Return Of the Cookie Grabbers ?

Sun May 07, 2006 11:25 pm

There is a whole lot of specualtion the CGers are back . The theroy is that the hackers have somehow been able to get bye the current script that is blcking CGers .

There have been many accounts attacked and frozen over the past comple of days including a fellow PPTer Arogance1 ( this may or may not be from CGers ). But are cookie grabbers back or is this all just being churned out by the rumour mill . Post your opions below .

Sun May 07, 2006 11:53 pm

I dont think cookie grabbers will ever be completely gone.

TNT is trying to block the codes though. but there will always be scam sites that will cookie grab you as well.

Sun May 07, 2006 11:55 pm

Virtually no scam involving a program like CG or keyloggers can ever be truly eliminated. the best that can be done is to notify everyone of the problem so it doesn't affect anyone

Mon May 08, 2006 12:14 am

Speaking of cookie grabbers. I just saw someone on the Trade board (on neopets) trying to sell a Draik egg who had a CG on their lookup...

so, yeah, they are still here.

Mon May 08, 2006 12:20 am

Makes me glad for the PIN system. If I do get a CGer, everything is protected. A key logger has always been less of a worry for me because you have to type your password and pin for the baddies to get it. I never log out and am the only one who can log on to this computer.

Mon May 08, 2006 12:36 am

Makes me glad for the PIN system.

I thought Arogance1 has his PIN system enabled, and his SDB got hacked into and his pet was pounded.

Mon May 08, 2006 12:38 am

Did he have them enabled for his SDB and the pound?

Mon May 08, 2006 12:47 am

stampsyne wrote:Makes me glad for the PIN system.

Just because you have a pin, doesnt mean you cant get hacked. If people can get your pw, then people can get your pin.

I just makes it a LITTLE bit harder to get hacked.

Mon May 08, 2006 1:07 am

Anyone have more information? If you do, pm me, I'll look into it... again.

Mon May 08, 2006 2:28 am

I always assume they were never really taken care of. I never visit anyone's lookups or pet pages, not even my own from another account. (in case someone some how CG'd me on that account they at least wouldn't get my other ones)

I always delete my cookies and cookie files and clear my history before logging in and after logging off.

I have an "exploring/buying account" that I lend NP to from my main. I use it from another computer so I can buy stuff from people's shops then I transfer the items to my main. That way if I get CG'd then they'll only get my uber poor exploring account instead of the one with all my valuables on it.

BTW: How can you check if someone has one on their page? I really don't know what to look for. I just assume they are there, just to be safe.

Mon May 08, 2006 5:06 am

What can you do to stop it? Or at least, stop it from happening to you?

Mon May 08, 2006 5:15 am

Basically just avoid user owned shops and lookups. Don't go to off site neopets pages or other suspicious pages unless you know that it's safe and remember to clear your cookies and change your password often.

Mon May 08, 2006 6:54 am

This whole issue of cookie grabbers and not being able to go into user shops or lookups is really depressing. Neopia is supposed to be a fun place, and all this account theft is outrageous...

Mon May 08, 2006 6:56 am

Snippy wrote:I always delete my cookies and cookie files and clear my history before logging in and after logging off.

That won't help you. The same cookie is valid until you change your password; if you delete it it will just get reset to the same thing next time you log in.

(It would protect against someone with access to your computer, but that person could usually get it some other way, like a keylogger, so in the end it doesn't help much.)

Snippy wrote:BTW: How can you check if someone has one on their page? I really don't know what to look for. I just assume they are there, just to be safe.

Read through the page source. You have to know HTML, and be good enough with it to really understand what's going on. And even then it can be hard--I've reported a few bugs (all fixed!) that would have allowed very devious, hard to find even by reading source cgs.

Eynah wrote:What can you do to stop it? Or at least, stop it from happening to you?

Snippy wrote:Basically just avoid user owned shops and lookups.

Neopets is supposed to make it so we don't have to do that. And for the most part, they do.

Snippy wrote:Don't go to off site neopets pages or other suspicious pages

That won't help at all. Non-neopets pages can't look at your neopets cookies. There has to be a problem on neopets for someone to steal your neopets cookies.

Mon May 08, 2006 8:51 am

dolphinling wrote:
Snippy wrote:I always delete my cookies and cookie files and clear my history before logging in and after logging off.

That won't help you. The same cookie is valid until you change your password; if you delete it it will just get reset to the same thing next time you log in.

(It would protect against someone with access to your computer, but that person could usually get it some other way, like a keylogger, so in the end it doesn't help much.)

Urrrgh.. Well isn't that lovely? My parents probably already have a keylogger on most of my stuff anyway, not that they would care about my neopets account...

I've read that certain symbols don't show up, even when you email your pass word to yourself, like ~!@#$%^&*( and )

It that true?