At 9:28pm PST in Bastok Mines there was a shout by someone named Krunk that said:


I shouted in response, saying that seemed suspiciously similar to the stories we've seen of other people getting their accounts hacked. Shortly after, Krunk was offline. I don't know if Nas is working on this or what, but this seems to be happening with enough regularity that it's concerning.

If you're Krunk or know Krunk, it might be a good idea to ask them if that was them shouting tonight. If it was them, then I'm probably just overreacting.

_________________
LSs: DysKai | FunWithJugs | Ragnarok
formerly Krinkle of Kujata
some handy tips for total newbies: Click Here

I don't think you're overreacting, it matches the same pattern that happened to someone else.

A friend of mine was recently hacked out of his main and alt, losing over 20M in items. Nasomi definately needs to do something about these hackings.

better safe than sorry , but looks like hacked account > sell items fast >sell gil RMT > Banhammer when the hacker has $$$ already

Nas has brute force protection and returns the lost items and gil to players who report it. It's possible that people who's accounts were compromised before he put a login attempt limit are just getting stolen from now, though.

Whoever is doing this could also be getting usernames and passwords from somewhere else. For example, a 3rd party program can easily read the memory of the launcher and read the username and password used to connect to the game... never use unauthorized 3rd party tools!

_________________
Returning/Existing Player? Trouble logging in? Click here |~| New player Gil guide |~| More Troubleshooting

What I thought of was the access through the Nasomi "Account" feature. Even tho its just the forum login information, maybe people accidently typed the ffxi login info?

It's kind of hard to understand how the information could had been taken by only accessing Nasomi, the nasomi page and forum, youtube and discord.

Did you use the same login information on any other websites?

The nasomi account website is secure, it wouldn't be that someone somehow got information that someone else entered there.

_________________
Returning/Existing Player? Trouble logging in? Click here |~| New player Gil guide |~| More Troubleshooting

So is every other website that’s suffered a security breach.

_________________

You do realize that almost all breaches result in hashed passwords being leaked. Nas's passwords are hashed too. If someone just had a list of hashes they wouldn't be going after small gains, except to hide (which hasn't been successful), they'd be trying to get into nas's account and just giving themselves infinite gil, or some other high profile character with tens of millions.

Access to where the passwords are stored is no easy thing either. Nas isn't an amateur. Regardless of his self-taught programming skills, he's a professional when it comes to that sort of thing.

There is no doubt that the people getting 'hacked' have weak passwords or passwords shared on other services or websites that were breached, or that there is some 3rd party tool that these people collectively use that is stealing that information from their client. None of the people who have been 'hacked' have given enough information to really determine what's going on.

_________________
Returning/Existing Player? Trouble logging in? Click here |~| New player Gil guide |~| More Troubleshooting

Gonna have to agree with Nab, that if this wasn't just a brute force random account hacking, then you'd see much more established and lucrative targets being targeted, not some n00b and his leaping boots being sold for 200k.