[X] My Assistant

(IMG:[i.imgur.com] https://i.imgur.com/XZCfn7k.png)
This is not me ,from 2018-1-7
My Account was hacked

Is there any admin can help me get the GP ,hath and credits back?
this is urgent

I just change my password

and what is message #1895422
Can admin check this message go to which account and ban that guy?

Please help!!

This post has been edited by reisherry: Jan 8 2018, 17:48

Go into hentaiverse and check your mooglemail log, it should say who the credits were sent to.

Go into hentaiverse and check your mooglemail log, it should say who the credits were sent to.

I cant access to mooglemail ,safety lockdown since that guy send the credits out.

If you're logged in on e-hentai, you should be able to access the hentaiverse too, it's just https://hentaiverse.org/

(IMG:[i.imgur.com] https://i.imgur.com/0iPljcC.png)
just locked...

doesn't help you, but in order to understand how the hack happened...

Did you have a poor / easily guessable password?

Was your computer or email hacked?

What else was done? Did your email / password get changed by the hacker, or did you do it yourself after you found out about the hack?

Where did you get the credits from?

Did you give your details to anyone or use any apps?

Shared account?

Its not one of the olde accounts from before lottery was fixed?

The account lockdown was manually applied, and is not because the email or password was changed. The accounts that received the items were all terminated before the items could be fenced.

Yours was one of 16 accounts affected, and due to its nature I believe they were session hijacks rather than the actual password being compromised. In other words, you were likely compromised by using a malicious script, or using an insecure proxy/VPN/shared environment. You might be able to shed some light on which of those that could have been?

doesn't help you, but in order to understand how the hack happened...
Did you have a poor / easily guessable password?
Was your computer or email hacked?
What else was done? Did your email / password get changed by the hacker, or did you do it yourself after you found out about the hack?

easily guessable password : well...yes,
sometime said the easy one is harder to guess, maybe not this time (IMG:[invalid] style_emoticons/default/anime_cry.gif)

no email hacked, fortunately

Where did you get the credits from?
Did you give your details to anyone or use any apps?
Shared account?
Its not one of the olde accounts from before lottery was fixed?

give/share no one....only i know ,
tell no friend about my account

The account lockdown was manually applied, and is not because the email or password was changed. The accounts that received the items were all terminated before the items could be fenced.

Yours was one of 16 accounts affected, and due to its nature I believe they were session hijacks rather than the actual password being compromised. In other words, you were likely compromised by using a malicious script, or using an insecure proxy/VPN/shared environment. You might be able to shed some light on which of those that could have been?

I think its a hijack...although I don't know how it works
not sure about malicious script ,I'm going to find something to scan my computer and browser completely.

Use no VPN ,no share network ,the LAN is personal use

Having the same problem.
All my GP had changed to Credit by the hijacker and transmitted. (IMG:[invalid] style_emoticons/default/cry.gif)
(IMG:[i.imgur.com] https://i.imgur.com/ytrGUzU.png)
I wonder this will affect my HentaiAtHome Cilent as well.
I believe the support team will do the justice for me.
However I would like to know beside from changing the password, what should I look out for to prevent this from happen again?

lol same here


You guys sure it's not a security breach? (IMG:[invalid] style_emoticons/default/laugh.gif)

I see a pattern here... Don't trust Chinese scripts or sites. If you see a funny post in the Chinese thread of diminishing quality or get a PM giving you access to some cool script, immediately report it.

Watered down list:
a) Never use plugins or scripts you can't check yourself. If you plan to use that, check source code, run in [en.wikipedia.org] sandbox. If you don't know code, learn.
b) Check device for malicious software. If found, secure device. If device cannot be secured, nuke from orbit.
c) Check browser for [www.cvedetails.com] vulnerabilities. Not exhaustive because publicly known list, but tells you what you should never use.
d) Check account for vulnerabilities. If you use home device, make sure you have [en.wikipedia.org] interesting data somewhere, with the real thing very unlikely to be targeted.
e) Check network for vulnerabilities. Have it raped on purpose and see how ISP/VPS host/VPN host/proxy fares. Always keep an eye on net logs.
f) Check servers for vulnerabilities. If you suspect there is 1+, you know what to do. Don't disclose publicly, no section is restricted. Ever.

Post compression algorithm courtesy of AntiVerboseJoe. Thanks Joe!

This post has been edited by AgentLillian: Jan 8 2018, 17:26

My account is also affected.
Most of my stuffs were sent through moogle mail.
I've changed my password and
I didn't use any proxy or VPN.
Easily guessed password... maybe not?
Of length 10 and consists numbers and alphabets, and the alphabets does not form a word in dictionary.
I don't think it's brute force attack.

The only thing I can come up with it the password it used in other sites.
And some of the sites were hacked, with the passwords were stolen. (Maybe weakly encrypted?)
So someone try the password here.

The only thing I can come up with it the password it used in other sites.
And some of the sites were hacked, with the passwords were stolen. (Maybe weakly encrypted?)
So someone try the password here.

Nah that'd be too much of a coincidence for that many people to be affected.

You guys sure it's not a security breach? (IMG:[invalid] style_emoticons/default/laugh.gif)

A breach limited to 16 Chinese accounts, with no indication of login attempts or password/email resets? Absolutely. My money is on some kind of script or plugin with a malicious payload, that either had limited distribution or that was posted in a Chinese forum.

A breach limited to 16 Chinese accounts, with no indication of login attempts or password/email resets? Absolutely. My money is on some kind of script or plugin with a malicious payload, that either had limited distribution or that was posted in a Chinese forum.

May I ask that what's wrong with the lockdown?
I change my password at about 16:00 p.m. Jan 7th UTC+8.
The lockdown will be over at 16:00 p.m. Jan 8th UTC+8.

But by the time, it showed it will be over at about 3:00 a.m. Jan 9th UTC+8.
And now it shows that

Account is in safety lockdown due to an email or password change - lockdown is lifted in 19 hours and 38 minutes

Why the lockdown time can increase? (IMG:[invalid] style_emoticons/default/blink.gif)





Edit:

Oh, I see the mail now...

This post has been edited by w45451212: Jan 8 2018, 18:48

The lockdown limited to all 16 Chinese accounts was manual as stated above.

Don't visit dodgy Chinese forums and stop playing the HentaiVerse. The minigame is bad for your health if you can't manage.

Many of us didn’t know each other. The BIG BROTHER is watching us?

I see a pattern here... Don't trust Chinese scripts or sites. If you see a funny post in the Chinese thread of diminishing quality or get a PM giving you access to some cool script, immediately report it.

Watered down list:
a) Never use plugins or scripts you can't check yourself. If you plan to use that, check source code, run in [en.wikipedia.org] sandbox. If you don't know code, learn.
(IMG:[invalid] style_emoticons/default/cool.gif) Check device for malicious software. If found, secure device. If device cannot be secured, nuke from orbit.
c) Check browser for [www.cvedetails.com] vulnerabilities. Not exhaustive because publicly known list, but tells you what you should never use.
d) Check account for vulnerabilities. If you use home device, make sure you have [en.wikipedia.org] interesting data somewhere, with the real thing very unlikely to be targeted.
e) Check network for vulnerabilities. Have it raped on purpose and see how ISP/VPS host/VPN host/proxy fares. Always keep an eye on net logs.
f) Check servers for vulnerabilities. If you suspect there is 1+, you know what to do. Don't disclose publicly, no section is restricted. Ever.

Post compression algorithm courtesy of AntiVerboseJoe. Thanks Joe!

I believe that some Chinese sites are hacked.
Otherwise, those vulnerabilities may also apply to others from different region.
I've keep the browser up to date.
If there's a 0day vul, the bad guy can do other things more meaningful, rather than steal credits and stuffs from HV.

My equipments were taken off.
Why did someone try to make me nude? (IMG:[invalid] style_emoticons/default/mad.gif)