</p><p>Brute force attempts are detectable, and would cause alarm on SOE's side.</p><p>One thing SOE could do for us is tell us how many times out account has had failed login attempts since our last login like they did in EQ1.</p>

<p>I also was hacked. Dec 25th I logged in to find everything missing from all my toons. I still have no response. I've attempted to contact live chat and phone support. Phone support has been closed since yesterday do to a holiday vacation (and when I got a hold of them I was only told to be patient and assured me I was "in line" to be helped) Live chat help told me the same thing.</p><p>I can't even get an ETA of when  my account will be better. I've been a member since 2005 and have never had a problem.</p><p>I DID read from somewhere (not sure how ture it is) that it is the ingame browser that has the security breech. This would make sense in my case, as I had /petitioned the day before this happened...and I had to log into my account to do the petition. This was the first time in years I had /petitioned and the very next day my account had been hacked.</p><p>whatever the cause, please fix it sony!</p>

<p>My sympathies to everyone who was hacked. I do have a good suggestion for you while you wait for resolution.</p><p>No one firewall, antivirus, etc. can get every malware item. At least once per quarter, and DEFINITELY after you have been hacked, run the excellent <a href="http://forums.majorgeeks.com/showthread.php?t=35407" target="_blank">Major Geek's Malware Removal Protocol</a>.</p><p>This protocol will guide you through the use of free tools. Follow all the steps, exactly. You will be shocked and surprised at how much krap makes it past your regular AV/firewall. And system performance usually goes up because you get a lot of housekeeping and cleanup done on yoru machine in the process.</p><p>Outside of game, I use <a href="http://www.mozilla.com/en-US/firefox/" target="_blank">Firefox</a> with <a href="http://adblockplus.org/en/" target="_blank">AdBlock Plus</a>, and a script/flash/Java blocker.</p><p>If you use EQ2i's wiki site, be sure to login. Set up a gmail account just for that and set up a userID, because once logged in, you will not see ads except on the front page. The parent Wikia organization doesn't vet their ads and an occasional attack ad slips in.</p>

<p><cite>CeruleanBlue wrote:</cite></p><blockquote><p>I DID read from somewhere (not sure how ture it is) that it is the ingame browser that has the security breech. This would make sense in my case, as I had /petitioned the day before this happened...and I had to log into my account to do the petition. This was the first time in years I had /petitioned and the very next day my account had been hacked.</p></blockquote><p>Sadly this would not surprise me since I think they're running an older (more vulnerable) version of the browse-baser and there is no way for a user to upgrade it or secure it. Heck, I can't even find where it stores its cookies.</p>

<p>I was hacked as well a few weeks before Christmas.</p><p>I would love to see SOE come out with an Authenticator token like WoW has. I'd buy it in a quick second.</p>

<p>I know for a fact that I've had malware programs detect malicious tracking cookies that came in through the in-game browser. Unfortunately I forgot where they were located - I just removed them.</p>

<p>A couple friends of mine had their accounts hacked around Thanksgiving, same MO as the Christmas time hacks - toons left stripped and naked in Gorowyn, etc. Both friends are computer savvy individuals that never shared info or bought plat, etc.</p><p>I changed my password immediately when it happened the first time - friend in question had inactive account, hacker used weekend pass for $5 - and shortly after that my second friend got hacked, in this case on an active account. So far, I have not had my account hacked (crosses fingers)</p><p>I suspect the hackers chose holiday times specifically as that is when customer service is at its weakest. Although server mergers and the in-game browser have been mentioned as possible security breaches, another possibility it that the hackers are using information gained from comprimised security at other MMOs (AION comes to mind) -My friends and I have followed each other thru many other MMOs (although we have been with EQ2 on/off since launch) and I am guessing we are not alone in the unfortunate practice of using the same user/pwd combo in most of our game logins.... <img src="/eq2/images/smilies/1cfd6e2a9a2c0cf8e74b49b35e2e46c7.gif" border="0" /></p>

<p><cite>Shade@Oasis wrote:</cite></p><blockquote><p>My friends and I have followed each other thru many other MMOs (although we have been with EQ2 on/off since launch) and I am guessing we are not alone in the unfortunate practice of using the same user/pwd combo in most of our game logins.... <img src="/eq2/images/smilies/1cfd6e2a9a2c0cf8e74b49b35e2e46c7.gif" border="0" /></p></blockquote><p>Never, ever do this. Even if you trust the companies in question, it means a single compromise can hit multiple games. And of course there's:</p><p><a href="http://www.xkcd.com/792/" target="_blank" rel="nofollow">http://www.xkcd.com/792/</a></p><p>And never ever trust links in e-mails. If you follow a link in an e-mail and then enter your password, you may have just gotten bit by a scammer who sent a forged e-mail and used URL-obfuscation tricks to make you think you were at the real website when you were actually talking to a server he controlled.</p>

<p><cite>Fyfe@Najena wrote:</cite></p><blockquote><p>I would love to see SOE come out with an Authenticator token like WoW has. I'd buy it in a quick second.</p></blockquote><p>Euuhhn No. I rather see a FREE utility for my Iphone with an Authenticator just like i had for WoW.</p>

<p><cite>Moonflake wrote:</cite></p><blockquote><p><cite>Fyfe@Najena wrote:</cite></p><blockquote><p>I would love to see SOE come out with an Authenticator token like WoW has. I'd buy it in a quick second.</p></blockquote><p>Euuhhn No. I rather see a FREE utility for my Iphone with an Authenticator just like i had for WoW.</p></blockquote><p>Then again the authenticator authorization server can go down, preventing players to play (like what happened the other day)...for all players.</p><p>But a log of login attempts (with IP) can help, do like that suggestion. No one should be logging in from my account from any other IP/location, period.</p>

<p>There are already quite a few threads about this issue.  Perhaps adding your voice to them would be better then starting a new thread.  Thank you!</p><p><span ><a href="list.m?topic_id=492936">An Open Letter to Sony</a> </span> <span > </span></p>