bubu 0 Report post Posted March 18, 2017 As the title suggests, I was hacked (definitely not on my end), and now i'm naked with 41 copper. GMs unbanned me, but the road back to killing stuff my level will be incredibly long. Is there any way to roll back my toon? 0 Share this post Link to post Share on other sites
Shiamorah 20 Report post Posted March 18, 2017 No, unfortunately there isn't much you can do to get your stuff back. I would suggest utilizing your professions or farming low leveled instances to get enough money, and then buy some greens off the AH. Additionally questing in your level can assist you in getting back your gear. Hope this helps! 0 Share this post Link to post Share on other sites
thecrazyscot 16 Report post Posted March 18, 2017 It's a good thing hackers aren't as much of an asshole as they could be. They could get rid of professions while they are in there stealing everything. That would really suck. What server and faction are you? 0 Share this post Link to post Share on other sites
bubu 0 Report post Posted March 18, 2017 I'm Alliance on Darrowshire. lvl 45. Luckily my professions are still good. I'm just missing my 160+ shadow/spell damage gear and the 70g I had on me. Oh and they sold all my bags, including my soul shard bag. It kind of sucks that the GMs don't offer rollback services for characters like Live does. The hackers/gold farmers seem to be targeting Elysium pretty hard and 2-factor authentication needs to be mandatory. I realize Elysium is free and i'm lucky to play at all here, but they are 100% responsible for people's passwords being stolen from their server. 0 Share this post Link to post Share on other sites
Shiamorah 20 Report post Posted March 18, 2017 3 minutes ago, bubu said: I'm Alliance on Darrowshire. lvl 45. Luckily my professions are still good. I'm just missing my 160+ shadow/spell damage gear and the 70g I had on me. Oh and they sold all my bags, including my soul shard bag. It kind of sucks that the GMs don't offer rollback services for characters like Live does. The hackers/gold farmers seem to be targeting Elysium pretty hard and 2-factor authentication needs to be mandatory. I realize Elysium is free and i'm lucky to play at all here, but they are 100% responsible for people's passwords being stolen from their server. Now you are 100% incorrect there. Elysium has never experienced a database leak. People's passwords aren't leaked. 0 Share this post Link to post Share on other sites
bubu 0 Report post Posted March 18, 2017 (edited) 29 minutes ago, Shiamorah said: Now you are 100% incorrect there. Elysium has never experienced a database leak. People's passwords aren't leaked. You know that for a fact? 100%? Wow, even people who monitor servers around the clock with millions of dollars in IT budget get hacked and their password files stolen and subsequently hashed. Your response sounds like a reactionary response with absolutely no backing. I'll humor you though, let's go over my internet status. My username/password is nowhere to be found other than Google chromes password backup and on Elysium's servers. None of my other accounts on any other games, bank accounts, emails, websites, work connections, etc. have been ever stolen. These accounts have actual value and get used significantly more often across multiple computers. Most of these accounts do not have 2-factor authentication. Google's password storage is used by hundreds of millions of people and they have millions or even billions of IT budget to protect these passwords. Elysium does not. Occam's razor brings me to the conclusion that Elysium servers have been hacked, password files have been stolen, and are currently being decrypted by people who wipe accounts clean. No company/game developer ever admits that their security was breached and most people don't even know when it happens. You won't change my mind on this without some actual evidence. In case you don't believe me, here is a video showing just how easy it is to decrypt passwords once you have the necessary files. Edited March 18, 2017 by bubu 0 Share this post Link to post Share on other sites
Rumpelstiltskin 5 Report post Posted March 18, 2017 (edited) 32 minutes ago, bubu said: You know that for a fact? 100%? Wow, even people who monitor servers around the clock with millions of dollars in IT budget get hacked and their password files stolen and subsequently hashed. Your response sounds like a reactionary response with absolutely no backing. I'll humor you though, let's go over my internet status. My username/password is nowhere to be found other than Google chromes password backup and on Elysium's servers. None of my other accounts on any other games, bank accounts, emails, websites, work connections, etc. have been ever stolen. These accounts have actual value and get used significantly more often across multiple computers. Most of these accounts do not have 2-factor authentication. Google's password storage is used by hundreds of millions of people and they have millions or even billions of IT budget to protect these passwords. Elysium does not. Occam's razor brings me to the conclusion that Elysium servers have been hacked, password files have been stolen, and are currently being decrypted by people who wipe accounts clean. No company/game developer ever admits that their security was breached and most people don't even know when it happens. You won't change my mind on this without some actual evidence. In case you don't believe me, here is a video showing just how easy it is to decrypt passwords once you have the necessary files. So you knew all this and you didn't activate 2fa when it was available? Your bank don't have 2fa, where do you live, in the 1950's? Edited March 18, 2017 by Rumpelstiltskin Just tired of ppl asking someone else to wipe their asses 0 Share this post Link to post Share on other sites
Shiamorah 20 Report post Posted March 18, 2017 28 minutes ago, bubu said: You know that for a fact? 100%? Wow, even people who monitor servers around the clock with millions of dollars in IT budget get hacked and their password files stolen and subsequently hashed. Your response sounds like a reactionary response with absolutely no backing. I'll humor you though, let's go over my internet status. My username/password is nowhere to be found other than Google chromes password backup and on Elysium's servers. None of my other accounts on any other games, bank accounts, emails, websites, work connections, etc. have been ever stolen. These accounts have actual value and get used significantly more often across multiple computers. Most of these accounts do not have 2-factor authentication. Google's password storage is used by hundreds of millions of people and they have millions or even billions of IT budget to protect these passwords. Elysium does not. Occam's razor brings me to the conclusion that Elysium servers have been hacked, password files have been stolen, and are currently being decrypted by people who wipe accounts clean. No company/game developer ever admits that their security was breached and most people don't even know when it happens. You won't change my mind on this without some actual evidence. In case you don't believe me, here is a video showing just how easy it is to decrypt passwords once you have the necessary files. They would know if their database has been compromised, and they definitely would tell players to change their passwords if it happened. The idea that they would cover up something like that is plain ridiculous. Here is a question for you - Have you ever played on any other private servers? Because there are many other private servers that no longer exist have their databases released and player information compromised. This is why they released 2-factor authentication, which any player with common sense who doesn't want their account compromised *cough* does. Just because passwords can be hacked doesn't mean that your password was hacked. 0 Share this post Link to post Share on other sites
bubu 0 Report post Posted March 18, 2017 2 minutes ago, Rumpelstiltskin said: So you knew all this and you didn't activate 2fa? When I made my account 2FA was not an option (at least I didn't see it). Like I said before, it should be mandatory and automatically applied to all accounts, not an option buried in an HTML control panel. Don't think that because I didn't turn on "extra" security features that it's my fault for the Elysium servers being hacked and passwords stolen. As I said before, MOST websites/games don't have 2-factor authentication and their user base is not plagued by mass account stealing. I realize I could have done more to protect myself from a company getting hacked, but the fact still remains ELYSIUM was most likely hacked and trying to argue with me that they didn't is ridiculous and useless. I have since enabled 2FA FYI. 0 Share this post Link to post Share on other sites
Shiamorah 20 Report post Posted March 18, 2017 2FA was released a month after the server was released, on January 9th. Additionally, there is a server message broadcasted to every single player every 20-30 minutes. 0 Share this post Link to post Share on other sites
Rumpelstiltskin 5 Report post Posted March 18, 2017 (edited) 24 minutes ago, bubu said: When I made my account 2FA was not an option (at least I didn't see it). Like I said before, it should be mandatory and automatically applied to all accounts, not an option buried in an HTML control panel. Don't think that because I didn't turn on "extra" security features that it's my fault for the Elysium servers being hacked and passwords stolen. As I said before, MOST websites/games don't have 2-factor authentication and their user base is not plagued by mass account stealing. I realize I could have done more to protect myself from a company getting hacked, but the fact still remains ELYSIUM was most likely hacked and trying to argue with me that they didn't is ridiculous and useless. I have since enabled 2FA FYI. Some time ago there was word going around that just about 2% of all accounts had activated 2fa. If that is true it it's rather strange that we only see a handful posts now and then regarding hacked accounts (if the db had been leaked (which contains encrypted passwords by the way)). My personal opinion is that the breaches are a result of: a) players giving away 50% of their credentials by having the same user name on various forums as for their game account in combination with weak passwords that is easily hacked through brute force b) players using the same credentials on multiple private servers making them more vulnerable to db leaks. c) the use off shady services (power levelling etc) or account sharing between "friends". d) RNG Anyway, I am sorry for your loss, I had the fortune to create my account after the 2fa option had been made available so I activated it from the beginning. I wish you luck in your efforts to get back on your feet again. Edited March 18, 2017 by Rumpelstiltskin Added option d 0 Share this post Link to post Share on other sites
thecrazyscot 16 Report post Posted March 18, 2017 3 hours ago, bubu said: I'm Alliance on Darrowshire. So am I. I'll send you 10g to help you out a bit but I really can't send more than that. What's your character name? 0 Share this post Link to post Share on other sites
Rumpelstiltskin 5 Report post Posted March 18, 2017 Just now, thecrazyscot said: So am I. I'll send you 10g to help you out a bit but I really can't send more than that. What's your character name? easy now, don't get the guy banned for buying gold now.. might be better to get in touch in game and buy some green gear and trade to him or something 0 Share this post Link to post Share on other sites
thecrazyscot 16 Report post Posted March 18, 2017 9 minutes ago, Rumpelstiltskin said: easy now, don't get the guy banned for buying gold now.. might be better to get in touch in game and buy some green gear and trade to him or something You may be right. I don't want to get banned or anything as a seller either. 0 Share this post Link to post Share on other sites
bubu 0 Report post Posted March 19, 2017 21 hours ago, thecrazyscot said: You may be right. I don't want to get banned or anything as a seller either. I thank you for the offer my friend, but like Rumpel said, it might be safer for us to not do that. I really do appreciate it though! I am slowly gaining gold to purchase some of my gear back. Thank you everyone for the helpful suggestions! 0 Share this post Link to post Share on other sites
Coltwashere 0 Report post Posted March 20, 2017 consider yourslef lucky i got hacked and all of my characters were deleted. 0 Share this post Link to post Share on other sites
smokeit 26 Report post Posted March 21, 2017 On 18-3-2017 at 4:05 PM, bubu said: As the title suggests, I was hacked (definitely not on my end), Hahahahahaahahahahahahahahahhahahahahahaahahahahahhahaha definitely not n my end hahahahahahaahahahahaahahaahahaahha AAAAAAAAAAAAAAAAAAAAAAAAAhaahahahahaahahahaahahaha thanks so much for the laugh dude :D 0 Share this post Link to post Share on other sites
Storfan 24 Report post Posted March 21, 2017 45 minutes ago, smokeit said: Hahahahahaahahahahahahahahahhahahahahahaahahahahahhahaha definitely not n my end hahahahahahaahahahahaahahaahahaahha AAAAAAAAAAAAAAAAAAAAAAAAAhaahahahahaahahahaahahaha thanks so much for the laugh dude :D Said every (L)user ever:D Source: Am IT. 0 Share this post Link to post Share on other sites
Amberwaal 5 Report post Posted March 21, 2017 Even if the account database would have been hacked, the passwords are not stored in plain text, but as hashes. It would be easier to bruteforce people's passwords than to "reverse hash" them. 0 Share this post Link to post Share on other sites
Storfan 24 Report post Posted March 21, 2017 11 minutes ago, Ambervale said: Even if the account database would have been hacked, the passwords are not stored in plain text, but as hashes. It would be easier to bruteforce people's passwords than to "reverse hash" them. Indeed. And again, IF they brute-forced your password they still wouldnt be able to do anything with it assuming you have 2FA:) 0 Share this post Link to post Share on other sites
