Recent Events & Accounts Restored!

2b55b5g · 2019-03-24 03:13:05

Eh maybe I’ll still play EE. Idc my social media getting hacked or my own information getting spread. As long as my life doesn’t have risk it’s fine

Anatoly · 2019-03-24 08:24:24

2B55B5G TNG wrote:

Eh maybe I’ll still play EE. Idc my social media getting hacked or my own information getting spread. As long as my life doesn’t have risk it’s fine

it can be pretty serious, so id suggest not taking unnecessary risks. don't forget you could have viruses installed, etc...

2b55b5g · 2019-03-24 08:54:57

My PC was already broken from last year anyway

Wonkathing

PTU · 2019-03-24 10:36:58

Anatoly wrote:

viruses installed

How are viruses related in this case?

pls

Gosha · 2019-03-24 11:17:35

cool stuff

Anatoly · 2019-03-24 11:18:17

PTU wrote:

Anatoly wrote:
viruses installed
How are viruses related in this case?
pls

did you read what processor said? Even staff agreed that playing the game right now is fatal. The game could simply upload to your computer viruses to get even more information. The hackers have power to edit game files.

Different55 · 2019-03-24 13:36:38

Anatoly wrote:

PTU wrote:
Anatoly wrote:
viruses installed
How are viruses related in this case?
pls
did you read what processor said? Even staff agreed that playing the game right now is fatal. The game could simply upload to your computer viruses to get even more information. The hackers have power to edit game files.

We don't know that they have access to game files. Again, in my own personal opinion with 0 internal insight into how the game works or literally anything at all, I think it's very unlikely that they do. They're clearly doing everything they can to get attention, and leaking hashed (irreversibly encrypted) passwords and editing the client would be the exactly the kind of flashy things they'd go for if they could. Since they're only leaking emails and inboxes, it seems like that's the worst they can do at this point.

But, even though it seems unlikely, until we know it's *impossible* we should assume that they have ability just because it'd totally suck to be wrong.

Snowester, St1ckS4m(EE), Security-Drone, PTU

HeyNK · 2019-03-25 00:37:40

Anatoly wrote:

PTU wrote:
Anatoly wrote:
viruses installed
How are viruses related in this case?
pls
did you read what processor said? Even staff agreed that playing the game right now is fatal. The game could simply upload to your computer viruses to get even more information. The hackers have power to edit game files.

ITT: blatant fearmongering from someone who does not know how computers work tbh

XxAtillaxX · 2019-03-25 01:08:17

It is fully valid to state that the Adobe Flash Player plugin may (and most likely does) contain vulnerabilities that could run arbitrary code outside of a sandbox environment.

It is pure speculation as to whether such a vulnerability is within the scope of their ability, although baseless assumptions shouldn't be made in lieu of a false sense of security either, and so I would side with Yonom and Anatoly in this instance and advise people to isolate the game client (ideally in a virtual machine or external computer) if they really wish to play in the meantime, even though relatively few would do so and so that advice only applies to people who sport a tin foil hat.

Vinyl Melody, Minimania, Areno

peace · 2019-03-25 09:03:48

or you coudl just chage your password i did it just to be safe but i still dont get hoe thye gto to see passwords thats clearly PIO's fault as its PIO's resposebility to sotre passwords safe and none ever gets to see them not even the staff

Minimania · 2019-03-25 18:29:07

Different55 wrote:

We don't know that they have access to game files.

LukeM wrote:

We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.

Different55 · 2019-03-25 18:44:23

Crybaby wrote:

Different55 wrote:
We don't know that they have access to game files.
LukeM wrote:
We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.

by game files I mean client files and by access to the client files I mean the ability to modify them, which is one of two ways that they could possibly get their hands on passwords.

Grilyon2

peace · 2019-03-25 20:04:26

Different55 wrote:

Crybaby wrote:
Different55 wrote:
We don't know that they have access to game files.
LukeM wrote:
We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.
by game files I mean client files and by access to the client files I mean the ability to modify them, which is one of two ways that they could possibly get their hands on passwords.

passwords are not in the client im aware of ( i think)

LukeM · 2019-03-25 20:08:51

Just clearing up some terms:

The "DB" (which they have access to) refers to the PlayerIO game BigDB, which is what stores in-game information like worlds, campaign progress, mail, reports, bans, last known IP addresses, etc. (although for the time being we've disabled mail and the collection of IP addresses)

The "backend console" (which we strongly believe has been secure since early January, when the export was made) is what is used to upload new versions of the client and server, and can be used to access account emails / FB names.

peace wrote:

passwords are not in the client im aware of ( i think)

The idea is that if they managed to upload a modified version of the client, it could send them your account info when you type it in. We are very sure that they do not have the ability to do this though, which is why we've kept the game running.

Minimania, Different55, St1ckS4m(EE), 2b55b5g, mutantdevle

peace · 2019-03-25 20:13:29

LukeM wrote:

Just clearing up some terms:
The "DB" (which they have access to) refers to the PlayerIO game BigDB, which is what stores in-game information like worlds, campaign progress, mail, reports, bans, last known IP addresses, etc. (although for the time being we've disabled mail and the collection of IP addresses)
The "backend console" (which we strongly believe has been secure since early January, when the export was made) is what is used to upload new versions of the client and server, and can be used to access account emails / FB names.
peace wrote:
passwords are not in the client im aware of ( i think)
The idea is that if they managed to upload a modified version of the client, it could send them your account info when you type it in. We are very sure that they do not have the ability to do this though, which is why we've kept the game running.

yeah whatever i rarely-actualy never log otu of ee so i do not to send this infomration

Anatoly · 2019-03-25 20:13:35

Different55 wrote:

Crybaby wrote:
Different55 wrote:
We don't know that they have access to game files.
LukeM wrote:
We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.
by game files I mean client files and by access to the client files I mean the ability to modify them, which is one of two ways that they could possibly get their hands on passwords.

if that's the case then it looks like the entire raid was planned. (not like someone accidentally found an issue and used it).

It looks like they knew about the issue and when they found a way to bypass the security.

Then they simply prepared everything to hit Xenonetix in the heart.

2019-03-25 20:21:59

Anatoly wrote:

if that's the case then it looks like the entire raid was planned. (not like someone accidentally found an issue and used it).
It looks like they knew about the issue and when they found a way to bypass the security.
Then they simply prepared everything to hit Xenonetix in the heart.

No, really? I would have never guessed.

Grilyon2, Minimania, PTU

Official Everybody Edits Forums

#26 2019-03-24 03:13:05

Re: Recent Events & Accounts Restored!

#27 2019-03-24 08:24:24

Re: Recent Events & Accounts Restored!

#28 2019-03-24 08:54:57

Re: Recent Events & Accounts Restored!

#29 2019-03-24 10:36:58

Re: Recent Events & Accounts Restored!

#30 2019-03-24 11:17:35

Re: Recent Events & Accounts Restored!

#31 2019-03-24 11:18:17

Re: Recent Events & Accounts Restored!

#32 2019-03-24 13:36:38

Re: Recent Events & Accounts Restored!

#33 2019-03-25 00:37:40

Re: Recent Events & Accounts Restored!

#34 2019-03-25 01:08:17

Re: Recent Events & Accounts Restored!

#35 2019-03-25 09:03:48

Re: Recent Events & Accounts Restored!

#36 2019-03-25 18:29:07

Re: Recent Events & Accounts Restored!

#37 2019-03-25 18:44:23

Re: Recent Events & Accounts Restored!

#38 2019-03-25 20:04:26

Re: Recent Events & Accounts Restored!

#39 2019-03-25 20:08:51, last edited by LukeM (2019-03-25 20:10:36)

Re: Recent Events & Accounts Restored!

#40 2019-03-25 20:13:29

Re: Recent Events & Accounts Restored!

#41 2019-03-25 20:13:35

Re: Recent Events & Accounts Restored!

#42 2019-03-25 20:21:59

Re: Recent Events & Accounts Restored!

Board footer