This topic is closed

How can Plarium identify a "Hack"?

53 Replies
djmoody
23 September, 2017, 11:38 AM UTC

Don't want a load of flames on the thread. This thread doesn't need to be about anyone / league in particular just an unemotional, unrelated discussion of technical issues.

I was thinking about how Plarium would investigate a situation to tell the difference between a real hack and account sharing.

There may be some situations where a hack was obvious. For instance if a brute force attack was initiated (one where random passwords are tried until a log in is successful) Plarium would have the logs of the password failures and it would be obvious the account was hacked.

Far more likely though the hacker would have the password already having exploited a vulnerability elsewhere. This could be by getting a key logging trojan on the target's PC or laptop or by hacking passwords from a less secure environment and trying them on other websites (as most people maintain only a couple of passwords or even the same one everywhere).

So the chances are that a real hack of an account would look like a single log in. The only sign that is was a hack would be that the log in came from a different IP from usual.

This would seem to make it impossible to tell whether the account was hacked or account shared.

An account sharer would almost certainly use VPN to hide their identify for the log in of the attack. So a different IP from the typical IP's used on the account would show up. So the only data available to Plarium would look absolutely identical under an account share attack and a hack attempt.

Now you might say that if an account showed a history of multiple IP log ins Plarium could reasonable assume that the account was compromised by account sharing.

But this has it's own problems. Maybe someone plays from home, from work, from wireless hotspots or internet cafe's, occasionally from friends or maybe relatives (at X-mas or holidays) or from hotels if they travel for work a lot. So multiple IP's doesn't necessarily equal account sharing.

Maybe some members with more knowledge of coding and or hacking could shed some light on this.

But on the face of it, it appears Plarium would not be able to tell from an investigation whether an account was truely hacked or whether it was simply account shared.
Everyone has a right to an opinion. No one has a right to their opinion being respected by other if it can't be backed up with rational and logic explanation
UTC +0:00
Trentos
23 September, 2017, 1:24 PM UTC

As a player with as you say 'more knowledge' of security issues, I'd say you are trying to simplify things to get your point across. Regardless of the platform you are operating/playing on (in this case Plarium servers) the use of others credentials (no matter how you got your hands on them) that has financial implications, is illegal!!! At least where I live, and I'm 100% certain that this is a crime. US/UK laws are more or less the same as here.

That is the legal standing on what has occurred, given we are talking significant dollar value. Plarium smartly cover themselves from any responsibility. Hell, we all sign wavers every day that when we accept the terms and services of some service. Even our banking is not free from attacks.

But that does not excuse the people that take advantage of the security issues we all face these days. Are you excusing Nigerian scammers? What about all those scams that originate in the Indian subcontinent? Just because our governments can't do anything to disturb these networks doesn't mean the actions of these people aren't reprehensible. Don't get me started on simple hackers. I.e those that get their kicks out of using their knowledge to cause harm to others. They should get a real job.

So DJMoody, your continued campaign to blame those that were affected (including me) raises some serious questions about your character. If you can't understand why then you have more problems than I've heard you do
UTC +11:00
Oracle
23 September, 2017, 1:25 PM UTC

Hacking itself is problematic to define. 

General media and the public in general define hacking as cracking. While those in the field define hacking as an aspect of cracking.

To make it simple lets just say a hacker is someone who have an advance knowledge of a system. while a cracker is someone who don't know anything about a system but is willing to know. 

Now lets say that these system is Plarium.com site/servers/domain ect.

A hacker will be interested in manipulating things from the background, e.g changing the codes, or planting some codes. While a cracker is interested in benefiting from his manipulation e.g changing his visual UI.

A cracker makes a software from his knowledge of the game, and it to a cracker or give it for free in black market/ dark side of the internet. These software will have limitations. Generally a cracker will needs some information about the system before he manupulates it uses the software, lets say email address( but any personal infor)

So the cracker having your email address will use a software generated by a cracker( lets say the software is a key generator or password cracker). to enter a system. 

These is how you actually check if there was a hack or not. A hacker normally uses backdoor channels, while a cracker uses a front channels. but both are illegal entry. A hacker doesn't know the user, but a cracker does. A hacker stand to benefit from his knowledge while a cracker hope to enjoy from his manipulation. 

There are many ways of hacking. but you don't have to attack a user, you could attack a remote server, which is easy( Mehslayer has given a clue about these). Sometimes is even possible to mimic the action of a user( boting a user computer), bots attacks are used by torrent sites. 

So the first thing is to actually check how was the system was manipulated, if a cracker was involved, then the account was not hacked but a user shared his info. IF a known weakness was used to enter, then a hacker was involved, who might/might not leave any IP address. Like bots. 

Just because something isn't a lie does not mean that it isn't deceptive. A liar knows that he is a liar, but one who speaks mere portions of truth in order to deceive is a craftsman of destruction.....Gedleyihlekisa: Oracle the postremogeniture
UTC +2:00
Trentos
23 September, 2017, 2:26 PM UTC

You don't want flames?

So why the multiple threads excusing the actions of scumbags? Guess you are just backing your friends? You are starting to sound complicit in this whole affair DJMoody.

UTC +11:00
trevor
23 September, 2017, 2:30 PM UTC

ok lets look at this from another way ????

plarium just sold  to another company and thay find out that  accounts are beeing hacked as we beleave  it was ??

 how would the  new company like to take over knowing its new  game system was full of flaws???

thay would bail out fast , so plarium will now have to sort out its mess

this happens in the real world with companys i know ive seen  what damage can be done 
UTC +0:00
Trentos
23 September, 2017, 2:34 PM UTC
An Aussie company also. Have worked on their account before and know some of the execs. Personally glad to know that there is laws downunder, not like in DJMoody's fantasy world.
UTC +11:00
djmoody
23 September, 2017, 3:03 PM UTC

Trentos said:


Blah blah... off topic rant.... blah blah.... I really have no technical knowledge or expertise to add to the thread but by hell I am going to "have my say" anyway.

Now let's crown if off with some unfounded and ridiculous personal insults..... here we go...

Chill out engage brain.

Reality check: this isn't an Emps post. It's not an argument for or against Emps getting compensation. I tried my best to point that out in the first paragraph.

I got to thinking that there may well actually be no way for Plarium to distinguish between account sharing and a hack. This idea interested me so I thought I would post about it and see if there were any people who had some expertise in the field who could shed some more light in the topic.

I'll try the point again in different words as you two missed it first time around. Plarium are highly unlikely to be able to distinguish account sharing from hacking. I think (but based only on my moderate knowledge in this area) there are many scenarios where the 2 would be completely indistinguishable to them, based on the info they can get from their systems.

Now if you follow the logic of the post to it's natural conclusion Plarium are quite likely to have to compensate even if an account was accessed by account sharing, because they just can tell either way. They might strongly suspect account sharing but they can't absolutely prove it.

If you have to make this about Emps and Frenzie then I am actually making a point that supports compensation. Shock horror, if you had engaged brain this post is on the side of your personal bias..... but because you actually haven't got 2 brain cells to rub together you just went into "attack DJ for anything he says mode".

So now you have a better understanding would you like to remove the following comment and give me an apology.


So DJMoody, your continued campaign to blame those that were affected (including me) raises some serious questions about your character. If you can't understand why then you have more problems than I've heard you do


The culture of this forum has kind of hit bottom. 

It's time the CM's and moderators started to take action against the trolls. Post after post of personal insults shouldn't go unattended. The lack of response has led to people to believe this kind of behavior is OK and it's getting worse and worse. 

Lets have a forum where you don't get barraged by vitriol and hatred simply for holding a view that is contrary to how someone else wants believe things to be. It would be great to be able to debate topics, ideas and opinions only on the merits of those topics, idea and opinions without all the personal insults and slandering. 

Believe it or not you can discuss things with people who hold different opinions from yourself. God forbid while we do so that we might learn that there are multiple sides to a topic, end up with more educated opinions (even if we don't choose not change those opinions, in the light of more info). 

Right now though it's almost impossible to have any kind of sensible discussion.

Everyone has a right to an opinion. No one has a right to their opinion being respected by other if it can't be backed up with rational and logic explanation
UTC +0:00
djmoody
23 September, 2017, 3:22 PM UTC

@ Oracle.

It seems a strange world where your posts are the sensible ones among the flames and trolling but thanks for your input.

I agree with you that if Plarium systems were hacked to gain access to an account then assuming Plarium have the required skills and experience they should be able to work this out and gain evidence that there was a hack. I cited the example of a brute force attack to crack the password.

BUT a lot of time passwords are gleaned from completely different systems. Having gained your password from one of the least protected systems/companies you use, they will then try that out across all your online presence. Because most of us don't have different passwords for different things, this is how a lot of systems are breached. The best and most secure systems are breached by the weakest link - the human/user.

Those are the scenarios I that I believe will pose Plarium with a big dilema. There just isn't going to be any info on their systems that shows whether the account was a true hack or an account share because:

- the hack occurred outside of their systems

- and the account access was with a valid e-mail password combination

Everyone has a right to an opinion. No one has a right to their opinion being respected by other if it can't be backed up with rational and logic explanation
UTC +0:00
Trentos
23 September, 2017, 3:25 PM UTC

Like you said yourself, you have 'moderate' knowledge of the topic. So once again, I ask why you feel the need to create multiple threads on the topic?

I think you will find that you are generally abusive of others that hold a different opinion to yourself. Whether it be on the forums or within your own league. Opinions contrary to your own? It is you that needs to get used to others opinions. Your inability to see others points of view is alarming. I will not be making any apologies for trying to point this out to you.
UTC +11:00
vakonziko
23 September, 2017, 3:28 PM UTC

You dont need to hack plariums server to gain access. You guys digging too deep lol. Hacking something that is server sided is very hard, its done by pros. Hacking someones email is very common issue with current technologys and requires no skill, can be done easily by someone who has basic knowledge with malwares.

 
UTC +0:00
Trentos
23 September, 2017, 3:44 PM UTC

Yeah Vak. 

Whether credentials were stolen from Plarium servers or elsewhere, still the same offence. Some have a hard time realising that this is illegal.

UTC +11:00
djmoody
23 September, 2017, 4:24 PM UTC

Trentos said:


Some have a hard time realising that this is illegal.

Hack - illegal

Account Share - open invite to do things on the account. Not illegal in a month of Sunday's

If the latter came with a written contract as to what the agreed actions that were not acceptable for the 3rd party to do when they were on the account then possibly there would be breach of contract. 

That wouldn't be "illegal" btw but you could go through the courts for financial redress for the breach of contract. No one would go to prison because as I said no "law" would have been broken, nothing illegal occurred, the courts would simply be involved to address the breach of contract. 

Given it's less than clear what "consideration" would have passed in such an account sharing agreement, not even sure such a contract would be enforceable.... but we digress.

Qualified Chartered accountant - contract law part of what we have to study to get qualified.


Everyone has a right to an opinion. No one has a right to their opinion being respected by other if it can't be backed up with rational and logic explanation
UTC +0:00
Trentos
23 September, 2017, 4:37 PM UTC

55555 I picked you for an accountant :-)

UTC +11:00
Trentos
23 September, 2017, 4:48 PM UTC
How would you explain a second hack if that was to occur DJknowitall?
UTC +11:00
djmoody
23 September, 2017, 5:27 PM UTC

Trentos said:


How would you explain a second hack if that was to occur DJknowitall?

Plarium would still be in exactly the same position, unable to determine the difference between a real hack and subsequent account sharing. It appears if the attack doesn't happen on their servers there isn't any way for them to distinguish hacking from account sharing (other than taking the word of the account owner that they didn't share this time).

And how many times, enough with the personal insults. Lets go for a slightly more high brow discussion. And you do know you are calling me "DJknowitall" in a thread which I opened up by saying I don't know it all!!!

Everyone has a right to an opinion. No one has a right to their opinion being respected by other if it can't be backed up with rational and logic explanation
UTC +0:00
Gadheras
23 September, 2017, 5:57 PM UTC

Oracle said:


Hacking itself is problematic to define. 

General media and the public in general define hacking as cracking. While those in the field define hacking as an aspect of cracking.

To make it simple lets just say a hacker is someone who have an advance knowledge of a system. while a cracker is someone who don't know anything about a system but is willing to know. 

Now lets say that these system is Plarium.com site/servers/domain ect.

A hacker will be interested in manipulating things from the background, e.g changing the codes, or planting some codes. While a cracker is interested in benefiting from his manipulation e.g changing his visual UI.

A cracker makes a software from his knowledge of the game, and it to a cracker or give it for free in black market/ dark side of the internet. These software will have limitations. Generally a cracker will needs some information about the system before he manupulates it uses the software, lets say email address( but any personal infor)

So the cracker having your email address will use a software generated by a cracker( lets say the software is a key generator or password cracker). to enter a system. 

These is how you actually check if there was a hack or not. A hacker normally uses backdoor channels, while a cracker uses a front channels. but both are illegal entry. A hacker doesn't know the user, but a cracker does. A hacker stand to benefit from his knowledge while a cracker hope to enjoy from his manipulation. 

There are many ways of hacking. but you don't have to attack a user, you could attack a remote server, which is easy( Mehslayer has given a clue about these). Sometimes is even possible to mimic the action of a user( boting a user computer), bots attacks are used by torrent sites. 

So the first thing is to actually check how was the system was manipulated, if a cracker was involved, then the account was not hacked but a user shared his info. IF a known weakness was used to enter, then a hacker was involved, who might/might not leave any IP address. Like bots. 

Seriously.... You abuse terms...  "cracking" is to modify software to bypass/remove copy protection. Insert "false" serial numbers to be used at install of sortware etc. And to school you, here look @ https://www.youtube.com/watch?v=SFqBkSJOYOQ a collection of crakctros dating back to to the  80's for the c64. I was part of that scene (on the Amiga), up until late 1990's.


As for changing visual UI etc.. Then you are straying into the world of moders and modding. 


Hacking is nothing more and nothing less than breaking into systems. If that is done electronicaly with use of software tools, or if its done with use of "social engineering", it doesn't really matter. The purpose is the same to break into a place. What you do once you gain entry to said system/place only affect the size of the crime you are doing. 

Now one doesn't necessary exlude the other. Back in the day I did buy a chip off the net, and did open my PS1 and did mod it to allow play copied games. I suppose I could say I hacked into my PS1 and cracked it right? At least modded it. lol. Even all it took was unscrew a few screws and use a soldering iron.


It might surprise you but the easiest way of hacking is to get a physical person reveral the login details (social engineering). What Hollywood and movies show us of "hacking" is for most parts fantasy.


One of the simplest ways to break into a site could be to inject your own html code. And in this day and time, you don't even need to be versed in coding and such abilities, just buy hacks from the internet. Same way you can just order a ddos attack on someone if you feel like want to make someones day miserable. 


There is hacker conventions where the purpose is just have skilled people show off their skills, break into systems, portables etc. Sometimes companies use these to test their security. Other times a "hacker" could be just some guy collectiong data, looking for something usefull to sell. Or it could be someone malicious, a person or group that is out to do harm. You can't really stereo type hacking and "hackers".

UTC +2:00
Gadheras
23 September, 2017, 6:01 PM UTC
vakonziko said:

You dont need to hack plariums server to gain access. You guys digging too deep lol. Hacking something that is server sided is very hard, its done by pros. Hacking someones email is very common issue with current technologys and requires no skill, can be done easily by someone who has basic knowledge with malwares.

 
Yeah but it does require of the victim to run a file or visit a site (click a link), that will lead to said malware get access to his/her system. You can buy like keyloggers on the internet if you know the right places. Then its just a matter of time and operturnity to get it installed on the victims device(s).
UTC +2:00
Gadheras
23 September, 2017, 6:04 PM UTC
djmoody said:


But this has it's own problems. Maybe someone plays from home, from work, from wireless hotspots or internet cafe's, occasionally from friends or maybe relatives (at X-mas or holidays) or from hotels if they travel for work a lot. So multiple IP's doesn't necessarily equal account sharing.

Maybe some members with more knowledge of coding and or hacking could shed some light on this.

But on the face of it, it appears Plarium would not be able to tell from an investigation whether an account was truely hacked or whether it was simply account shared.
Well, there is range of the ip's too. If one IP range gain access from Europe and the other from Canada, US, whatever. Its not like you got to Work in Europe and log on from the US 4 hours later and so on. If you take your IP and run it by a locator, you can narrow down the location by a far. You can use a VPN as you said to mask your real ip, but you would need something more to "spoof" a fake ip in the same range. as your victim.
UTC +2:00
RandomDrop
23 September, 2017, 6:11 PM UTC

djmoody said:


Don't want a load of flames on the thread. This thread doesn't need to be about anyone / league in particular just an unemotional, unrelated discussion of technical issues.



Hack - illegal

Account Share - open invite to do things on the account. Not illegal in a month of Sunday's

If the latter came with a written contract as to what the agreed actions that were not acceptable for the 3rd party to do when they were on the account then possibly there would be breach of contract. 

That wouldn't be "illegal" btw but you could go through the courts for financial redress for the breach of contract. No one would go to prison because as I said no "law" would have been broken, nothing illegal occurred, the courts would simply be involved to address the breach of contract. 

Given it's less than clear what "consideration" would have passed in such an account sharing agreement, not even sure such a contract would be enforceable.... but we digress.

Qualified Chartered accountant - contract law part of what we have to study to get qualified.

DJ, I have been following this issue closely as have many others and its become obvious you are not interested in a technical discussion as proved by everything that has come before or after your first sentence in this thread so lets just look at what you are really concerned about (the other 99.9% of your input on this issue).


It looks to me as if you are hell bent on proving that the primary victim of this crime is also the perpetrator, I believe your hatred is clouding your judgment and as a result are making no sense at all. Lets forget the hacking and just look at the account sharing you are so fixated on.


Lets take your perspective on this issue and apply it to something a little closer to home, something that is easy to follow and understand. If someone invited you to their home and told you to come over anytime (open invite to come over and do things in their home) and you later entered without the owners knowledge, stole everything and then burned down the entire neighborhood all while pretending to be someone else then no law has been broken? Or is it that you don't think it should be? Or does this not apply to the digital world?


Even with such a simple comparison I cannot understand what it is you are saying, is it or is it not illegal to steal and destroy another persons property, assets, identity or character without there permission regardless of how you gained the tools to do it?


It is important to note that Plarium (a computer gaming company with many professional IT employees) has found evidence of all this being an illegal hack and not a result of "account sharing". As owners of this site they are not required to show us proof of discovery.

UTC +7:00
Marcel Stokvis
23 September, 2017, 6:21 PM UTC

RandomDrop said:


It is important to note that Plarium (a computer gaming company with many professional IT employees) has found evidence of all this being an illegal hack and not a result of "account sharing". As owners of this site they are not required to show us proof of discovery.


Let that sink in please for a minute djmoody, seriously you are starting to sound like Oracle.


--------------------



Dutch Viking // Sa souvraya niende misain ye
UTC +0:00
1721357 users registered; 42662 topics; 271371 post; our newest member:Castle №1248277