MapleSEA under Hacking Crisis! Account Hack [2008]

News – AsiaSoft’s ongoing investigations and actions taken with regards to recent concerns

Dear Maplers,
We understand your frustrations regarding the recent irregularities and problems faced while playing MapleSEA, and sincerely apologise for the inconvenience caused to all players.
Recent in-depth investigations have revealed that we were under attack originated from China and to combat this problem, we have since upgraded our system and have taken the following measures:
.
1. Consulted and engaged experts from various technological and gaming fields
2. Blocked all IP addresses from China to prevent further hacking
3. Upgraded and reinforced the security systems within our game servers
.
Your understanding and feedback are essential to us, and will greatly assist us in monitoring our security enhancements. If you are still experiencing issues, please do not hesitate to contact us through Qbox and we will work to address your concerns.
.
-AsiaSoft Administrator(source)

.

Victim Testimonial on PlayPark Forums
[Delphinus] Believe it or not, this is wad i found out abt the recent hacking issues(ss-es included)
Almost certain HACKER works for ASIASOFT!!!!!!!!
Things to take note when you get hacked [SG]
kashdude got hacked at fm on 25/8/08 at 5.30-5.45pm of net worth 1.3787 billion
News – Rumours about Asiasoft Passport and the recent hacking cases

.

Measures you can take to reduce your chances of getting hacked

1. Try to stay low profile. Try not to mega too much, or set up shops in fm. The hackers are watching.
2. This is a bit extreme, but i think staying 24/7 online on ur character will prevent u being hacked.
3. Look out for one another! If you see your friend’s character logging in at weird timings or behaving suspiciously, track him/her! My friend (H333rmit) has found out the IGN of one of the hackers in Delphinus by tracking his BL who behaved suspiciously. I dunno how many are there, there shld be many. Other worlds shld follow the same steps and try to find out the hackers’ IGNs! Once you all find out, it makes it troublesome for them to hack, and it might make them give up, you will nv know. Unity is strength, guys.
4. Transfer away ur mesos and items to newly created accounts and IGNs. Do not keep it in high profile characters. You nv know when the hackers will change their methods of finding their targets.
.
In the light of all this, i hope that Asiasoft can do a double or triple check on the security measures of it’s servers and database.
Don’t tell us there is nothing wrong, THERE IS STILL SOMETHING WRONG! PEOPLE ARE STILL GETTING HACKED EVERY NIGHT! I know you guys are working hard, we all want this saga to end asap.
Mods, hope the above information helps a bit.

.

Extra Precautions to be taken (Source)

-issues regarding the W32.Gammima.AG are true. do a deep system scan and remove all possible infections asap. there’s no way u deny that the worm aint related to some causes of hackings.(just in case, do it)
-turn on your antivirus software n make sure they are fully operational n up-to-date
-do a trojan scan now and then.
-do not visit anonymous websites that u do not trust at this time being.(worm might spread through certain websites)
-do not login to MSSEA through PCs that are’nt yours OR u aint sure are safe.
-refrain from login into passport@asiasoft (though they assured us that the security for the website is invulnerable
-DO NOT ATTEMPT to top up @Cash unnecessarily, by PPC or S.A.M(who knows the info are’nt leaked while S.A.M connects to your account

.

SERIOUS CONSIDERATIONS IN-GAME

-DO NOT ENTER FREEMARKET UNNECESSARILY(dont risk your accounts for some cheap 500meso manaelixer or something)
-Stay LOW PROFILE ‘might’ do abit of help(dont walk in FM with ur storage and make investments. having expensive items in your store attracts hackers too cuz they know u’re rich)
-Refrain from buying EXTRAORDINARY CHEAP good items that are too-hard-to-believe-you-gotton-lucky.(rumours that items might be bugged must be taken into precaution)
-For god’s sake do not be so cheapo and loot items/mesos on on the floor anywhere in MSSEA.(items might be bugged, who knows?)
-DO NOT ENGAGE IN TRADES with some strangers who traded you.(info might be leaked while the trade is established)
-*Try not to set up stores* for the time being.(its kind of difficult for traders but they might have gotton info by just visiting your store or buying from your store)
-*MOST IMPT* Refrain from surfing FM Stores unless dasm urgent.(it might be possible that the hacker set up a store n upon your visit, traced your information)

.

Advice to Asiasoft: Temporary and Long Term Solution + Storage Locking System

Asiasoft should implement the “Storage Locking System” which is done in Hong Kong MapleStory, Korea and Taiwan MapleStory server to prevent hackers from transfering player’s belonging.
_
Asiasoft could also include a special NPC marker which protects MapleStory player’s belonging. This includes all equipments (weapon, armours, earrings), useable items (scrolls, potions, skill books, etc drops) and mesos.
_
Once the item is being marked via NPC marker, the item/drops could not be sold to NPC, could not be dropped nor trade. The amout of meso being safeguard could not be use to buy anything. After listing down the items to be safeguard by NPC, the owner’s IP address is recorded into MapleStory server along with the item being marked.
_
So, if a hacker tries to log into other player’s account and illegally tries to transfer those items, he will be required to make a date for transfer (the NPC marker will hold those items for 3 days and records that user IP address. An e-mail would be sent to the owner’s account to notify such activity. Within the 3 days period, the owner could log in and check the log transfer, and able to stop any transaction made during that time. The log transfer which has the recorded IP addresses would not be deleted if the transaction is being closed. The owner of the account can now use stored IP address to track the hacker, and lodge a hacking report with the details to Asiasoft and police.

.

.