[X] My Assistant

It's not *quite* that easy, but MM is thoroughly logged, so it shouldn't be too hard to script a reversal.

see guys? maybe i underestimated things a bit, but still... (IMG:[invalid] style_emoticons/default/biggrin.gif)

Shot in the dark.

I just noticed a couple of days ago that:

That both typos now point to the same IP. This has changed in the last couple of weeks I believe. That is in the Virgin British Islands but the registar for both domains is Vietnam. Also both close to expiration.

Do anyone here types the EH address into the address bar?

and most likely those typos have both an auth window which looks damn similarly to original EH, etc etc, uh?

snip

Just to be clear, I waited a while to see if anybody'd post. I would have given it back (IMG:[invalid] style_emoticons/default/smile.gif)

Gotta keep up with basic security. Use a password manager and don't reuse passes anywhere. No public wifi. No javascript whenever possible. Use bookmarks instead of typing urls. If you must use scripts and addons, they should be simple and do only one thing. Better: make them yourself.

see guys? maybe i underestimated things a bit, but still... (IMG:[invalid] style_emoticons/default/biggrin.gif)
and most likely those typos have both an auth window which looks damn similarly to original EH, etc etc, uh?

Yeah its usually either the latest panda script, bot script or a phishing website. Its interesting if it can be worked out.

I can't underestimate the way people can compromise their own computers. Though I wonder if it could be a legit java script attack of some sort.

just for those of you interested, mondomuneca said he would've waited a few days before even considering to sell them.


also, i cannot imagine how finding a couple of sequences of bits on an online game even begins to qualify as a fair comparison to vulturing a half-dead man. whoever thinks so, should really start to re-define their priorities.

i hope at least this is closed and we can return to theorycraft about such things happened.

First, in any law and jurisdiction I know of, and certainly in Europe, noone can take stuff from me that I legitimately bought in good faith, not even if it is proven that it was originally stolen, without a compensation.

You can only attempt to get compensation from the person who stole the stuff you bought, 'good faith' is not a protection, not in Europe. Nobody needs to compensate you for taking back stolen property, that is not the case anywhere.

the latest panda script

If it's this, then people falling for scams are 100% to blame. There's no need for such script.
And if someone has need for it, that means he shouldn't be able to access the site from his country in the first place, so he only has to choose a better VPN or just give up...

...

I've been using a Panda Script on Desktop for years, you hurt me, Santa (IMG:[invalid] style_emoticons/default/tongue.gif)

First, in any law and jurisdiction I know of, and certainly in Europe, noone can take stuff from me that I legitimately bought in good faith, not even if it is proven that it was originally stolen, without a compensation.

Here is the Law for you § 303 and § 290. From my country in EU

If you buy something or get something forgiveness that has been stolen or otherwise provided by a criminal offense, you may be penalized for healings.

Healing is punished under section 290 of the Criminal Code, and the sentence is a fine or imprisonment for up to 1 year and 6 months. The sentence may rise to imprisonment for 6 years when the shelter is of a particularly serious nature.

§ 303. Oh and you have give the items back, without getting your money back (IMG:[invalid] style_emoticons/default/smile.gif)

This post has been edited by Kuro Neko: Jan 9 2018, 00:27

There aren't any real-life laws that are applicable for the Bazaar in the HentaiVerse, nor is it relevant since the account selling it doesn't appear to have been hacked.

I've been using a Panda Script on Desktop for years, you hurt me, Santa (IMG:[invalid] style_emoticons/default/tongue.gif)

What is the panda script?

What is the panda script?

[github.com] https://github.com/Panda-Programming-Language/Panda

Looking at my current Credits, GP and Hath makes me feel so poor.

If I got a leaked account database,and I want to steal credits, in a large amount of account information, I will pick up the players who seem to be wealthy to do the password comparison. But in fact, it seems that some of the seemingly less rich players have become the target.If I do,I wouldn't waste time on them.

on the other hand,If it is the hijacking caused by the unsafe browsing environment,I think the victim will be hijacked more than EH account, but he chose to steal our credits, I think the average hacker will not be interested in credits. So It's clear that the perpetrator understands EH and HV.I think this can reduce the possibilities associated with insecure login environments such as unencrypted wifi,public computers (such as Internet cafes, companies),or unsafe VPN.

Another issue of concern is,this bad guy understands EH and HV,but maybe he is not a HV player.Because he stole all my item，but my high level upgraded equipments with soulbound was not be salvaged.This can get a lot of high value materials.That means thit guy just use the EH to view and get galleries or want to sell the credits for money.So he used to use EH and credits to download, but rarely play HV.

If it's sure that he doesn't rely on many attempts to log in,We have reason to believe he has a relatively accurate password basedate.

Combining the information above,I think the thief got our account password through a H-ACG website from China or app,the victims have used the same account and password as EH on this H-ACG site/app

I mean maybe the victims including me should share our account usage habits，make comparisons and find common ground.Cheak the password saving function or history of the browser will help you find something.

Now I'm thinking about whether I should to put my usege habit here or send it to Tenboro.

sorry about my poor english XD.

The thing is what I lost can be regain overtime, but this hijack really concerns me the security state of my Internet or just overall all my devices.
I'll post what I used to browse EH and maybe some expert can figure it out.
Firefox:
- AdBlock
- Image Search Options (I did used it on some e-hentai gallery image,maybe it will cause some data leak?)
Here is the other no so related plugins:
(IMG:[i.imgur.com] https://i.imgur.com/NfCHHlJ.png)
(IMG:[i.imgur.com] https://i.imgur.com/ZZiaJ8b.png)

Here is my second PC and the firefox:
- Adblock Plus
- MEGA
- Tab Session Manager
- Video Downloader Professional

I did use this script way way back:
[github.com] https://github.com/ccloli/E-Hentai-Downloader
However It has been a long time ago (3-4 years)

Tried these thing with my EH account as well:
[github.com] https://github.com/seven332/EhViewer
[github.com] https://github.com/DaidoujiChen/Dai-Hentai

Already fresh all the web browesr and changed password.
Any further steps I can take?


! And I did use the same user name and password on a lot of forum....

This post has been edited by Mrsuperhappy: Jan 9 2018, 16:03

! And I did use the same user name and password on a lot of forum....

It might be the cause. Hacker might have the database of one of those website.
You all can simply verify it if by checking , if all of you had same username and password on a common website.
Just share URL of common website of same password with each other or 10B , then you will know which website not to visit.
(that website might be of Chinese in origin.)
(IMG:[invalid] style_emoticons/default/biggrin.gif)

If that's actually the case, then this is related...

[xkcd.com] https://xkcd.com/792/

"Password entropy is rarely relevant. The real modern danger is password reuse."

It might be the cause. Hacker might have the database of one of those website.
You all can simply verify it if by checking , if all of you had same username and password on a common website.
Just share URL of common website of same password with each other or 10B , then you will know which website not to visit.
(that website might be of Chinese in origin.)
(IMG:[invalid] style_emoticons/default/biggrin.gif)

What is 10B means (IMG:[invalid] style_emoticons/default/huh.gif)
Well actually quite a lot.

Surely I miss a lot here but here is the most visit list:
[bbs4.2djgame.net] https://bbs4.2djgame.net/home/forum.php
[moeshare.com] http://moeshare.com
[www10.eyny.com] http://www10.eyny.com/forum.php
[www.9moe.com] http://www.9moe.com/index.php (AKA KF in China)
[bbs.sumisora.net] https://bbs.sumisora.net/
[yande.re] https://yande.re/post
[www.tsdm.me] http://www.tsdm.me/forum.php
[nyaa.si] https://nyaa.si/
[sukebei.nyaa.si] https://sukebei.nyaa.si/
[www.south-plus.net] https://www.south-plus.net
[bbs.kdays.net] http://bbs.kdays.net/index

So now I gonna change a bunch of passwords, that a lesson for me. (IMG:[invalid] style_emoticons/default/cry.gif) (IMG:[invalid] style_emoticons/default/cry.gif)

If that's actually the case, then this is related...

[xkcd.com] https://xkcd.com/792/

"Password entropy is rarely relevant. The real modern danger is password reuse."

Somewhat related....

Aside from using unique and random passwords everywhere, I also want to have unique email address everywhere. This helps with privacy, yada ashley madison yada.

Are there simple ways to do this (unique email address everywhere)? Hosting unique emails at my personal domain is beside the point, but managing a million gmail accounts is a pita. I've been using sneakemail, but it has recently been getting banned on services as a disposable email (unfairly, I should add).

This post has been edited by mozilla browser: Jan 9 2018, 10:38

What is 10B means (IMG:[invalid] style_emoticons/default/huh.gif)
Well actually quite a lot.

Surely I miss a lot here but here is the most visit list:
[bbs4.2djgame.net] https://bbs4.2djgame.net/home/forum.php
[moeshare.com] http://moeshare.com
[www10.eyny.com] http://www10.eyny.com/forum.php
[www.9moe.com] http://www.9moe.com/index.php (AKA KF in China)
[bbs.sumisora.net] https://bbs.sumisora.net/
[yande.re] https://yande.re/post
[www.tsdm.me] http://www.tsdm.me/forum.php
[nyaa.si] https://nyaa.si/
[sukebei.nyaa.si] https://sukebei.nyaa.si/
[www.south-plus.net] https://www.south-plus.net
[bbs.kdays.net] http://bbs.kdays.net/index

So now I gonna change a bunch of passwords, that a lesson for me. (IMG:[invalid] style_emoticons/default/cry.gif) (IMG:[invalid] style_emoticons/default/cry.gif)

[www.south-plus.net] do you know someone called E4？ He has built a personal copy of the EH website which often change the domain name.Did you use the register account on it same as EH using?

Are there simple ways to do this (unique email address everywhere)?

You almost surely already do this, but start out by only giving out a real email address when there's a legitimate need for the site to know it or for you to access the site long-term (and you care about your unique account), otherwise I'd use a random disposable one just to get you past the registration process.