Greetings Dark0ne, and whom it may concern......

My account is recently being hacked by someone I do not know. It was funny once, but now it's getting serious. Somebody is hacking my account, a mod, admin, or a rookie hacker messing around with my profile. I'm starting to take this serious now. Mods, if it was you, can you please stop doing it? I don't find that funny, guys. I'm changing my password right now to try and prevent hacking or whoever had access to my account. One time was funny, the second time is gone a little too far. I'm just trying to enjoy my time on the nexus, having fun with my friends, and then I check my profile, and somebody replaces my personal info with "my retard with my retardiness might". I keep switching it, so whoever's doing this, please stop now. I don't find this funny at all.

Now once again


If it was a real hacker, trace his IP, and bring him to justice!

If it a moderator who did this, it was funny the first time, but please don't keep doing it.

Thank you for taking the time to read my post.

Regards

Lord Slyther

Do your browser remember your password for thenexusforums.com? Automatic login.

If yes:
Maybe someone in your familiy?

Why your account? What's so special about it?

Pepsick, I log into this account personally. No one else in my family has access to my account except me, so my conclusion is that there is a hacker onto my ass, and it's more than serious.

And my account is not open for this discussion, ok? Nothing is special about it, so why do you ask about it? I didn't come here to show off my account as I used to on NG. I'm here to report a hacker for messing with my personal info.

The only people who can do that are admins and maybe moderators...don't know if moderators can, maybe Lon or Buddah could answer that. I haven't touched anything in ages.

What changed exactly?

If you must ask, here's the evidence.





Dark0ne, I may have a solution. Maybe somebody was logged in my account probably with their IP address. I think that's what happened. You should check which my account was logged in from. Or it could be a moderator.

Hope this helps.

Regards
Lord Slyther

Hmmm... Do you know of any people who might be interested in messing with you? Any neighbors, perhaps? Or friends or enemies that know about hacking?...

If this continues, then this is a serious matter... It may move to other accounts as well...



I wonder if someone is somehow doing this through false adds... I've heard about something like that before... Not that I know anything about it!

Well it could be. Maybe my friend's friend. HALOGOD454's friend on Xbox Live I bet. I believe his tag reveals the evidence. GHOST H4CK I think. I'll have a serious talk with my real life friends, and if GHOST H4CK was responsible, I got my answer. I'll bring him to justice. I'll be sure to call the cops on him if he hacks again, but so far, I haven't seen him lay hand on anything. All I seen him do was glitch overloads in Halo 3 while in the room with HALOGOD454.

It could be Ninja_Lord666's work. He could've hired a hacker to screw with me. I KNOW he hates me as hell. That could be the solution, because I know he's an anti-Slyther kind of guy. Must be rebelling against me, because he thinks I did something to 'break his rules'.

Was it Modman the founder of DarkStar? His group was under suspect. I'm sure it's him.

If it was a moderator, please stop doing this. I don't like it.

I'm going to say logged in as invisible until this problem is solved.

Seriously, who you think giving your 'real' IP at a public topic will help?

I'm just letting Dark0ne know so he knows which IP is mine.

I can speak only for myself, the only time I have edited something in any users account is if they ask me to do something they are having trouble with, 2 or 3 times maybe no more than that and only when asked via pm.

Once to hide their email from public viewing a couple of months ago, and I remember another but it was long ago and details elude me at present.

Buddah

Buddah, I wouldn't think you would mess with my account. I know you don't do that. I'm sure you're responsible enough to resist doing that. So far, I think you're a good moderator.

A couple of questions:

Have you ever logged into tesnexus from a public location?

Have you ever logged in at a friends/relatives house?

Have you ever logged in a wireless LAN/WIFI network anywhere?

I have logged in during school. But I blocked the school IP from accessing my board regarding USF studios.



So far, maybe. I think being accessed was my next door neighbour who owns the Xbox Live tag : TIMMMAAAYYYY. It could be the kids who done that. I'll ask them right now.



I don't believe I have. I think logging in from school was pretty much it.

I would recommend hiding your IP Address.

PM it to someone responsible if necessary.

We don't know what this person can do yet.

The reason I ask is others will put a username/password trap on public computers or wifi routes....some for fun others for their own intentions. The one in windows can even be configured to run hidden and record sites/usernames and passwords. Schools are not a good place to log into anywhere, they won't tell you so, but the school servers may be configured record every keystroke, sitesvisited/usernames and passwords for security reasons. There system and their rules, and yes it is legal.

Buddah

That is why when using a public computer to surf the web, I either use Firefox Portable or Torpark Portable. Auto-Deletes History and asks to verify certificates of certain adds.

This happens to me on TESNexus once:

"WARNING! The certificate of the site (site name here; in this case an add) is not valid! Your session may be being watched and/or intercepted. Accept certificate?"

Sounds fishy to me...

Yes I take security steps as well, but this is what I deal with as part of my job and security is something Dark0ne takes seriously as well, we do not have open access to everything, just what we need to moderate effectively and keep things orderly on the main site.

I asked my real life friends, and they did not pledge guilty.

Hmmm... Well, I would by wary about what you do on the web until this is resolved (i.e. personal information, credit card #, SS #, etc. Basically do not make any online transactions).

Since you have changed your password, waiting to see what happens is the course to be taken.......if it does not happen again problem solved. If it happens again, then there could be a problem.

Buddah

Firefox Portable will also bypass all ie based smartfilers! ! ! !

I'm guessing that's a good thing, right?

Thank you, Buddah.

I'm quite certain it could happen again in a few months or so, I'm not really sure, since I began breathing down on my friends' necks, their parents will supervise them. If it does happen again, I'll report it to you.

And gman, I'm pretty sure everything's secure now.

Glad to hear it.

You have my word that I was not in your account.

I have never accessed a members account to change anything other than the obvious banning option which is an indirect modification to an account via script.

I would venture to guess you either have a keylogging trojan on your PC or a PC you used to login to the Nexus...assuming you do not allow the site or browser to remember your ID and Password.

This "seems" like a targeted attack so if the hacker had access to your PC, they could have installed a keylogger to record your keystrokes for a period of time and removed it and the log file to cover their tracks. The best solution in this scenario is to change all your passwords to something you have never used before and is fairly complex like sabr123@

Another possibility where anyone could have hacked you is if you used a generic or easy-to-guess password. Again, the recommendation here is to change your passwords.

Article: How to Protect Your PC

LHammonds

I have gone to 16 character random passwords that use upper and lowercase letters, numbers and even symbols for all of my Important Sites. I change those passwords out a least every 90 days. You may think I am paranoid but the truth is hackers don't break there backs over security like that. There are too many easier 'fish in the sea'.

If I have a problem which I haven't then it's easy to check for keystroke loggers and the like because I can safely rule out someone guessing my passwords. People with backgrounds in computer security regularly run into sites that REQUIRE even tougher passwords to crack. I use sites that have different password checks to enter different areas of the same site.

How do I keep track of them all? If I told you I'd have to kill ya. muhahaha.

Using the same password user name combination on many sites is a recipe for disaster. But the number of people who still do that is unbelievable!

Thanks,

Storm Raven

Very well then. I'll try 16 char passwords. LHammonds, I %100 trust you that you are mature enough to avoid messing around with people's profiles. Why would I ever think it's you? You and Buddah are the best moderators I've ever known.

If this involves a keylogger, then I guess it's all reasonable. I switch my passwords randomly 6 chars each, but if you think 16 character will do, I'll perform this action.

Well, you asked if it was a mod/admin about 4 times in your 1st post. As Buddah has said, we can only say for certain whether or not if "we" ourselves have done anything. Just letting you know it wasn't me since nobody else could say that for me.

It wouldn't hurt since you've been hacked once already.

LHammonds

SMF forums has a moderation log that will show all actions taken by mods/admins. You should check to see if IP.Board has this too to rule out any such involvement.

Lord Slyther,

Edit out your ip info. Posting your ip publically is never a good idea. If you think you're being hacked, it's certainly the last thing you should do...

Oh, are you kidding me?! I'm also hearing from other people we have a hacker. I thought you were right about this, buddah, but it seems we were wrong. There is a big problem. First, my info gets messed around with by some attacker, then suddenly, the other guy says he didn't make that post, and it could be an spam advertiser. Now it's a real big problem.

I just heard this today, and I have a feeling this forum is being seriously attacked by who, we do not know. If the Nexus gets destroyed by this hacker, God help us all....

rawrn00b, if you're lying about this, read the Terms of Conditions. If it's the same hacker who did this to you, then I would recommend you have a 16 character password. The keylogger could have a chance to get into your account if your password is weak.

I am seing this for the first time...seems like a big problem to me.

Who would do this to Nexus and why???

I hope he is proud of himself...because if I were him I wouldn't.

Maafiaman

Ah ha!!! Just found out it was you. Gotcha now sucker!

Just kidding. Please post direct links to posts supposedly made by somebody else other than the profile owner and I will look into it.

Thanks,
LHammonds

Allow me to inject (no pun intended) some reason into this thread:

1. TES Source gets hacked monthly, and maybe even every couple of weeks.
2. "Someone else must've written it!" is about as believable as "the dog ate my homework."
3. Automated attacks are cheaper and more feasible than manual ones, by many orders of magnitude.
4. If someone were putting spam on forums via an automated attack, the text of the message would get hits on Google. Back when threads started by spambots were common on this board and weren't deleted instantly, the first responding post would often be to a Google results page.
5. Registering a new account is faster and easier than hacking into someone else's account---again, by many orders of magnitude.
6. A random stranger on the Internet doesn't stand to gain very much by messing with your head; also, any hacker skilled enough to gain control of two accounts in two seemingly unrelated instances probably has more important things to do.

Say it isn't true, MB!

Well, that would be the rate back from when the site was called TES Source, with an added fudge factor for time. In this post-9/11 world, I really don't know or want to know what the numbers for that are. Please correct me if you see fit---or is a webmaster's rate of attack like a woman's age?

LOL....you scared the crap outta me :S. First I tought that you mean it . Whew...after that I read the kidding part. Then I relaxed

Cheers

Maafiaman

I think that your being a bit melodramatic here MB....

My God! We haven't had this before! Dark0ne, I recommend contacting the nearest agencies possible.

Please don't tell me the nexus is cursed...

Marxist B just loves to stir the pot, I am becoming familiar with his style now.

Darkone's response is quite Tongue in Cheek.

Well I just read the post before you locked it down, and no **** you locked it down. I'm beginning to think there is a shadow behind the nexus, stalking the next users, I'm hoping it wouldn't be a moderator's account hacked. Imagine the terror if a mod's account was hacked!

P.S. I'm going to discuss this matter alone with Dark0ne, since I was the first one to experience the hacking. I believe he knows what to do.

Now give it a rest the poster rawrn00b is a ghost user i.e. loges in from many different places (I am one myself), I have just checked and he has posted from no less than 10 different ip addresses, if anyone of these was a public login (Internet Cafe), school or public library and he left the connection acrtive anyone could have used it, and I only went through the first dozen or so posts in his history.

You are getting worked up over nothing. I closed that topic as I considered it a nuisance and contrary to the smooth operations of the forums, and it was reported as troublesome by other forum members, that is why there is a report button.

Would you rather I make a baseless decision on the integrity of a member or accept his word, I personally will take someone''s word until such time that he proves himself to be untrustworthy.

Darkone, is quite confident in his admin and moderators, if he wasn't we wouldn't be here as we serve at his pleasure and for as long as he allows.

I apologize for my excitement and mobility. I was shocked when I first saw it, but I also didn't know he was telling the truth. So if he gives us rock-solid evidence, then there could be a problem. If he's trying to cover himself as a result to that post, I'm sorry for the trouble.

Respectfully...
Lord Slyther

No problem, I checked the IP address which were sometimes from the same provider on a couple, but he has used multiple providers on his posts, much like myself. Most I do from home, but I have a wireless broadband enabled laptop, and where I have cell service I have highspeed access as well, but since I work in a 3500 square mile area I never get the same recorded IP address. I also force change my IP address at home from time to time, when you work for your ISP you learn lots of tricks.

Because of what I have to deal with on a daily basis, I sit behind three different firewalls, and have two virus guards on at all times, and two different sypware/adware sniffers as well. I also run two different scans a day.

I still do get a bug once in a while, the nature of the internet being what it is. But most are easy to deal with, I also keep a mirror of my HD on a second internal and a third [isolated] external. This allows me to reformat an infected HD, and restore from a backup in a short period of time.

Buddah

btw changing passwords while your mashine is still infected wont do you no good... maybe try to always use the onscreen keyboard to change them and then get rid of any trojans/loggers whatsoever asap (better format and reinstall)...
if you logged in from your buddies account who hacks halo and so on theres a good chance he himself is infected by a keylogger and you stepped in the trap even tho most loggers are
used for specific purposes (e.g. getting your halo login or cc details)
there are many traps in the internet... bots, hacks, email, basicly everything that seems to be to good to be true is a hack anyway...

by having a fair share of trouble myself with those retarded "wohaicanusethatscripttoforkrandompeoplespcup" kids without proper parenting nor pubic hair id say the above works quite well... the traps aswell as avoiding it

legal steps are close to being pointless as no sane judge would even start trial without somin above 100k$ involved... and even then most countries give a crap about it and the offender gets away with somin like 5h community service...

as to ip adresses changing - mind that not everyone uses a fixed ip anyway... many use proxies (very useful after 911 anyway) or dsl which changes the ip on each login...

I reside on a Bell South DSL with a fixed IP. Times they are a changing my friend and 80% of all IPs are fixed now.

not for me hehe
but well the other pond shore is always kinda different lol