Pink Poogle Toy Forum

Especially for Premium users since there is important information you can get through that.

Neopets just left for New Years Holiday and even updated the news earlier so they can leave earlier.

... Anyone else feel ditched?

In the Editorial it says that there's a HUMAN patrolling the boards all the time, but if there's actually a HUMAN then why can't they pass on that there's an evil hacker out to cause an apocalypse upon Neopets?

I'm sure there is someone there trying to do something now. I mean, Holiday or not, if there is a serious enough problem people will return to handle it since it involves Premium.

If Neopets just lets the problem go and someone gets the personal information of a Premium user and causes problems with it, can't Neopets get in legal trouble?

Maybe TNT is implying that we need to enact some sort of vigilante justice. Now everyone raise your pitchforks and torches and join me on a planetwide hunt to find and ring up that evil hacker/cracker!

Maybe we can google up his home address and go to his house and give him a stern talking to out behind the woodshed, if'n ya know what I mean.

Right now he's on the boards, seriously considering calling it quits and becoming a White Hat as a New Year's resolution. *crosses fingers*

First, White Hat?

Second, if he/she/it really had any compassion, he/she/it would do us all a favor, turn his/her/itself to the Feds, and start sniching on other like him/her/it.

Last, does this mean we have to call off the lynching?

White Hat: Hacker that hacks for the GOOD of others. For example: vigilante justice, finding flaws in programming so they can be reported to the webmaster and fixed, etc.

Tristin, the guy who had the biggest account hacked (user XXXX), apparently like a billion np account, has been on the boards saying that he saw it happening, had the account frozen, and went back in his bowser history, found the cookie grabber, and sent a copy to someone at neopets, and they've blocked it.

The guy claiming to be the hacker had been saying that some people including this guy who had been hacked were using firefox/mozzilla, but Tristan was saying he had been using IE at the time, and that he thought firefox was safe.

It's hard to know what to believe on those boards. But, while I've seen these guys talking smack on the boards a few more times, I don't think there have been any "giveaways" lately. Which makes me suspect they haven't been able to get into any new accounts. I wouldn't let my guard down just yet, but it may be that the problem that allowed the cookie grabber was already corrected a few days ago. Which might also account for that "new year's resolution" someone mentioned above.

I hope it is all over, but like you I'm keeping my guard up for now. Of course with tnt they never admit there is a problem and so never tell us when something has been fixed ¬_¬

Heh, I was pricing my shop and had to avoid snapping up all the bargains I saw - it just ain't worth it at the moment.

Fair enough they SHOULD have sorted this out whenever and if ever it was brought to their knowlege. Maybe they could have even dissabled shop html and likewise with updating pet pages and other editable pages.

But I certainly don't blame them for leaving early to celebrate new years. They have lives too...

Also I do believe there IS a human patrolling boards most of the time. Although I also believe it is only one human. Hence the reason offensive boards stay up for so long without being deleted.

There may or may not be anyone to watch the site now however. I myself can't even access the site properly due to lag today...

Either way, I'm not going to any lookups, pet pages, descriptions or shops for the time being.

TNT wouldn't leave the site totally unmonitered. They just don't have the staff there to work on new updates and content. There's probably just a minimal crew of moderaters and support for things like the boards, userlookups and stuff.

Otherwise, once ONE person found out the mods weren't around.. there'd be chaos. Moreso than this, too. XD

It looks like the WMF vulnerability in all Windows systems is going to be a big deal.

http://it.slashdot.org/it/06/01/02/1153 ... 01&tid=218

http://isc.sans.org/





They are recommending that anyone who uses any kind of Windows system follow the following instructions:



And then download & install this patch:

http://handlers.sans.org/tliston/wmffix_hexblog13.exe

Wow, this is really scary to hear. I guess I'm not going to shop in user shops, not view other lookups, go to petpages, etc. until this becomes safer. I don't want anything to happen to my account. ;__;

Ok, this may be really late - but yeah, pretty scary to hear. Now I have a question (and don't kill me if it has been asked before): if this 'cracker' uses a cookie grabber, wouldn't it just be the simplest solution to change your password and NOT make a cookie of it? ie simply log in each time? There simply wouldn't be a cookie to grab, if I'm correct, no?

Also - I still believe in good intentions, but reading these 5 pages has made me pretty paranoid - earlier tonight, a user named 'the_andromeda_galaxy' (I have neomailed with this person before, she seemed pretty friendly) gave me a 'Maraqua 1.4 WC Piece', saying they paid 99k for it a couple of months ago, but



So, how about it? Is my solution a good one? Should I be suspicious of this person? Thanks for any replies.