Post Reply Anime Keeps showing up
8009 cr points
Send Message: Send PM GB Post
Offline
Posted 7/7/17
So for awhile know anime that I haven't watch has been showing up in my view history. I looked on the CR forums went looking around, did the standard change my password, deactivated the devices. Then contacted support, then was told from support to do the same, so I did the same. Admittedly I used a similar password but after I got a ticket from support I made a completely new password. I got my reply on Jun 21 2017, the issue was marked resolved. Now this is were things get weird... After this I noticed yet again more anime showing up in my view history, replied to support told my ticket was being escalated that was Jun 23, 2017... After this I wait a few days hoping to hear something, I hear nothing so I decide to do something check. Now keep in mind I doing all this on my phone, so talking to a buddy he ask if I've downloaded any apps not from the google play store (Android by the way). I haven't but never the less I run a virus scan on the phone nothing turns up... Run virus scan on my computer nothing turns up. So I'm like okay... Now using my phone I change my email to my account and a completely new password. So now I have a new email and a new password that's longer then normal passwords I make much longer including different cases, numbers and characters. For awhile this seems to have resolved the issue... However this morning I started to watch something checked my view history and now I'm seeing shows I haven't watched show up again. This time Attack on Titan season 2 and Hunter X Hunter (Hunter X Hunter likes to show up a lot in my view history having never watched a show). I'm really disappointed, I'm not angry though I should be I would say I'm just more sad and frustrated anything that shows up in my view history that I haven't watched just makes that show forever feel tainted in someway...I've been checking around and this seems to be bit of a problem that people post about so I encourage you to look into your view history to see if you have this problem to...And then know there might be nothing you can do about it... Still haven't heard anything new from CR support its been a few weeks but well I figure at this point I should make a post.

tl;dr I'm sad about my account problem, still waiting to hear from CR support. Check your view history
50561 cr points
Send Message: Send PM GB Post
61 / M / Earth
Offline
Posted 7/7/17
One possibility is that a (login) cookie that was set on their PC before you changed the password would still allow them in until it eventually expires. With that capability, they can still keep re-activating devices until then, too. I personally don't know of any way to force someone else's cookie to expire...
Der Zoodirektor
26157 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 7/7/17

omaclaro wrote:

So for awhile know anime that I haven't watch has been showing up in my view history. I looked on the CR forums went looking around, did the standard change my password, deactivated the devices. Then contacted support, then was told from support to do the same, so I did the same. Admittedly I used a similar password but after I got a ticket from support I made a completely new password. I got my reply on Jun 21 2017, the issue was marked resolved. Now this is were things get weird... After this I noticed yet again more anime showing up in my view history, replied to support told my ticket was being escalated that was Jun 23, 2017... After this I wait a few days hoping to hear something, I hear nothing so I decide to do something check. Now keep in mind I doing all this on my phone, so talking to a buddy he ask if I've downloaded any apps not from the google play store (Android by the way). I haven't but never the less I run a virus scan on the phone nothing turns up... Run virus scan on my computer nothing turns up. So I'm like okay... Now using my phone I change my email to my account and a completely new password. So now I have a new email and a new password that's longer then normal passwords I make much longer including different cases, numbers and characters. For awhile this seems to have resolved the issue... However this morning I started to watch something checked my view history and now I'm seeing shows I haven't watched show up again. This time Attack on Titan season 2 and Hunter X Hunter (Hunter X Hunter likes to show up a lot in my view history having never watched a show). I'm really disappointed, I'm not angry though I should be I would say I'm just more sad and frustrated anything that shows up in my view history that I haven't watched just makes that show forever feel tainted in someway...I've been checking around and this seems to be bit of a problem that people post about so I encourage you to look into your view history to see if you have this problem to...And then know there might be nothing you can do about it... Still haven't heard anything new from CR support its been a few weeks but well I figure at this point I should make a post.

tl;dr I'm sad about my account problem, still waiting to hear from CR support. Check your view history


The intruder who took over your account back then likely authed a device to be used with your account. These sessions on those devices may last for quite some time even after you removed the device. If the sessions did not last that long, users would have to log into their apps every time they start it up, which is very inconveniencing to everyone.
However the session *will* expire at some point, preventing the intruder from using your account to watch further.
8017 cr points
Send Message: Send PM GB Post
M
Offline
Posted 7/7/17

The intruder who took over your account back then likely authed a device to be used with your account. These sessions on those devices may last for quite some time even after you removed the device. If the sessions did not last that long, users would have to log into their apps every time they start it up, which is very inconveniencing to everyone.
However the session *will* expire at some point, preventing the intruder from using your account to watch further.


I've known Oma for several years and tried to assist with troubleshooting his issue, since I do IT as a living. I'm almost positive the first thing he checked was authorized devices. If he created a brand new email address and new password and changed his profile to use those, wouldn't that prevent authorized devices from accessing Crunchyroll content? It doesn't do any sort of account authorization upon the app being run if it's using an outdated login and password?

I thought maybe he had a keylogger or something similar on his PC but he made all the password and login changes from a mobile device. Which I confirmed with him he's never downloaded any apps from a third party site, everything through the Android store so as far as I know it's not compromised.

There are only three assumptions I can make about what he's experiencing, all of which are rather alarming.

1) Someone with "admin" access to Crunchyroll is watching anime with his account.
2) Crunchyroll security is compromised and a third party has access to data which includes users logins/passwords.
3) This is a really bizarre bug that someone adds random shows to a profile and marks episodes as read. Although unlikely.

Something like this that could potential point to a security compromise really needs to be escalated and looked at closely. I know when he spoke to support he mentioned that they escalated the issue but it's been weeks since it was first brought to their attention.

Der Zoodirektor
26157 cr points
Send Message: Send PM GB Post
35 / M / Germany
Offline
Posted 7/7/17 , edited 7/7/17

darkesthour420 wrote:

I've known Oma for several years and tried to assist with troubleshooting his issue, since I do IT as a living. I'm almost positive the first thing he checked was authorized devices. If he created a brand new email address and new password and changed his profile to use those, wouldn't that prevent authorized devices from accessing Crunchyroll content? It doesn't do any sort of account authorization upon the app being run if it's using an outdated login and password?

I thought maybe he had a keylogger or something similar on his PC but he made all the password and login changes from a mobile device. Which I confirmed with him he's never downloaded any apps from a third party site, everything through the Android store so as far as I know it's not compromised.

There are only three assumptions I can make about what he's experiencing, all of which are rather alarming.

1) Someone with "admin" access to Crunchyroll is watching anime with his account.
2) Crunchyroll security is compromised and a third party has access to data which includes users logins/passwords.
3) This is a really bizarre bug that someone adds random shows to a profile and marks episodes as read. Although unlikely.

Something like this that could potential point to a security compromise really needs to be escalated and looked at closely. I know when he spoke to support he mentioned that they escalated the issue but it's been weeks since it was first brought to their attention.


Existing sessions for the apps are simply not instantly affected by email or password change, or removal from the authorized devices list. Once they expire, the access is gone, as the intruder cannot create a new session.
8017 cr points
Send Message: Send PM GB Post
M
Offline
Posted 7/7/17 , edited 7/7/17

Existing sessions for the apps are simply not instantly affected by email or password change, or removal from the authorized devices list. Once they expire, the access is gone, as the intruder cannot create a new session.


If that's the case, that's absolutely horrible app/account security. If it can't even see that the login/password/authorized devices changed immediately.

However he did originally find rogue devices and deactivated them over 2 weeks ago. I can't imagine any app take that long for a device to "time out" before it sees it's no longer authorized. He hasn't had any rogue devices shown up since even though the symptom remains.

As a test he unauthorized his phone and he saw that immediately it disconnected him from crunchy roll and required him to re-login. I'll have to go back to my previous suspicions that something else is going on now.

He's not the first to report this type of issue. And I suspect there are probably a lot more that have this problem and either haven't reported it or just haven't noticed. http://www.crunchyroll.com/forumtopic-994861/someone-is-usinghas-used-my-app-linked-account-somehow.

I don't see this as the standard account was compromised and stolen, because in those scenarios your password has been changed and you need to contact support to have it reset. That's not what's happening here. This seems more of a compromised security because it's still happening after multiple login/password changes and the culprit but doesn't want to make changes to the account to alert the owner, unless the owner is perceptive and notices this happening to their queue.

In all honesty if there is a security breach I doubt CR would want to admit it (if they are even aware of it) unless it's more widespread.
You must be logged in to post.