Account hacked last night

[Pottu]

So yea this isn't really about what I lost (roughly 10+ ZG/bwl/MC epics & ~350g sent away.) Or me trying to get it back (I'm sure nostalruse will refuse to restore any items despite them apparently being the reason I was hacked; which is confusing because I was under the impression that this was a blizz like server)

This is about finding out how people are being hacked. I would completely refrain from typing in any account info anywhere near nostalrius website or forums for the time being. I know for a fact that my account wasn't brute forced (because my other account that comes numerically before this account, and remained untouched), never told a soul my acc info.... . so yea, dont use TBC server ever or make an account. (open source code anyways HAHAHAH 'pls build my server for me')




So yea thanks a lot Nostalrius for getting me hacked and then refusing to restore anything on the account!!!!!


edit: btw the fact that accounts were hacked at the same time as the explosion of the relentless gold sellers 'oko' (not gonna type full name but anyone that has played in the last 2 days already knows) probably isn't a coincident.

[Eligius]

I am no computer security expert but this sounds silly.
First of all, I assume that a TBC server account and a tuleap bug tracker account are two entirely different things.
Secondly I would doubt the fact that Tuleap.org had its database compromised by gold sellers.

Have you given your info to anyone? Have you make an account with same name and password on another private server project? Have you downloaded a game client from any place other than the official sticky?

[jimstanky]

First of all, I assume that a TBC server account and a tuleap bug tracker account are two entirely different things.

Yea my fault, was still shaky when I skimmed that forum post. The compromise is allegedly through tuleap and not TBC account database.

Secondly I would doubt the fact that Tuleap.org had its database compromised by gold sellers.

I am implying that oko-nostalrius section was established as a result, but this is pure speculation. The compromises and relentless gold spam just happen to be coinciding.

Have you given your info to anyone? Have you made an account with same name and password on another private server project? Have you downloaded a game client from any place other than the official sticky?

No, no & no. The only place that has the same exact account info was tuleap. And I distinctly remember this because I was reporting a bug and the 1st time I used tuleap I typed in my wow login just to test if vanilla acc database was copied over (not realizing tuleap and nostalrius were separate entities.) Then instinctively wrote down the same info during account creation...

[Terboh]

This is nearly identical to my situation. Got hacked a few days ago. I used the tuleap bugtracker about 2 or 3 weeks ago, used the same username/pw as my game account (In retrospect, a terrible idea.) Only used downloads/addons from the official site and have given nobody my account/password. Never even used any other private servers before this one either.

[Uzephi]

Whether or not it is tuleap or not, why enter those credentials in a second entity? Tuleap isn't HTTPS which means the login data isn't encrypted to the server. Anyone with a simple mindset on how to hack login credentials can actually MTM the login and listen to your packets and since they aren't encrypted with secure socket (when you access the site, 99% of browsers will warn you as well), it would be simple to have a MTM bot log all login data to Tuleap without even hacking the server itself.

[Terboh]

(In retrospect, a terrible idea.)

[jimstanky]

In retrospect trying to help this server in any kind of way was a terrible idea and only hurt me in the end

[Pottu]

Tuleap connection is secure as Dreez pointed out here:
viewtopic.php?f=2&t=38394&start=50#p270624

It is literally just the certificate being outdated, which does not affect anything.

The GM team.