The problem with this hacking thing

[Immenseman]

I do think Habbox are safe enough for a habbo fansite. Sure there will always be security breaches because the vast majority of staff are teenagers, not people who have depths of knowledge about internet security.

[Mentor]

I do think Habbox are safe enough for a habbo fansite. Sure there will always be security breaches because the vast majority of staff are teenagers, not people who have depths of knowledge about internet security.

Not really just a fansite thing, very few people can really keep much secure. The reason real business's/organizations avoid breaches is because they never actually give the managers and other staff access to any of the IT systems, they instead have an IT dept, who those mangers and other staff ask when they want something done.
Result is compromising any staff/manager account wouldn't allow any access to do any harm, and the IT staff generally dont get comprised as to get the job, basic computer skills and an understanding of computer security is generally required :p

[Immenseman]

Not really just a fansite thing, very few people can really keep much secure. The reason real business's/organizations avoid breaches is because they never actually give the managers and other staff access to any of the IT systems, they instead have an IT dept, who those mangers and other staff ask when they want something done.
Result is compromising any staff/manager account wouldn't allow any access to do any harm, and the IT staff generally dont get comprised as to get the job, basic computer skills and an understanding of computer security is generally required :p

Yeah, however such actions can't going to be taken for a fansite because it isn't a real business/organisation. All management can do is drill in basic safety measures to their staff. Hackers will always find a new loophole which many people will fall for. However, now the threat of the program "iStealer" that was used is around hopefully people will be a lot more careful what they're downloading.

Like when I was compromised when I was Admin it was because of "reverting". Habbox now has measures to ensure no other staff member will ever fall foul of this method.

[Roon]

Reverting? Is that like resetting the password or something...

[Immenseman]

It's a form that you send to microsoft. Basically, anyone can compromise any hotmail account all you need to find is name, dob, IP once you have IP you can fill most of the other boxes in. So they adapted a script called IPGet which allowed you to get an IP from anyone on your messenger.

[Favourtism]

It's a form that you send to microsoft. Basically, anyone can compromise any hotmail account all you need to find is name, dob, IP once you have IP you can fill most of the other boxes in. So they adapted a script called IPGet which allowed you to get an IP from anyone on your messenger.

Yeah I got reverted ages ago. They got my IP from a forum and bsed the rest

[nvrspk4]

It would have because she wasn't keylogged but iStealer. She hadn't typed all the passwords in but because of the fact all her passwords were so similar it was easy for them to jump around. So it probably would have changed the situation.

It was reasonable what happened only because Dlox didn't care. If he had put a phisher up and loads of habbox users had been hacked I'm not so sure they would have seen that as "reasonable". I certainly wouldn't have and he could have easily put a link to one in the article and even pretended to be a real news reporter as more people would have fallen for it. Luckily he has no GCSEs so would never have thought of anything so imaginative.

Not true, all of her passwords were logged by firefox, and thats where it came from. The reason we know this is they got the MODCP, Habbox Site Admin, HxL CP passwords all of which I can assure you were different. So in that sense it didn't matter whether her PWs were different.

You sly dog!!!

Who is Adam Walsh?

Also, is Habbox hosted on a proper host? I presume it is. (by proper i mean someone like umm, godaddy or some crap)

Adzeh. The payments were sent to him because he was the HxL Manager at the time and the HxL ad money was used to buy jingles. Well done *****, all the money to Adam Walsh!!! :rolleyes:

Certificates again then? Not many people have dynamic IPs though???

I do! For example, ***** thinks they're leet and exposed my IP, but not a single digit of the IP there is right, even the first two.

[GoldenMerc]

I do! For example, ***** thinks they're leet and exposed my IP, but not a single digit of the IP there is right, even the first two.

nvr is leeeeeeet too lol at them thinking Adam had all the money.

[Immenseman]

Not true, all of her passwords were logged by firefox, and thats where it came from. The reason we know this is they got the MODCP, Habbox Site Admin, HxL CP passwords all of which I can assure you were different. So in that sense it didn't matter whether her PWs were different.



Adzeh. The payments were sent to him because he was the HxL Manager at the time and the HxL ad money was used to buy jingles. Well done *****, all the money to Adam Walsh!!! :rolleyes:



I do! For example, ***** thinks they're leet and exposed my IP, but not a single digit of the IP there is right, even the first two.

So she had all her passwords saved on firefox?! There are numerous programs which have been used to grab these. There needs to be up to date staff information on the latest threats and methods these online "hackers" are using which would have prevented this. Not like it's new.

[Favourtism]

I don't think they know that Adam hasn't been on here for **** knows how long...