[X] My Assistant

Damn, I fucked up with the emoticon. I always disable that stuff, sorry about that.

In a nutshell, what likely happened here is all 16 of you got a script, willingly or unwillingly, that tried to collect all of your e-monies and turn it into shiny real life currency through some black market site. It's not the first time people attempt to resell stolen EH currency or even special accounts for real money cryptos (new era, better mafia tricks, yay securecoins).

If that was an accident and you can prove it, you may get a refund. If you attempted to break the rules using a dodgy script, the worst case situation is a permaban.

(I kinda doubt chung is stupid enough to do this - he's a renowned translator - so I'm leaning towards "accident" for at least some.)

tl;dr: Please see this directly with Tenboro.

Having the same problem.
All my GP had changed to Credit by the hijacker and transmitted. (IMG:[invalid] style_emoticons/default/cry.gif)
I wonder this will affect my HentaiAtHome Cilent as well.
I believe the support team will do the justice for me.
However I would like to know beside from changing the password, what should I look out for to prevent this from happen again?

lol same here
You guys sure it's not a security breach? (IMG:[invalid] style_emoticons/default/laugh.gif)

It maybe link up to Intel Meltdown&Spectre ...just maybe.
don't know if clean up the cookies and stop the plugins can help (chrome reset).

I don't know how those hijack works, maybe they will capture the new one right away,
but I think clean up cookies then change the password maybe the best solution.

I just found something about the session hijacks
Its like a 2side loophole, I guess, other than that is too technical to understand (IMG:[invalid] style_emoticons/default/anime_cry.gif)

now all my cpu power is pull to scan virus and malware...
But actually I won't install any unknown things, always take care when browsing ,not click into those fake downloads ads.

@AgentLillian
I never trust chinese software except a few other I trust.
Thanks for the suggestions.

The lockdown limited to all 16 Chinese accounts was manual as stated above.
Don't visit dodgy Chinese forums and stop playing the HentaiVerse. The minigame is bad for your health if you can't manage.

I'm not a heavy HV player and i never go to that forum
I earn GP from H@H and for gallery downloads ,thats it.

A breach limited to 16 Chinese accounts, with no indication of login attempts or password/email resets? Absolutely. My money is on some kind of script or plugin with a malicious payload, that either had limited distribution or that was posted in a Chinese forum.

I pretty sure that is a sniffing attack.
I don't install plugin/scripts that i don't know/trust.

@w45451212
A hacked sites always change i think

Many of us didn’t know each other. The BIG BROTHER is watching us?

The Big Brother is ALWAYS watching us (IMG:[invalid] style_emoticons/default/biggrin.gif)

Damn, I fucked up with the emoticon. I always disable that stuff, sorry about that.

In a nutshell, what likely happened here is all 16 of you got a script, willingly or unwillingly, that tried to collect all of your e-monies and turn it into shiny real life currency through some black market site. It's not the first time people attempt to resell stolen EH currency or even special accounts for real money cryptos (new era, better mafia tricks, yay securecoins).

If that was an accident and you can prove it, you may get a refund. If you attempted to break the rules using a dodgy script, the worst case situation is a permaban.

(I kinda doubt chung is stupid enough to do this - he's a renowned translator - so I'm leaning towards "accident" for at least some.)

tl;dr: Please see this directly with Tenboro.

Eh I don't even care much for HV or credits stuff, I have way more important stuff to do (like translating Chinese cartoon porn lol)

Though the possibility of another Chinese site getting hacked is pretty high now that I look at it with anecdotes given by w

I'm not a heavy HV player and i never go to that forum
...
I pretty sure that is a sniffing attack.

This is the first time I hear of that site.


Um... I don't think so.
We are not from the same region, and network, of course.
It's not easy to sniff across regions such as China and Taiwan.

Did you use the same password in any Chinese site, like baidu (百度) or weibo (微博)?

Eh I don't even care much for HV or credits stuff, I have way more important stuff to do (like translating Chinese cartoon porn lol)

Though the possibility of another Chinese site getting hacked is pretty high now that I look at it with anecdotes given by w

I don't care either.
But I do not run H@H now, due to the law in my country.
And I earn credits slowly by clearing arena each day.
If those credits are gone, I may not have enough credits for donation (translator or someone else). (IMG:[invalid] style_emoticons/default/laugh.gif)

This post has been edited by w45451212: Jan 8 2018, 19:17

If those credits are gone, I may not have enough credits for donation (translator or someone else). (IMG:[invalid] style_emoticons/default/laugh.gif)

Gimme all of your delicious eh shekels (IMG:[invalid] style_emoticons/default/laugh.gif)

pretty sure admin is checking things, will flag some checks, tick some boxes and situation will be reverted.

as you may (or may not) know, the more a site is renowned, the bigger of a candy is for hackers - and this site is quite well known, within the H community. please be patient and follow the normal security procedures (IMG:[invalid] style_emoticons/default/smile.gif)

A breach limited to 16 Chinese accounts, with no indication of login attempts or password/email resets? Absolutely. My money is on some kind of script or plugin with a malicious payload, that either had limited distribution or that was posted in a Chinese forum.

Are you sure? My account was affected as well and it's not a Chinese account. (IMG:[invalid] style_emoticons/default/sad.gif)

A breach limited to 16 Chinese accounts, with no indication of login attempts or password/email resets? Absolutely. My money is on some kind of script or plugin with a malicious payload, that either had limited distribution or that was posted in a Chinese forum.

Does this guy try to log in many other accounts?
If so then he may have an account database.
If he was directly and accurately logged in to our account，i think the victims should explore what they have in common. We need to know each other, and try to explore something that will happen only in China.

Are you sure? My account was affected as well and it's not a Chinese account. (IMG:[invalid] style_emoticons/default/sad.gif)

Okay now this is getting weird

Okay now this is getting weird

Not quite, data packet always have to go throw some checkpoint e.g. in Asia Singapore/HongKong/Japan
If there is any hackers want a specific thing, in this case the eh account, just filter it analyse it ,then we are the victims.
Just I think ,not sure is 100% true.
As i said maybe this is relation to the Intel meltdown.
I don't know the whole picture in this case except we all lose what we earn and transferred to an unknown account.
Nobody wants to get robbed...

This may be or may be not related to all that, but some minutes ago I was looking in Item Shop, when suddenly someone dumped there a full collection of old trophies and 21 stuffers !

I bought everything I could, obviously.

If Tenboro checks in his logs, maybe he can tell if it was a legitimate selling or not, but in any case I was buying from Bazaar in good faith, so even if he can trace back those sellings to hacked account, get ready to pay something for them (I paid for them the Bazaar price, but I'd expect something more, fair warning! )

@Tenboro : or you could just tweak the database and make them "disappear" from my inventory, but I'd expect to get at least my credits back as a minimum, and possibly some "bounty-like" premium.

@Tenboro : or you could just tweak the database and make them "disappear" from my inventory, but I'd expect to get at least my credits back as a minimum, and possibly some "bounty-like" premium.

I would think Tenboro would just check the database logs and rollback the transactions so that neither you nor the impacted account owner would be screwed.

omg the greed (IMG:[invalid] style_emoticons/default/laugh.gif)


Anyway, to all the victims here, do you happen, by any case, to have an "easy name" wifi connection?

A lot of scammers like to name their wifi connections with "easy names" and leave them unprotected (no password), usually mobile wifi connection does not check if the wifi is the same as the one you connected the first time, but only if the name is the same, therefore if you have a home connection/random wifi you connected time ago saved on your device with the same name, it will connect to that if you happen to pass by.

Usually that's the way they rob info from you. You, unaware, use your phone/laptop using their wifi, and everything you do is copied byte by byte from the thief.

I would think Tenboro would just check the database logs and rollback the transactions so that neither you nor the impacted account owner would be screwed.

He could do just that, if he wants, obviously. I wouldn't necessarily see it as "fair", though.

Everything in this game is based on luck (under the form of RNG) and time invested in playing.
I got those item legit, by investing my time (I'm repeatedly checking the Item Shop like a hundred times a day since a couple of days ago someone reported in another thread of a Tenbora's box he had got in Bazaar, and Scremaz answer was "it happens"). And being lucky, obviousdly (it happened, but it could well not happen).

So why should I be penalized, for being too lucky? He can just as well give the stuff back to where it was, without taking it away from me, since it's all virtual to him anyway.

Besides, when someone screw his junk sellings and bazaar some Legendary Power or other stuff, those lucky ones that get it keep it; Ithink this is just the same (from my side, obviously . from the side of the guy who's been hacked, if it's really so, is different. But why that should impact me, do tell me please.)

...

Why should that impact you?
In real life, that's called receiving stolen goods, and it's breaking the law, for which you could be arrested (IMG:[invalid] style_emoticons/default/tongue.gif)

just had to check, because you know..
My credit log has definitely seen better days.

Not even sure why I still buy that junk.

@mundomuñeca
Are you really serious?
So because you spend your live playing this game it makes it legitimate for you to buy stolen stuff? I know that in this world the misfortune of one makes the happiness of others but must not be exaggerate. You talk to us about time invested and a "fair" decision, these people have also invested time in this game, luck has nothing to do in this case, a malevolent individual has just hacked their account. Your attitude is like someone shooting on you in the street and instead of helping you I take your wallet and I let you die in your blood and shit, because you see I'm "too lucky".

Edit: This thread is not intended for this, as a result I will defend my point of view by PM with the interested for the continuation.
And yes my comparison was not the best taste but that's what it this post evoked me on the moment. If some people were shocked, I'm sorry for that.

This post has been edited by Mysael: Jan 8 2018, 23:56

pretty sure admin is checking things, will flag some checks, tick some boxes and situation will be reverted.

It's not *quite* that easy, but MM is thoroughly logged, so it shouldn't be too hard to script a reversal.

Are you sure? My account was affected as well and it's not a Chinese account. (IMG:[invalid] style_emoticons/default/sad.gif)

From the account list, most seemed to be Chinese. I'm looking at a few leads, but I can't confirm a particular attack vector yet.

If Tenboro checks in his logs, maybe he can tell if it was a legitimate selling or not, but in any case I was buying from Bazaar in good faith, so even if he can trace back those sellings to hacked account, get ready to pay something for them (I paid for them the Bazaar price, but I'd expect something more, fair warning! )

There's no evidence of any further account compromises, but even if they were, those wouldn't just disappear from your account.

Shot in the dark.

From the account list, most seemed to be Chinese. I'm looking at a few leads, but I can't confirm a particular attack vector yet.

I just noticed a couple of days ago that:

CODE

[me@phoenix ~]$ dig e-hnetai.org A

; <<>> DiG 9.11.2 <<>> e-hnetai.org A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20722
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;e-hnetai.org.            IN    A

;; ANSWER SECTION:
e-hnetai.org.        299    IN    A    199.191.50.73

;; Query time: 156 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 08 20:56:49 GMT 2018
;; MSG SIZE  rcvd: 57

[me@phoenix ~]$ dig e-henati.org A

; <<>> DiG 9.11.2 <<>> e-henati.org A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9549
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;e-henati.org.            IN    A

;; ANSWER SECTION:
e-henati.org.        299    IN    A    199.191.50.73

;; Query time: 160 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 08 20:56:57 GMT 2018
;; MSG SIZE  rcvd: 57

That both typos now point to the same IP. This has changed in the last couple of weeks I believe. That is in the Virgin British Islands but the registar for both domains is Vietnam. Also both close to expiration.

Do anyone here types the EH address into the address bar?

@mundomuñeca
Are you really serious?
So because you spend your live playing this game it makes it legitimate for you to buy stolen stuff? I know that in this world the misfortune of one makes the happiness of others but must not be exaggerate. You talk to us about time invested and a "fair" decision, these people have also invested time in this game, luck has nothing to do in this case, a malevolent individual has just hacked their account. Your attitude is like someone shooting on you in the street and instead of helping you I take your wallet and I let you die in your blood and shit, because you see I'm "too lucky".

First, in any law and jurisdiction I know of, and certainly in Europe, noone can take stuff from me that I legitimately bought in good faith, not even if it is proven that it was originally stolen, without a compensation.

For me to be responsible, and therefore to be confiscated without indemnation and prosecuted, you have to prove not just that the stuff I own was stolen but also that I bought it knowing that it was illegitimately owned by the one from which I bought it.

Secondly, your paragon is completely flawed. Physical items can (obviously) be owned only by one or the other of the two parties involved, and that's why legislation gives some imdemnity rights to the "unknowing third" that bought in good faith. Here items are immaterial, they can just be given to both (innocent) parties.

Not to speak that if you rob a shooted man, you're obviously participating in a crime with full knowledge of it, which is such a compleetely different thing that I donìt even know why you should bother to cite such a case.

Think before you speak (or write), that's my simple counsel, or get a lawyer (IMG:[invalid] style_emoticons/default/smile.gif)