English Report - USGN hacker (stolen account)

50 replies
Goto Page
To the start Previous 1 2 3 Next To the start
19.07.16 09:20:37 am
Up
Fraizeraust
Moderator
Offline Off
So, the scenario regarding CY's situation was actually true. user Sparty sent me the PM (as you can check in his first post above in the spoiler) however I thought the U.S.G.N. ID was actually faked and not necessarily stolen. It's time to sharp my eyes for once and check the accounts - the situation seems not quiet well.

• Edit: Few accounts were stolen by the same IP, I permanently banned them to avoid suspicious activities.
edited 1×, last 19.07.16 09:35:09 am
19.07.16 09:26:45 am
Up
DC
Admin
Offline Off
Unfortunately I don't know how he managed to get control over these accounts. If anyone knows it please let me know.

Everyone should please keep in mind that secure passwords are crucial because they are the only thing protecting your accounts. Choose long passwords with many different characters.

Also never use the same passwords anywhere else. Especially not for the connected e-mail address. Using the same password for multiple sites/services makes you extremely vulnerable.
www.UnrealSoftware.de | www.CS2D.com | www.CarnageContest.com | Use the forum & avoid PMs!
19.07.16 09:58:37 am
Up
Yates
Reviewer
Offline Off
@user CY: I suggest you check the file review list to see if your account reviewed any files you cannot remember. If so - review them again.
19.07.16 02:38:34 pm
Up
MikuAuahDark
User
Offline Off
@user DC: Maybe it's related to recent ImageMagick vulnerabilities where the attacker uses specially crafted MVG files (renamed as PNG or JPG to bypass extension detection) to create reverse shell, but I doubt that. I tried to use that vulnerabilities (for testing) in avatar page but it doesn't work and the server expects JPG/PNG. Maybe it does in file archive?

It's just my speculation, so I doubt this is related.
file cs2d LuaJIT for Dedicated Server (11) JIT POWER! | Know your Lua errors! | Draw stuff at Pixelize Art --xx-- server!
19.07.16 03:37:15 pm
Up
CY
Reviewer
Offline Off
IMG:http://i.imgur.com/5GaEQ2U.jpg


Apparently this guy tried to login several times today.

@user Yates, yep I did that and only two files were reviewed by him. Both are checked and re-reviewed.
19.07.16 03:38:50 pm
Up
SmD
User
Offline Off
@user CY: Which files have been reviewed by him?
19.07.16 03:45:50 pm
Up
Rainoth
Moderator
Offline Off
us.de --> your monthly source of drama

Jokes aside, saying my brother did this and that is no valid excuse. I tried it too at some point (The casual "my brother cheated" excuse) and it didn't work out. Sucks but that's the way the world works, kiddo - you do illegal stuff, you get punished.

P.S. user Starkkz I kinda feel ashamed about thinking only of reviewer stuff and not thinking about user CY's files themselves. Glad you sorted it out.
19.07.16 03:48:07 pm
Up
Yates
Reviewer
Offline Off
My brother actually registered an account and started to spam to get me banned (was a long time ago). I asked Leiche to ban him, never happened again √

Remember kids, if your brother/cousin/friend using your computer actually registers an account here - get it over with and get him banned

@user CY: By the way - check your files to see if you edited any recently and thoroughly check the content.
19.07.16 03:52:39 pm
Up
CY
Reviewer
Offline Off
@user SmD:

IMG:http://i.imgur.com/POxFokf.jpg


Turns out there's more to it. Here are the links to the files reviewed by the hijacker. He probably did them as an attempt to stay under the radar or just trying out the new functionality as a Reviewer.

file File does not exist (12464)
file cs2d awp_ice (6)
file cs2d Ithaca M37 By CODMOD (1)
file cs2d Admin Skin (4)
file cs2d Infinite Menus - OG (1)
file cs2d barret 50.cal for scout (11)
file cs2d Battle Support V 1.0 (8)
file cs2d Extra CS2D Musics Loops (.ogg) v0.1 (1)


EDIT: He have a thing with old files.
19.07.16 03:54:36 pm
Up
Yates
Reviewer
Offline Off
I lol'd - he actually declined some files worthy of being declined yet used a reason totally unrelated to the actual reason they should be declined for.

Top notch, seems just like you (jk)
19.07.16 03:58:44 pm
Up
CY
Reviewer
Offline Off
Too bad he's not a Malaysian huh? That'd be a little bit too convenient.
19.07.16 04:17:21 pm
Up
PeculiarLookingLink
User
Offline Off
Maybe that hacker uses a password hacking programs.
Inactive dude
19.07.16 04:33:15 pm
Up
Baloon
GAME BANNED
Offline Off
Simple, just log out before you leave this site, hackers are able to check logs. He hijack user CY because he want to try how to review? Omg then. That's why I don't want being important person because people will try any way to hijack and steal your account and act like an idiot.
19.07.16 04:50:44 pm
Up
Mami Tomoe
User
Offline Off
How long were the passwords for the hacked accounts? I need to know so I'll make sure my password is secure enough...
You don't have to tell me the password just the length
19.07.16 05:18:53 pm
Up
Yates
Reviewer
Offline Off
@user Baloon: uh no

@user Mami Tomoe: The length does not matter. If I use the password omgiamsocoolandfullofmyself it will still be cracked faster than DASxAHeB (and now I have to change my password ).

Just make sure your password doesn't contain any easy human recognizable text or number sequences. So don't use your birthday and don't use any names or words. In fact, don't use anything that is recognizable to you, make up a random sequence of numbers and letters (heck go crazy and use special characters!) - eventually you will know your password by heart but by that time it's also recommended you change it to a new one
19.07.16 05:59:55 pm
Up
Mami Tomoe
User
Offline Off
Alright so my password is pretty legit
Also why is the USGN down?
19.07.16 07:49:26 pm
Up
Ahmad
User
Offline Off
@user Yates: I keep forgetting my email password because its complicated, and since I have a multi language keyboard i decided to set the language to english and type in arabic, the result was something like this ";glmhglv,v," i typed in 'password' in arabic √
19.07.16 08:12:42 pm
Up
rzvthePsycho
User
Offline Off
user Starkkz has written:
@user Rainoth: It would probably be wise to change his password & recovery mail, I talked to him on Skype but he appears to be always offline.

Edit: I'm surprised that we don't have the ability to change users passwords.

Edit 2: Whoever currently holds user CY's account is able to delete all his files, it's better to keep his account banned until we're able to contact user DC regarding this situation.


A moderator changed my password once. You must have the ability to chanve passwords.
IMG:http://i.imgur.com/tMv1FTe.png
19.07.16 08:17:29 pm
Up
Yates
Reviewer
Offline Off
@user rzvthePsycho: There is but one method for moderators: Editing the user to change the e-mail, sending a recovery link to that e-mail and changing the password. Then simply change the e-mail back to what it was and send the user the new password.
19.07.16 09:26:31 pm
Up
Fraizeraust
Moderator
Offline Off
user Baloon has written:
Simple, just log out before you leave this site, hackers are able to check logs. He hijack user CY because he want to try how to review? Omg then. That's why I don't want being important person because people will try any way to hijack and steal your account and act like an idiot.

The account logs out by itself after a certain time if website actions weren't been taken so this is not the case. In this junction, we can only judge three causes of this effect which led few accounts, including user CY's one to be hijacked:

• Brute Force / Guessing passwords;
• Weak, broken E-mail or its security;
• Website vulnerabilities (this is one is pretty much rare)

Speaking for user CY's case, the cause of this dilemma was the second reason since his password was enough strong and immune already to brute forces or guesses. Here's the quoted part of the response which I have got from him.
Quote:
I really din't see this one coming at all. I guess my account was easy to hijack due to my email being lost forever in the abyss of hotmail. I can't recover the email no matter how many bloody infos I added in the required things.
To the start Previous 1 2 3 Next To the start