CGs out in full force again?

[littlemac]

Okay... well... that's certainly not a good thing. -_-;; I always presumed that there would be some side effect (other than obvious loss of wealth, possesions or anything else for that matter) after you were 'Grabbed. So much for that theory - I'd better read up on Cookies more. Unless they're just completely illogical, I always thought that you needed a Cookie to be logged into a Site and when the Cookie was gone you therefore wouldn't be logged into a Site as it stored your information so if you revisited the page on another window you'd still be there. Bleurk. So much for that. -is another thing to put on todo list-

You're entirely correct. You do need a cookie to be logged in, and if it's not there then you aren't logged in.

The only part where your logic fails, is that the name "Cookie Grabber" is highly misleading. No script actually "takes" your cookies. It reads it, and passes it on to the script writer. Your cookies are still there.

[littlemac]

So, littlemac isn't correct in saying that they are no obvious symptoms of being grabbed. Sometimes there are.

There can be, as there can be symptoms of everything. But, if done properly, no, there are no symptoms that can be truly noticed.

I attempted to go to the shop and was instead redirected to a fake Neopets page. But, the person who was doing this wasn't that slick because there was an ever so slight pause before I was redirected to the page. The fake page had the CGer on it. I instantly knew that something was wrong because it didn't make sense that I was getting Neo's front page instead of the guy's shop.

Again, to me this makes no sense. Was the page it redirected to outside the Neopets site? If so, it could not have done the cookie grabbing, without installing something on your computer. The intitial page could've, but again, you did not notice it there. You noticed the fact the script writer redirected you, which was non-essential to the actual act of reading your cookies.

If that makes any sense. My point is that, yes in that case you noticed, but only because the writer did something that was very obvious, and wasn't at all needed to cookie-grab.

And, some of you can call me paranoid.

No, it's smart to be safe. Sometimes some people do take it far too far however. EG: When they stumble across a strange page entirely unrelated and outside of Neopets and ask if they've been cookie grabbed.

[Morningstar]

I attempted to go to the shop and was instead redirected to a fake Neopets page. But, the person who was doing this wasn't that slick because there was an ever so slight pause before I was redirected to the page. The fake page had the CGer on it. I instantly knew that something was wrong because it didn't make sense that I was getting Neo's front page instead of the guy's shop.

Again, to me this makes no sense. Was the page it redirected to outside the Neopets site? If so, it could not have done the cookie grabbing, without installing something on your computer. The intitial page could've, but again, you did not notice it there. You noticed the fact the script writer redirected you, which was non-essential to the actual act of reading your cookies.

If that makes any sense. My point is that, yes in that case you noticed, but only because the writer did something that was very obvious, and wasn't at all needed to cookie-grab.

OK, a bit of history about this whole thing. Supposedly, when this first started happening in December, 2006, the guy who was doing this, who claimed to be Kaos, was bragging all over the place about it. He claimed that he was able to mess with the javascript in shop descriptions. Some say he had warned Neopets about this vulnerability and it had fallen on deaf ears. Others says he was upset that one of his accounts had been frozen. Regardless, he began putting the CGers in shops. Taunting Neopets and pointing out the flaws in their system. Supposedly, he also had it out for BDers, so targetted them by pricing BD items, neggs, codestones uber cheap. And he got quite a few accounts this way. And also was able to get into premium accounts and, back then, all of a person's credit card info was stored in their premium account. Supposedly, he was broadcasting compromised users' personal info, including their credit card info, on the chat boards. Naturally after this happened, Neopets was onto him and scrambled to fix the holes in their system.

Then about a week or so later, he claimed to have found a similar vulnerability in petpages. And struck BIG TIME around the 7th of January, 2006. Which was when I got grabbed. And when lots and lots of people got grabbed. Now, you can't really get very many people to visit a petpage. But you can get them to visit your shop if you price things super cheap. So, my best guess is that he mocked up one of his petpages to look like Neo's front page and embedded the cookie grabber in the petpage's coding. He then put cheap neggs and codestones in his shop and put coding in his shop to direct people to that petpage. Which is why there was that fraction of a second hesitation. If you were tired or busy or distracted, you probably wouldn't have even noticed it. And lots of big name people didn't even notice it. Figured that it was a glitch with Neo. I only noticed it because I am, by nature, an extremely cynical person. I have played this game a LONG time. I saw price changing and people losing accounts to fake log in pages. I was here for 4/4/4 and I was here for dupe day, so I know that some people have nothing better to do with their lives than smurf other people over. So, to answer your question, no, I wasn't directed to an outside site. He couldn't have grabbed my cookies unless I was on Neo. So, it had to have been a petpage or userlookup to which he had directed me.

I know you are saying but why did this Kaos do this when he could just have easily gotten away with it without anyone noticing anything. Ah, well, I honestly don't think he did it for the nps. I think he wanted to make sure people knew it was happening. And wanted people to see just how vulnerable the site was. He wanted that "mass hysteria." That it wasn't just shops, but also petpages, and user lookups, and, according to some, even the trading post, the chat boards, and neomails. As soon as Neo fixed one vulnerable area, he would look for a new place where he could alter javascript and stick his CGers in. And who knows? Maybe he didn't exactly quite know what he was doing. So, it looked a little sloppy. I don't know how sophisticated this "Kaos" is. Some say he is a teenager. But, I think he purposely left breadcrumbs so that people would remember. Ah yes, there was a pop up box. Or ah, yes, I was redirected to a fake page. So, that people would remember exactly what happened, try to figure it out, and then talk about it. After all, the more people that are talking about him, the more fame he is getting. And the more bad publicity Neo is getting.

EDIT: And I was serious about looking into the old threads about this. So, you can step back in time and see just how this situation has progressed. If you search for cookie grabber, you will see lots of threads on how this has transpired from December, 2006 to present.

[satiran]

I'm not sure if there is a new CG threat, but over on the Avatarlog website, this was posted (bold is my own emphasis):

Cookie Grabber Warning
There is currently an exploit on Neopets that allows your Neopets login cookie to be easily stolen. Please take extreme care in going to foreign website links that you don't know, since it could cookie grab you using an iframe and you probably wouldn't notice anything unusual.

Remember to enable a PIN on your holdings, and change your password regularly - immediately if you think you've been cookie grabbed.

A message has been sent to TNT who will hopefully rectify this exploit as soon as possible.

Posted by starry; Saturday Jan. 6th @ 11:44:20 am NST

As I said, not sure if this is a new CG threat or a continuation of the previous one, but I thought that this should be brought to everyone's attention.

[Meer]

*sigh* A new threat? Or still the same threat? Or just a rumor? Who knows.

I guess we'll just have to always worry and be paranoid, because TNT will never make an official statement to reassure us and let us know for sure what is going on.