First  Prev  1  2  3  4  Next  Last
Post Reply account hacked
33020 cr points
Send Message: Send PM GB Post
35 / M
Offline
Posted 2/3/15
Messaged support but no response yet. Found a site with my account information posted some guy has like 5 other Premium accounts posted with it. Lucky I can still log in with facebook need help getting control of my account back.
Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 2/3/15

nephalite wrote:

Messaged support but no response yet. Found a site with my account information posted some guy has like 5 other Premium accounts posted with it. Lucky I can still log in with facebook need help getting control of my account back.


Restored your proper email address, go change your password through the password reset form.
Also change your password on any other site you were using the same username or email on.
33020 cr points
Send Message: Send PM GB Post
35 / M
Offline
Posted 2/3/15
No clue as to how he got access to my account used nod32 and malwarebytes nothing found that would cause this. Thanks for the quick reply Shinryou
Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 2/3/15 , edited 2/3/15

nephalite wrote:

No clue as to how he got access to my account used nod32 and malwarebytes nothing found that would cause this. Thanks for the quick reply Shinryou


Most likely another site or service you were using was compromised and your login data was checked against our site.
Also, your password was very weak, you ought to go for something more complex and longer if you want to stay safe from getting your password brute forced - just in case.
106603 cr points
Send Message: Send PM GB Post
57 / M / U.S.A. (mid-south)
Offline
Posted 2/3/15

shinryou wrote:

Also, your password was very weak,...

This statement implies you can view the passwords of users, which would indicate a security flaw. A properly hashed and salted password database should not leave the passwords visible to anyone, regardless of level of access.

Could you clarify if that is what you meant?

In truth, even a system that reveals only the length of the password is flawed, but that is a flaw many password systems still have.

Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 2/3/15 , edited 2/3/15

TheAncientOne wrote:


shinryou wrote:

Also, your password was very weak,...

This statement implies you can view the passwords of users, which would indicate a security flaw. A properly hashed and salted password database should not leave the passwords visible to anyone, regardless of level of access.

Could you clarify if that is what you meant?

In truth, even a system that reveals only the length of the password is flawed, but that is a flaw many password systems still have.



No, his password was shared on a public website for everyone to see. I was able to find it with the information he gave.
We can't see anyone's password on our end.
Posted 2/4/15 , edited 2/4/15


Umm, I don't know about all of that, but my online status reads on even when offline. I know this by logging off my device and using a phone to just LOOK at the CR forums, logged out.

With the recent acct thefts its kinda sorta creepy. No unusual edits or posts thus far, but it bothers me if someone is just watching anime with it. Like how are they doing this, is it some spyware shit? I've done and changed my PW twice. Still, cut the power, use somebody's phone, hah, green light. ok wtf sigh.

I just recently set my privacy options to show, but instead of showing when I'm online to other users it makes other users think I'm online 24-7. I might as well hide it, if its just my device.. This is not okay. Also thought of the "why does cust service not care" thread as I have used the "contact us" button and wrote it out, and its been long enough for me to wonder.






Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 2/4/15
As there is caching involved the online indicator should be interpreted as "accessed the site in the past ~15 minutes". It does not mean that the user is using the site in that very moment.
5 cr points
Send Message: Send PM GB Post
Offline
Posted 2/4/15
Yea, I'm having the same issues with my account username: arrozar.

I checked on my phone where my account still exists, but alas, I can not log in anymore.
Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 2/4/15 , edited 2/4/15

arrozar1 wrote:

Yea, I'm having the same issues with my account username: arrozar.

I checked on my phone where my account still exists, but alas, I can not log in anymore.


Put your email back in. Go reset your password, for our services and all the the other services you use your username/email and that particular password for.

Also scan your PC for malware.

As the intruder messed with your premium settings, I had to cancel your subscription. I added premium days for as much as you had paid for. You'll have to renew your subscription manually at the end of February.
13011 cr points
Send Message: Send PM GB Post
Offline
Posted 2/4/15
Thanks for the prompt response and help.
Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 2/4/15

arrozar wrote:

Thanks for the prompt response and help.


Also I refunded the fraudulent premium charge created by the intruder.
7 cr points
Send Message: Send PM GB Post
31 / F
Offline
Posted 4/4/15
I am having the same problem. My account brightmadison has been in use since 2007 and someone took my account last night and charged 947 dollars on my credit card. I tried to log in, but the email is changed. Please help!!
106603 cr points
Send Message: Send PM GB Post
57 / M / U.S.A. (mid-south)
Offline
Posted 4/4/15

Brightmadison1 wrote:

I am having the same problem. My account brightmadison has been in use since 2007 and someone took my account last night and charged 947 dollars on my credit card. I tried to log in, but the email is changed. Please help!!

Hopefully, shinryou or another staff member will see your message and help you out soon, but there a few other things you should take care of in the meantime:

1. If any of your other accounts used the same password or a variation of it, change those now.

2. Scan your system for any malware. (Using more than one program, if at all possible).

3. If the password for the e-mail account you originally had associated with your CR account wasn't complex, or was identical or similar to a password you used elsewhere, I would advise changing it.

With some systems (such as G-mail), you can also check what IP addresses your account has been accessed from.

Der Zoodirektor
26133 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 4/4/15

Brightmadison1 wrote:

I am having the same problem. My account brightmadison has been in use since 2007 and someone took my account last night and charged 947 dollars on my credit card. I tried to log in, but the email is changed. Please help!!


I've reverted the email change. You should be able to request your password again.
Please set it to something complex and unique. Also change your password on any other website or service that you used the same email/password combination for. The combination you used was probably leaked after a hack of another site. To make sure that it is not a local issue, run a virus check on all your devices please.

Did you initiate any chargebacks? If not, please don't do so, we'll take care of it on our end.
First  Prev  1  2  3  4  Next  Last
You must be logged in to post.