Page 2 of 3 FirstFirst 123 LastLast
Results 21 to 40 of 50

Thread: So Many People Getting Hacked

  1. #21
    Lesser Wizard Aeios's Avatar
    Join Date
    May 2019
    Location
    Universe
    Posts
    369

    Default

    Quote Originally Posted by Ottowo View Post
    The first is that they have a very easy password to guess/gave it away/live with a relative.
    Yeeet! My password is very long, it is a combination of Small and Capital Letters, Symbols, and Numbers. To keep my account safe and secure.

    I also activate my AAP.

    What you sow is what you reap

  2. #22
    Master Sorcerer GrowPixel's Avatar
    Join Date
    Feb 2018
    Location
    Gliese 581 d
    Posts
    1,255

    Default

    Quote Originally Posted by Aeios View Post
    Yeeet! My password is very long, it is a combination of Small and Capital Letters, Symbols, and Numbers. To keep my account safe and secure.

    I also activate my AAP.
    Actually AAP doesn't secure your accounts from HACKERS. It's just save you from normal players who trying to guess passwords or phishing websites(If you give your password to them).
    Legendary | 2013 | Epic Quest | Better Suggestion

    My Last Suggestion; Achievement Rewards Update!

  3. #23
    Master Sorcerer Bobotov's Avatar
    Join Date
    Feb 2013
    Location
    Florida
    Posts
    1,013

    Default

    Quote Originally Posted by Ottowo View Post
    Ok a few things:
    1. The recording thing may not necessarily work. It is very easy to edit videos, and support won't be able to accept this as proof of your items. In fact, they will just refer to the logs - so no need to worry about that.
    2. Often times, people who have been hacked occurs for one of three reasons. The first is that they have a very easy password to guess/gave it away/live with a relative. Second, the person has downloaded a keylogger through some shady Growtopia related download. Third, and most recently, from joining private servers. They are a huge security issue, so it should be evident not to get involved with this stuff.

    People aren't "hacked" because we have some supreme top-government hackers looking for Growtopia accounts, nor are general virus downloads targeting accounts (they are more worried about your credit card), it is usually from the few things I had outlined above.
    I talked to my I.T teacher about all this last week. He said that websites, if they have the feature or if they want, can log MAC address. Same with private servers as well. Honestly, I played a couple one time, and I eventually found out that moderators of them and the owner can log IP addresses and MAC addresses as well, and the owner can execute .exe files or other things to your computer. It’s also very easy to spoof your Mac address as well. I don’t think you even need a program, you can also do it via windows' "change adapter settings." (i think)

    I did also talk with an owner of a private server on all this. We had an interesting conversation about if it's possible that the owner can force RDP (Remote Desktop Protocol) and take control of your computer. I said that it might be possible, but the person has to have windows professional or enterprise versions of windows and have RDP enabled and/or port 3389 open.

    (These are screenshots of Windows defender firewall i took)

    https://i.imgur.com/sqtPUoo.png
    https://i.imgur.com/hmnVbYd.png

    When I found out that people were getting hacked even with AAP on, my main theory was that the person hijacking the account was using a new or old database breach that happened to the forum some time ago, or they’re using brute forcing techniques followed by spoofing their MAC address. (There are most likely other ways that someone can get a mac address of someone else that I don't know about)

    Someone else in this thread already pointed that one out.

    And I found out that they (private server owners and growtopia cheat creators) can also steal certain file as well. Specifically the save.dat file, which contains your username and password and can be easily decrypted.

    (I have a high interest in security and i'm into all this stuff )

    Please do correct me on things if I am wrong.

  4. #24
    Master Sorcerer Gooseneck's Avatar
    Join Date
    Dec 2014
    Location
    Winston Salem, NC
    Posts
    2,822

    Default

    I have invited many hackers to just do it already since they threaten to do it. Still haven’t been hacked. Been put on a hit list of 20 players a guy was suppose to hack, I said then do it, still hasn’t happened. Players say I have your IP, get ready to be hacked, I say OK, nothing happens. I’m sorry, but the ones being hacked are doing something to open the door to hackers. Maybe .0001% is actually hacked by doing absolutely nothing to compromise their account. I have been a target for years, so I don’t believe players are just randomly hacked.

    Started game June 2013 and Forums August 2013
    Old IGN and forum name Ngreenwood74
    Created NASDAQ with my good friend Queenburt
    IGN: Gooseneck Level: 100
    Hours Played: 10,000
    Punched:25.5 million times!
    Guild: Slaves

  5. #25
    Serf
    Join Date
    Dec 2016
    Location
    Finland
    Posts
    1

    Default

    Yea, i just heard that 4 of my friends got hacked. This is so weird o.O
    Dr.Malard
    Level: 83
    Guild: Queens
    Legendbot-009
    Dragon of Legend

  6. #26
    Lesser Wizard Aeios's Avatar
    Join Date
    May 2019
    Location
    Universe
    Posts
    369

    Default

    Quote Originally Posted by GrowPixel View Post
    Actually AAP doesn't secure your accounts from HACKERS. It's just save you from normal players who trying to guess passwords or phishing websites(If you give your password to them).
    Well, at least..

    What you sow is what you reap

  7. #27
    Master Sorcerer MineDeath's Avatar
    Join Date
    Nov 2017
    Location
    Planet Malaysia
    Posts
    1,539

    Default

    Quote Originally Posted by NekoWolf View Post
    Not sure if anyone's made a thread similar to this but- Why are so many people getting hacked lately? I've heard of 3 people who have been hacked in the last 24hrs. What's going on..? Are we even safe anymore? I believe all 3 had aap on too.
    -
    Here's what you should do:
    Just to be safe, you should record a video of your gt character with all your valuable items (Wearing or tapping in the inventory) while doing /time. That way if you ever do get hacked, you have evidence that you owned those items. Make sure AAP is enabled! I don't think the support team can help you if it's not enabled! Buy those password safe vaults. Who knows, they may actually help in keeping your items safe while you're offline, or even playing, atleast for the time being. Put them in your most valuable worlds, as they make the world untradable. Take a video of all your worlds when you wrench yourself too, just in case. Also, it may be a good idea to change your password now- both GrowID & the email you use with it. [Be careful though, if there's even a slight possibility that you've been keylogged, do not do this & instead, take a look at your device for any signs of keylogging].
    -
    What Now?
    Just stay safe everyone. Hopefully there's an explanation for these people getting hacked in such a similar time frame. Take extreme caution when clicking suspicious links & downloading files. Do whatever you possibly can on your account to keep your items & account safe.
    I'm pretty sure they weren't careful enough when checking their facts and would have carelessly crossed paths with a malicious link that was capable of stealing their accounts information. That's why it's always important to be careful on literally whatever link you choose to visit, because sometimes, all it takes is a little tap. Either way though, try enabling dual account protection on ur Growtopia account, and it might lower ur chances of getting hacked if someone suddenly figures out your password.
    IGN - MineDeath
    If Anything is possible, then it's possible for it to be impossible for anything to be possible! .
    Instagram:
    Instagram Link!
    Discord:
    Discord Link!

  8. #28
    Lesser Wizard
    Join Date
    Jun 2018
    Posts
    309

    Default

    You mostly get hacked if you are trying to hack growtopia, or get free stuff in growtopia, or play private servers.

    It's obvious, 'autofarming tools' and anything you download from a website is something that is trying to steal your information. Even if its not tools like that are illegal.
    ID: EYoshy
    World: EnchantedYoshi

    Come Join Secret Santa 2019!



  9. #29
    Master Sorcerer Pokekid123's Avatar
    Join Date
    Aug 2018
    Location
    Singapore
    Posts
    2,510

    Default

    Quote Originally Posted by EnchantedYoshi View Post
    You mostly get hacked if you are trying to hack growtopia, or get free stuff in growtopia, or play private servers.

    It's obvious, 'autofarming tools' and anything you download from a website is something that is trying to steal your information. Even if its not tools like that are illegal.
    Pretty sure that’s not the case for most of them...
    "If you are the smartest person in the room, then you are in the wrong room." - Confucius

  10. #30
    Master Sorcerer NekoWolf's Avatar
    Join Date
    Dec 2017
    Location
    ?!
    Posts
    1,065

    Default

    Quote Originally Posted by Ottowo View Post
    Ok a few things:
    1. The recording thing may not necessarily work. It is very easy to edit videos, and support won't be able to accept this as proof of your items. In fact, they will just refer to the logs - so no need to worry about that.
    2. Often times, people who have been hacked occurs for one of three reasons. The first is that they have a very easy password to guess/gave it away/live with a relative. Second, the person has downloaded a keylogger through some shady Growtopia related download. Third, and most recently, from joining private servers. They are a huge security issue, so it should be evident not to get involved with this stuff.

    People aren't "hacked" because we have some supreme top-government hackers looking for Growtopia accounts, nor are general virus downloads targeting accounts (they are more worried about your credit card), it is usually from the few things I had outlined above.
    Ohhh ah that makes more sense. Now I can delete my 283717 videos. But seriously- just be safe when browsing the web, you never know what may get into your device
    ❄️ NekoWolf ❄️
    -
    My heart belongs to dragons 🐉
    -
    Worlds:
    [🔑] GroupEscape [If you like puzzles, this world is for you!]
    [🎃] HalloweenEscape [Same with this one! Just a bit spookier.]
    [🥳] TheMenorah
    -
    PFP: topazi 😭😭

  11. #31
    Master Sorcerer Lopyhupis's Avatar
    Join Date
    Jan 2019
    Location
    Lidl (Kesa on crazy)
    Posts
    1,425

    Default

    Fun fact, you can embed a virus into a JPEG Image, my point is that malware is Scary AF stay away from the dark corners of the internet and make sure that you have an updated antivirus.

    ——>Proof That .Jpeg Or Any file type can be used as a virus deployment method https://www.bullguard.com/blog/2018/...es-and-malware
    Found this XD
    Quote Originally Posted by Seth View Post
    My bad, forgot Growtopia is a mobile game as well.
    CHEAP STUFF IN LOPYSHOP

    FREE DAILY BFG IN LOPYBFG

    PLAYER INSURANCE.

    https://www.growtopiagame.com/forums...ayer-Insurance


  12. #32
    Master Sorcerer Bobotov's Avatar
    Join Date
    Feb 2013
    Location
    Florida
    Posts
    1,013

    Default

    Quote Originally Posted by Lopyhupis View Post
    Fun fact, you can embed a virus into a JPEG Image, my point is that malware is Scary AF stay away from the dark corners of the internet and make sure that you have an updated antivirus.

    ——>Proof That .Jpeg Or Any file type can be used as a virus deployment method https://www.bullguard.com/blog/2018/...es-and-malware
    Had the same thing happen years ago and my steam account got hijacked. I use ESET and if I fear that I have any sort of rookit or keylogger, I boot into Hiren’s bootcd and run malwarebytes and ESET online scanner.

    Hiren’s is a great tool that contains a lot of troubleshooting and diagnostic tools. Such as data recovery, wiping windows login passwords, and other stuff.

  13. #33
    Master Sorcerer QueenChloe's Avatar
    Join Date
    Dec 2017
    Location
    Off
    Posts
    1,742

    Default

    Quote Originally Posted by NekoWolf View Post
    Ohhh ah that makes more sense. Now I can delete my 283717 videos. But seriously- just be safe when browsing the web, you never know what may get into your device
    Hah, yea videos are useless cause i could rec vid now and sell items after. Also ppl can change items on their own screen, so if you use some token item in vid, i could be some cheap item in reality.

    But well, some ppl threatened me too in past year and my answer is: go for it. If you want hack me, then do it. If they could hack who ever they want, they would hack many rich player before they would even be interested about my wls. So if there would be hackers who can hack who ever they want, then maybe Jamew and dudes like he should be more scared than ppl with few dls. Why they hack mostly poor or semi poor ppl and never super rich ppl? Maybe, cause rich ppl secure their accounts? Idk reason, but for real, have seen many few wl owners or few dl owner getting hacked, but why not super rich famous ppl? There has to be some reason..
    Level: 125
    Main: QUEENCHLOEGT
    My first farm:CHLOESCASTLE
    Guild home: QUEENSGUILD
    Instagram: QueenChloeGT
    How we could fix famable economy: OPEN LINK HERE


  14. #34
    Master Sorcerer ezereal's Avatar
    Join Date
    Oct 2014
    Location
    Singapore
    Posts
    4,642

    Default

    Quote Originally Posted by Bobotov View Post
    I talked to my I.T teacher about all this last week. He said that websites, if they have the feature or if they want, can log MAC address. Same with private servers as well. Honestly, I played a couple one time, and I eventually found out that moderators of them and the owner can log IP addresses and MAC addresses as well, and the owner can execute .exe files or other things to your computer. It’s also very easy to spoof your Mac address as well. I don’t think you even need a program, you can also do it via windows' "change adapter settings." (i think)

    I did also talk with an owner of a private server on all this. We had an interesting conversation about if it's possible that the owner can force RDP (Remote Desktop Protocol) and take control of your computer. I said that it might be possible, but the person has to have windows professional or enterprise versions of windows and have RDP enabled and/or port 3389 open.

    (These are screenshots of Windows defender firewall i took)

    https://i.imgur.com/sqtPUoo.png
    https://i.imgur.com/hmnVbYd.png

    When I found out that people were getting hacked even with AAP on, my main theory was that the person hijacking the account was using a new or old database breach that happened to the forum some time ago, or they’re using brute forcing techniques followed by spoofing their MAC address. (There are most likely other ways that someone can get a mac address of someone else that I don't know about)

    Someone else in this thread already pointed that one out.

    And I found out that they (private server owners and growtopia cheat creators) can also steal certain file as well. Specifically the save.dat file, which contains your username and password and can be easily decrypted.

    (I have a high interest in security and i'm into all this stuff )

    Please do correct me on things if I am wrong.
    I kinda agree about what he said, iirc, if you own a web like you're an admin, you may have features in your web to record who visited the page from where and when.
    IGN is Ezereal now. Feel free to add me in game Also check out my new Art Instagram growtopia account here : https://www.instagram.com/ezerealgt/...d=qpen3zu2x9np

  15. #35
    Former Team Member Ayame's Avatar
    Join Date
    Sep 2019
    Posts
    206

    Default

    Hey everyone

    There are several simple steps you can do in order to insure your account is secure, first and foremost is to pick a strong and secure password for your account. Second, never tell anyone (not even your best friend or family member) your password, for any reason; also make sure to erase your password after you log out, if you are sharing a device with anyone or you are using a device in a public place like Internet Cafe or your classroom. You should also never enter your password on any random website that promises moderator positions or free gems - those are for sure phishing sites!

    As others already mentioned, you can also activate Additional Account Protection or AAP.

    We provided more information on how to protect your account here: https://support.ubi.com/en-GB/Faqs/000043321

  16. #36
    Master Sorcerer Bobotov's Avatar
    Join Date
    Feb 2013
    Location
    Florida
    Posts
    1,013

    Default

    Quote Originally Posted by Ayame View Post
    Hey everyone

    There are several simple steps you can do in order to insure your account is secure, first and foremost is to pick a strong and secure password for your account. Second, never tell anyone (not even your best friend or family member) your password, for any reason; also make sure to erase your password after you log out, if you are sharing a device with anyone or you are using a device in a public place like Internet Cafe or your classroom. You should also never enter your password on any random website that promises moderator positions or free gems - those are for sure phishing sites!

    As others already mentioned, you can also activate Additional Account Protection or AAP.

    We provided more information on how to protect your account here: https://support.ubi.com/en-GB/Faqs/000043321
    If I’m reading this correctly, it seems you’ve ignored the subject of this thread. Peoples accounts are being hijacked even with AAP on. A theory I though of is that their MAC address is being spoofed, or there is some exploit/bypass that you are unaware of.

    I’m pretty sure that the people who are being hijacked are likely not using their account in a public place, and the likelihood of someone at a cafe/public place with malicious intent is very small. I could be wrong, though. Maybe it is larger. I use a vpn all the time in public areas.

    Please go over this reply I made to a moderators reply in this thread.

    I talked to my I.T teacher about all this last week. He said that websites, if they have the feature or if they want, can log MAC address. Same with private servers as well. Honestly, I played a couple one time, and I eventually found out that moderators of them and the owner can log IP addresses and MAC addresses as well, and the owner can execute .exe files or other things to your computer. It’s also very easy to spoof your Mac address as well. I don’t think you even need a program, you can also do it via windows' "change adapter settings." (i think)

    I did also talk with an owner of a private server on all this. We had an interesting conversation about if it's possible that the owner can force RDP (Remote Desktop Protocol) and take control of your computer. I said that it might be possible, but the person has to have windows professional or enterprise versions of windows and have RDP enabled and/or port 3389 open.

    (These are screenshots of Windows defender firewall i took)

    https://i.imgur.com/sqtPUoo.png
    https://i.imgur.com/hmnVbYd.png

    When I found out that people were getting hacked even with AAP on, my main theory was that the person hijacking the account was using a new or old database breach that happened to the forum some time ago, or they’re using brute forcing techniques followed by spoofing their MAC address. (There are most likely other ways that someone can get a mac address of someone else that I don't know about)

    Someone else in this thread already pointed that one out.

    And I found out that they (private server owners and growtopia cheat creators) can also steal certain file as well. Specifically the save.dat file, which contains your username and password and can be easily decrypted.

    (I have a high interest in security and i'm into all this stuff )

    Please do correct me on things if I am wrong.
    (I see you Daewud. It'd be nice if you could not lock this thread. This discussion seems interesting and I want to hear back from Ayame).
    Last edited by Bobotov; 12-17-2019 at 02:01 AM.

  17. #37
    Administrator
    Join Date
    Jul 2017
    Posts
    21

    Default

    We understand you are concerned about being hacked. Rest assured we are taking all the necessary steps from our end to ensure security, but at the end your account security is in your own hands.
    As previously mentioned in this thread, I will re-iterate and add some best practices for you to follow to ensure your account is always safe.


    1. Never share your password with anyone.
    2. Enable AAP if not already done.
    3. Secure your email account with 2FA and strong password.
    4. Be careful while playing on public computer, make sure there are no key loggers to steal your password.
    5. AAP can give you additional layer of security, but it can't do much if your password, network or device is compromised.
    6. If you play on private servers, your account info goes to the private server owners, it is not safe practice to play on private servers and you might incur a ban and also getting hacked is easy in this case.
    7. Never click on phishing links and give your password.
    8. At the end, it's all about your password, keep it secure and hard to guess and your account will stay secure.



    ~
    nPlus1

  18. #38
    Lesser Wizard Aeios's Avatar
    Join Date
    May 2019
    Location
    Universe
    Posts
    369

    Default

    Because of these discussions, I re-checked my Yahoo Email and etc. I also activated 2FA because the scary vibe crawling on my skin.

    What you sow is what you reap

  19. #39
    Master Sorcerer UkyoKuonji's Avatar
    Join Date
    Sep 2017
    Posts
    1,479

    Default

    Bad grammar ( you have been warned)
    If you want to stay safe from keylogger you can download free version of Malwarebytes it is spyware/adware/idk tracker
    You must have another antivirus. Malwarebytes jobs is to scan and find malware only. Honestly idk how its works but i tried it before.

    If you want to visit any website/download stuff make sure you scan em using VirusTotal (online website scanner). Not all virus can be scanned tho...

    Cover is not the book
    So open it up and take a look
    'Cause under the covers one discovers
    That the king may be a crook

    For a cover is nice
    But a cover is not the book


  20. #40
    Master Sorcerer Bobotov's Avatar
    Join Date
    Feb 2013
    Location
    Florida
    Posts
    1,013

    Default

    Quote Originally Posted by UkyoKuonji View Post
    Bad grammar ( you have been warned)
    If you want to stay safe from keylogger you can download free version of Malwarebytes it is spyware/adware/idk tracker
    You must have another antivirus. Malwarebytes jobs is to scan and find malware only. Honestly idk how its works but i tried it before.

    If you want to visit any website/download stuff make sure you scan em using VirusTotal (online website scanner). Not all virus can be scanned tho...
    I use ESET smart security premium. I love it so far.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •