ArtDeco 55 Posted October 30, 2020 Hello, I want to give attention to a an issue where a number of APB accounts have been breached in the past day or so. As some of you may know some accounts in EU have been reported to have been hacked in the today and yesterday. Mostly targeting well known "theme maker" accounts so far. One of my alternate APB accounts have also been hacked as my friend in Dischord pointed out that one of my chars in that account were seen "speed hacking" in mission districts while I was not home and at work. I'm not going to name any names or victims but I will give a hint of the suspected culprits as some of you in the APB community already know them, Snipped Name and Shame ~@mayii Just take some precaution and change your passwords and set up a 2 step verification process with your APB Gamer first accounts! As for how our accounts got hacked we don't know, I never did anything stupid to have my information stolen like that. I think this is a real issue that Little Orbit should take a look at. I will now take this up with Support. 4 Share this post Link to post Share on other sites
LilyRain 674 Posted October 30, 2020 So... the Haxors haxed these accounts to speedhax while listening to good music? ♪ ♫ #Worth --------------------- Thanks for the heads up 3 Share this post Link to post Share on other sites
cowhorseman 441 Posted October 30, 2020 when you think hackers could not get any worse this happens. and hey i still think two of my accounts got stolen BUT SOMEONE HERE is trying to avoid me in every possible way they can so i can't get them back 1 Share this post Link to post Share on other sites
xHenryman90x 129 Posted October 30, 2020 7 minutes ago, ArtDeco said: Just take some precaution and change your passwords and set up a 2 step verification process with your APB Gamer first accounts! Honestly we should get some kind of notification in case someone has successfully logged into our accounts. It seems to me that even 2FA can be brute forced, this alone defeats purpose of 2FA if you don't know that someone has already figured out you password. 2 Share this post Link to post Share on other sites
cowhorseman 441 Posted October 30, 2020 2 hours ago, xHenryman90x said: Honestly we should get some kind of notification in case someone has successfully logged into our accounts. It seems to me that even 2FA can be brute forced, this alone defeats purpose of 2FA if you don't know that someone has already figured out you password. accounts can't be protected it depends on how desprite a hacker is. now why steal accounts for an f2p game that you can litterly go to gmail yahoo what ever and make inf accounts for is beyond me. unless of couse your so lazy it's easier to steal some else armas purchase and legendary guns which then i still don't understand because your still a cheater and getting people banned somehow makes your life better? i never understood hackers or why they do the things they do 1 Share this post Link to post Share on other sites
Motorola 107 Posted October 30, 2020 Not sharing your account info helps alot. 3 Share this post Link to post Share on other sites
ArtDeco 55 Posted October 30, 2020 Again, none of us have any idea how are accounts got hacked into. I personally never downloaded any keygens, never ran suspicious software, never shared account info or anything that would jeapordize the account. This is a strange incident. 1 Share this post Link to post Share on other sites
SmilyFace 300 Posted October 30, 2020 (edited) 1 hour ago, ArtDeco said: Hello, I want to give attention to a an issue where a number of APB accounts have been breached in the past day or so. As some of you may know some accounts in EU have been reported to have been hacked in the today and yesterday. Mostly targeting well known "theme maker" accounts so far. One of my alternate APB accounts have also been hacked as my friend in Dischord pointed out that one of my chars in that account were seen "speed hacking" in mission districts while I was not home and at work. I'm not going to name any names or victims but I will give a hint of the suspected culprits as some of you in the APB community already know them, Snipped Name and Shame ~@mayii Just take some precaution and change your passwords and set up a 2 step verification process with your APB Gamer first accounts! As for how our accounts got hacked we don't know, I never did anything stupid to have my information stolen like that. I think this is a real issue that Little Orbit should take a look at. I will now take this up with Support. So.. the thing is.. how do you know that is a sure thing happening/ed? I would trust more LO if they were giving informations or known about all that "situation". What's the point of hacking inside another account and speed hacking around. Seems like stories from hackers when they get banned and they try to say they are innocent, you know? "I wasn't playing, was my brother" or "I wasn't at home, someone stole my PC and hacked inside APB" etc. Look.. i don't wanna say this, but feels weird that peoples hacks inside accounts just for themes, i mean.. anything is possible, yes, but idk.. 2FA in this game is badly implemented, only way to have it is with authenticators apps, you can't receive codes to your e-mail, you can't receive codes to your phone, and you can't even set-up Multiple apps, while in most of the other platforms, programs, websites, you can do that. I always thought of a better implementation of it, maybe some rework is needed, but LO never looked into it, or at least until now, we still have 1 poor option out of a thing that not Should, but Must be a priority. We are talking about accounts where peoples can spend, much money, and this type of protection is just humiliating, little to nothing. Is still something, yes, but not up with the standards of our privacy, our accounts. I can understand this poor 2FA on forums, alright, but on G1.com and in-game, this is.. not helpful at all. Not talking about the fact that most of times is bugged and you need to insert the code Every time you change character. yes, i know about the "Token" thing inside G1.com but is broken and sometimes (always for me) keeps asking the code even tho i check "Remember this device". WE NEED MORE OPTIONS, OUR ACCOUNTS MUST BE MORE PROTECT AND SECURE, BECAUSE WE SPEND MONEY ON THEM. Edited October 30, 2020 by LaFuggitiva Share this post Link to post Share on other sites
xHenryman90x 129 Posted October 30, 2020 2 minutes ago, cowhorseman said: accounts can't be protected it depends on how desprite a hacker is. now why steal accounts for an f2p game that you can litterly go to gmail yahoo what ever and make inf accounts for is beyond me. unless of couse your so lazy it's easier to steal some else armas purchase and legendary guns which then i still don't understand because your still a cheater and getting people banned somehow makes your life better? i never understood hackers or why they do the things they do If you get notification about new succesful login from a new location, meaning that they still need that 2FA code, you then most likely have time to change your password. Sure we have tradelock implemented, that offers limited protection for your items, nearly useless unless your check your account in daily basis. Unfortunately we live in the world with malicious people who cause harm to others. 1 Share this post Link to post Share on other sites
ArtDeco 55 Posted October 30, 2020 This is a problem, I just spoke with others who play EU daily on dischord, and they said that their gmails were hacked into which are connected to APB. So this could be an email related issue, but it still doesn't explain how this seems like targeted hacking where the culprits knew exactly who to hack into and what to do with the stolen accounts (they're APB players themselves). Share this post Link to post Share on other sites
CookiePuss 5379 Posted October 30, 2020 1 hour ago, LilyRain said: So... the Haxors haxed these accounts to speedhax while listening to good music? ♪ ♫ #Worth --------------------- Thanks for the heads up ^the tl;dr 1 Share this post Link to post Share on other sites
Saxtus 497 Posted October 30, 2020 Should we rush changing passwords again? If there was new breach, wouldn't LO give us a heads up? Also I love your new forum avatar @CookiePuss! 1 1 Share this post Link to post Share on other sites
ArtDeco 55 Posted October 30, 2020 Just now, Saxtus said: Should we rush changing passwords again? If there was new breach, wouldn't LO give us a heads up? Also I love your new forum avatar @CookiePuss! There is a possibility and LO may still be investiging. I would start changing LO/GamersFirst passwords and email passwords too (now that it could be the source). 1 Share this post Link to post Share on other sites
Saxtus 497 Posted October 30, 2020 5 minutes ago, ArtDeco said: There is a possibility and LO may still be investiging. I would start changing LO/GamersFirst passwords and email passwords too (now that it could be the source). Have they fixed the Google Authenticator problems? Last time I had it enabled was last year when they were plagued with problems due to issues with clock time sync on their behalf, making generated keys invalid. Share this post Link to post Share on other sites
SmilyFace 300 Posted October 30, 2020 2 minutes ago, Saxtus said: Have they fixed the Google Authenticator problems? Last time I had it enabled was last year when they were plagued with problems due to issues with clock time sync on their behalf, making generated keys invalid. Sometimes still happens for me. Share this post Link to post Share on other sites
Saxtus 497 Posted October 30, 2020 (edited) 9 minutes ago, LaFuggitiva said: Sometimes still happens for me. So LO still not ready for Google Authenticator. Anyway I 've changed my password and I couldn't login. I realized that one of the following characters in the password is a big no-no for LO: $&@ If you lock out yourself like me, try resetting to another password. Edited October 30, 2020 by Saxtus 1 Share this post Link to post Share on other sites
SmilyFace 300 Posted October 30, 2020 23 minutes ago, Saxtus said: So LO still not ready for Google Authenticator. Anyway I 've changed my password and I couldn't login. I realized that one of the following characters in the password is a big no-no for LO: $&@ If you lock out yourself like me, try resetting to another password. Even when you reset the password to change it, when the new link opens up the page doesn't even ask you the old password, like you alredy put it, but you didn't. Hackers free. Share this post Link to post Share on other sites
Deadliest 385 Posted October 30, 2020 Russians hack your account? Share this post Link to post Share on other sites
ArtDeco 55 Posted October 30, 2020 No idea, but I will have to log into my main account tonight when I get home to see if it has been hit as well. Share this post Link to post Share on other sites
xHenryman90x 129 Posted October 30, 2020 3 hours ago, LaFuggitiva said: Every time you change character. yes, i know about the "Token" thing inside G1.com but is broken and sometimes (always for me) keeps asking the code even tho i check "Remember this device". Damn annoying, you get sometimes kicked back to login screen when switching characters, then you have to re-enter the code. Share this post Link to post Share on other sites
Motorola 107 Posted October 30, 2020 yeah i mean if you are downloading programs to edit apb... instead of editing apb manually then you could be at risk. even downloading "apb advanced launcher" from somewhere other than the official link is risky. Share this post Link to post Share on other sites
Saxtus 497 Posted October 30, 2020 Google Authenticator is enough protection but nobody sane will use it with all the problems mentioned in this thread. Please fix it LO. We want to use it. Don't punish those who want to use it because of bad implementation from your side! Don't ask us for it every time we switch character! Don't have your clocks out of sync, making it impossible sometimes to enter our tokens! 1 Share this post Link to post Share on other sites
vsb 6171 Posted October 30, 2020 (edited) i dont get it, people downloaded random "config" files from random people and then are surprised that its a security risk? Edited October 30, 2020 by AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA typo Share this post Link to post Share on other sites
Saxtus 497 Posted October 30, 2020 If the breach is from LO side, then it is not our responsibility. Worst case scenario, they will restore from previous state or compensate. I am talking about LO helping us shield our side. Share this post Link to post Share on other sites
SmilyFace 300 Posted October 30, 2020 47 minutes ago, xHenryman90x said: Damn annoying, you get sometimes kicked back to login screen when switching characters, then you have to re-enter the code. Yeah, exactly. 36 minutes ago, ArtDeco said: Watch this video, a friend just told me about this right now. This was uploaded today. LO, watch this carefully! Alright.. who is this failed ******* who is doing this to APB? Share this post Link to post Share on other sites