A Strange New Scam?
Thu Dec 29, 2005 2:09 am
COPIED FROM THE AVATAR BOARD:
Does anyone know if this is true?
If it is, they also posted some tips to stay safe, the most important one:
Just a thought.
There have been hackers lately who discovered how to get around the -nojs- code on lookups and petpages and stuff, and they're putting CGs on them so even going on site now is dangerous.
Does anyone know if this is true?
If it is, they also posted some tips to stay safe, the most important one:
Stay away from lookups, shops and petpages other than those of people you know and trust. From the word of the hackers (this guy called Kaos), who is pretty much the main hacker now - his username is drink_brawls, I think, (but don't look him up!) they are coming up with a CG that doesn't have a popup so you won't even know when it happens.
Just a thought.
Thu Dec 29, 2005 2:41 am
This was brought up on my guild's forums as well... It's making me nervous, I've decided to stay off of neo for the rest of the week, or until the all clear signal is given. 
Thu Dec 29, 2005 3:01 am
Wow, that's freaky. Seeing as I only play games and stay away from things like Neoboards, I don't run into too many people I've never talked to. So I think I'll be safe.. hopefully. Hah. Thanks for the warning. 
Thu Dec 29, 2005 3:05 am
This has been a problem for many months - the username Kaos (and his many hacked accounts) has been on the Battledome Chat telling everyone who will listen what he is doing, apparently he has done severe damage to many accounts and TNT has tried to stop him but can't.
What he does is very real - 2 people I know have been affected by his cg's. Luckily both accounts were saved.
Main things to look out for - very cheap UB's. If you see an offer that is too good to be true than it is. This guy (group of guys) encourages people into there shops with really cheap items and set up CG's to steal your account.
There is a group of these "hackers" who have a website and encourage other people to join and learn how to set up these programs.
The Battledome Chat will often have posts about this person and what he is capable of.
As a sidenote: I know "hacking" is really the wrong phrase here, but as I am not into all the tech talk, I have no idea what else to call it. Some refer to it as "scripting" due to the scripts they write.
What he does is very real - 2 people I know have been affected by his cg's. Luckily both accounts were saved.
Main things to look out for - very cheap UB's. If you see an offer that is too good to be true than it is. This guy (group of guys) encourages people into there shops with really cheap items and set up CG's to steal your account.
There is a group of these "hackers" who have a website and encourage other people to join and learn how to set up these programs.
The Battledome Chat will often have posts about this person and what he is capable of.
As a sidenote: I know "hacking" is really the wrong phrase here, but as I am not into all the tech talk, I have no idea what else to call it. Some refer to it as "scripting" due to the scripts they write.
Last edited by Daze on Thu Dec 29, 2005 3:07 am, edited 1 time in total.
Thu Dec 29, 2005 3:05 am
There are rumours that premium users in particular are being targetted. And if they've bypassed the nojs code then they can get your password without much effort at all :|
I didn't realise shops were no go areas too (though I should have) - thanks for the heads up.
I didn't realise shops were no go areas too (though I should have) - thanks for the heads up.
Thu Dec 29, 2005 3:13 am
I heard about it on the Premium board that the guy put a grabber on a petpage, then tried to get people to view his "screenies."
How can someone be so low?!
How can someone be so low?!
Thu Dec 29, 2005 3:30 am
Thats very scary. So basically theres code out there that will be able to grab your cookies just from you visiting the site? Is this a java thing, or you viewing a picture? And basically, any userlookup, petpage, and shop has the potential to have these cgs on them?
Thu Dec 29, 2005 3:39 am
They've found a way to get around the no java script code that neo uses, so they can put their own java script on petpages, user lookups, pet lookups, shops etc. Basically, if they have bypassed the nojs code they can do whatever the hell they like - visit a page they've fixed up and wave goodbye to your account :S It's on the neo site so your browser, even firefox, has no problems handing over cookie info when requested - after all it's the originating site that is doing the requesting. Nasty.
Disabling javascript in your browser would protect you but it will make the game pretty unplayable... mind you it's pretty unplayable as it is anyway.
Disabling javascript in your browser would protect you but it will make the game pretty unplayable... mind you it's pretty unplayable as it is anyway.
Thu Dec 29, 2005 3:53 am
Um, what's a CG? I've heard it stands for cookie grabber, but what is it, exactly?
Thu Dec 29, 2005 4:04 am
Internet sites place files in your browsers/computer called cookies. These hold all the info you've put into the site, in these cookies. Eg: Passwords.
Cookie Grabbers are a Trojan that can grab these cookies. So in short, they steal your passwords. The end.
Cookie Grabbers are a Trojan that can grab these cookies. So in short, they steal your passwords. The end.
Thu Dec 29, 2005 5:09 am
Yeah, this has been going on for quite awhile. I heard that this guy (or group of people, or whatever) is exploiting the -no js- bypass to screw up the site because TNT ignored him when he tried to tell them about it. I have no doubt that it's real, I was there on a thread when one girl put her account at risk to test it. The main hacker got into her account, moved some of her stuff around (points, sdb items), posted on the thread FROM her account, and then logged out of it. He didn't actually steal from her, which was good.
But yeah, be cautious everyone. I dunno, would virus protection block that sort of thing?
But yeah, be cautious everyone. I dunno, would virus protection block that sort of thing?
Thu Dec 29, 2005 5:10 am
Ah, so it's been going on for a while now? I suppose most kinds of personal pages should be a no-go zone... we just all better watch out now. I doubt Neopets could fix this without shutting down the entire server for days and fixing the codes.
Unless this has been going on for a while and Neopets just simply doesn't care. But if it does, then how will we be able to do our shopping? Buy overpriced items each time so that we won't fall for some kind of a scam?
Unless this has been going on for a while and Neopets just simply doesn't care. But if it does, then how will we be able to do our shopping? Buy overpriced items each time so that we won't fall for some kind of a scam?
Thu Dec 29, 2005 5:40 am
I was on the site earlier and as usual went to lurk on the BD chat (you can find alot out on that board, plus many times have a good giggle when the 'regs' are being silly).
Apparently, it's this kaos person and someone else, name starts with an I and ends in numbers and is supposedly a girl. What they were saying on the BD chat (whether this is true or not) is that the I person (can't remember the name right now) is the one who actually made this thing, kaos is doing the collecting.
If you're asked to go to a lookup, petpage or someone posts that they have great things cheap in their shop, I'd be skeptical. Some people have gotten a pop-up and when they try to close it/backspace they got an error message. And that is that - your info is in their hands. However and whatever has been done ends with .cgi, so it seems to me that what needs doing is to simply stop that file extension from being able to be used.
I don't claim to understand this stuff, I'm totally non-technical. I have no idea how they created a pop-up and this cg.
Someone posted that they contacted TNT after last night's debacle and were told that they were allegedly d/l an autobuyer when they got cookie grabbed. Whether this is part of this whole thing or not, I don't know.
I wouldn't have known anything, seeing as I was briefly on the site last night and didn't go to any chat besides charter
And yes, apparently Premiums are being targeted along with BD'ers ... which is even more troubling since if they get that info, there's nothing to stop them from getting into your premium info meaning your personal/credit info.
All in all it's a mess. kaos posted on an account a little while back boasting that TNT had gone beyond IP ban to something even higher and stricter and that it took him about an hour to "crack" it. This needs to be stopped. I worry about our neo accounts, yes. I also worry about what else this person or persons are up to. Nothing would make me happier that to see on the news that such and such group of people were arrested for computer hacking/identity theft.
BTW, just so you all know, disabling javascript is against the rules on Neo. It's, for some reason, considered an unfair advantage.
Apparently, it's this kaos person and someone else, name starts with an I and ends in numbers and is supposedly a girl. What they were saying on the BD chat (whether this is true or not) is that the I person (can't remember the name right now) is the one who actually made this thing, kaos is doing the collecting.
If you're asked to go to a lookup, petpage or someone posts that they have great things cheap in their shop, I'd be skeptical. Some people have gotten a pop-up and when they try to close it/backspace they got an error message. And that is that - your info is in their hands. However and whatever has been done ends with .cgi, so it seems to me that what needs doing is to simply stop that file extension from being able to be used.
I don't claim to understand this stuff, I'm totally non-technical. I have no idea how they created a pop-up and this cg.
Someone posted that they contacted TNT after last night's debacle and were told that they were allegedly d/l an autobuyer when they got cookie grabbed. Whether this is part of this whole thing or not, I don't know.
I wouldn't have known anything, seeing as I was briefly on the site last night and didn't go to any chat besides charter
And yes, apparently Premiums are being targeted along with BD'ers ... which is even more troubling since if they get that info, there's nothing to stop them from getting into your premium info meaning your personal/credit info.
All in all it's a mess. kaos posted on an account a little while back boasting that TNT had gone beyond IP ban to something even higher and stricter and that it took him about an hour to "crack" it. This needs to be stopped. I worry about our neo accounts, yes. I also worry about what else this person or persons are up to. Nothing would make me happier that to see on the news that such and such group of people were arrested for computer hacking/identity theft.
BTW, just so you all know, disabling javascript is against the rules on Neo. It's, for some reason, considered an unfair advantage.
Thu Dec 29, 2005 7:08 am
Wow I never knew about this scam till now. 
Seems like you can't do anything on Neopets these days for fear of getting scammed somehow. What defense do we have against this if any, since disabling javascript is out of the question?
Seems like you can't do anything on Neopets these days for fear of getting scammed somehow. What defense do we have against this if any, since disabling javascript is out of the question?
Thu Dec 29, 2005 7:48 am
Well, for people still using IE, there's a recent exploit that lets anyone take over your computer completely just by having you view a page... They could be using that, or they could be not using it. In any case, Firefox isn't affected (but if you get a download box you didn't request yourself, don't download it, because then you will be vunerable).
If anyone can link me to an unfrozen account that supposedly has this, I can (safely, since I know what I'm doing
) deconstruct it and give a better idea of what's going on to everyone. I can't seem to find any real information on the neoboards (figures).
If anyone can link me to an unfrozen account that supposedly has this, I can (safely, since I know what I'm doing
) deconstruct it and give a better idea of what's going on to everyone. I can't seem to find any real information on the neoboards (figures).