Help: Account compromised - Completely wiped-out all inventory

[Freelancer_Main]

Hi guys,
Just want to say - look out, change your passwords, get the 2FA. I lost about 2k of PEDs worth of items.
Everything got transfered (incl. Common dung), except the things that cant be traded.
I couldnt login, then somehow logged in and noticed I was in Camp Icarus (???) and no PEDs on the card.
Quickly changed the password on the website and then wrote a support case, but I dont know if it will be successful.

Worst thing is that its just half a day later of last time I played. I have no trojans or viruses on my computer.

Hope it gets resolved or a rollback happens, but I dont have high hopes.

Be careful out there.

 

[Svarog]

Ouch. You didn't have 2FA?

 

[Angel O2 Mercer]

Don't lose hope, MA has logs of everything and they take matters like this very seriously. Your chances of getting your stuff back are not zero.

Follow the support case, provide them with exact dates and times if you can because that way they find the relevant logs very quickly and will begin an investigation. Expect your account to be locked during said investigation, this is normal you didn't do anything wrong. They could need to lock your account temporarily so that you (or someone else) don't make further changes to it.

Be polite, answer truthfully. Things will get sorted out

Good luck mate.

 

[Hego Damask]

2FA should be the first thing to do by everybody right after registration.
Good luck getting back your stuff.

 

[Edward-James]

hello....sry for your loss...

My soc m8 had a similar situation(also without 2FA)...in his case he learnt somebody new ingame (and he gave him/her his mail adress)....and 1 or 2 days later..he got a pishin mail or similar from where then he/she got the Entropia password ( atleast he said that had happened to him) and emptied his account.....in my freinds case he also had to go to the RL police and submit the police formulas to MA..

Dunno on how they got your passwords tho ( if you say you dont have a trojan/keylogger etc on your pc) only wanted to tell you this situation of my friend..

GL to you,
Eddie

 

[kingofaces]

One thing to be sure of (2FA or not) is to not reuse passwords or similar ones for financial related accounts, including Entropia. Every time this is a forum or other website "hack" you use associated with your email, that password/email combination is likely going to be tried by those looking to get into accounts.

 

[Billy Jean Ruby]

If you have an account that worth significant amount of money (any amount count!), you should playing from a computer that you own completely! Nobody else using it (not even your wife/husband/childtrens)!
Not public or work computers!
Ofcourse two factor authentication without second thought... but you now know how it is.
Trust MA and give every personal detail they will ask. They will figure out what happened, but you need to have patience.

GL

 

[fred5283]

Don't lose hope, MA has logs of everything and they take matters like this very seriously. Your chances of getting your stuff back are not zero.

Follow the support case, provide them with exact dates and times if you can because that way they find the relevant logs very quickly and will begin an investigation. Expect your account to be locked during said investigation, this is normal you didn't do anything wrong. They could need to lock your account temporarily so that you (or someone else) don't make further changes to it.

Be polite, answer truthfully. Things will get sorted out

Good luck mate.

Lol - I’m still waiting after 4 years, MA won’t help

 

[Freelancer_Main]

Nobody knows I play Entropia Universe. My computer is shared with nobody. I didnt click any phishing emails or suspicious activity.
But I didnt have 2FA set up (for Entropia)

I saw they also canceled my auctions, which gives approx. time of when it happened.

 

[MeiGDLing]

Nobody knows I play Entropia Universe. My computer is shared with nobody. I didnt click any phishing emails or suspicious activity.
But I didnt have 2FA set up (for Entropia)

I saw they also canceled my auctions, which gives approx. time of when it happened.

Was your forum password same as ingame password or close? Forum was breached a while back so i'd guess most likely it was something as a result of that whether it be directly or indirectly.

 

[TheRock]

Account since 2007 and yet no 2FA? what u been doing man

 

[Jhereg]

This really sucks I hope MA can do something about this and you can recoup some of your items. Be safe out there folks in the cyber wild lands hehe

 

[theProphet]

Nobody knows I play Entropia Universe. My computer is shared with nobody. I didnt click any phishing emails or suspicious activity.
But I didnt have 2FA set up (for Entropia)

instead of being sure about that, ask yourself - if nobody knew, how could they even login with your username AND password?

your computer is either compromised, you logged into a fake website, or your user/pass combo was too common (rainbow list).

sorry for your loss!

 

[Thorns Rose]

Nobody knows I play Entropia Universe. My computer is shared with nobody. I didnt click any phishing emails or suspicious activity.
But I didnt have 2FA set up (for Entropia)

I saw they also canceled my auctions, which gives approx. time of when it happened.

I am sorry to hear this, I hope it gets sorted out and investigated.

I had no idea auctions could be cancelled , that was surprising.

 

[GradenFoss]

I had no idea auctions could be cancelled , that was surprising.

You can remove items/stacks you have put up for auction, as long as there are no bids yet (button at bottom of UI).
I think that is what he meant by »cancelling.« It is a good feature to have in case you made a blunt mistake. (Still better would be an additional 5 minute cool-down before any auction goes live.) You forfeit the auction fee paid, though.

 

[Deleted member 55358]

i was talkin to someone else last night that happened to so looks like its happening in mass scale..

 

[Freelancer_Main]

Still no response from MA

 

[Pelleman]

Hope it get solved and you get items and peds back.
Words of advice, activate 2fa.
Let the computer you game on be just a gaming machine, dont use other stuff on it if you want to be 100% sure nothing will happend.
And by other stuff I mean, surf the web, use mail, etc etc.
If you want to use other services on the gaming machine, you should installer hyperv and setup a isolated virtual machine to do the other stuff on.
A bit paranoid I know, but secure!

 

[Darth Revan]

Not good to hear, this is one of those times that support should be actively responding and keeping the case up to date on a regular basis.
Even if it's a 'we are still looking into this' standard type of response, at least you know they are doing something.

Hoping for the best for you!

 

[forgo]

Good luck on this, I remember in the past when MA would block entire countries from access in the name of security. Seems they need to upgrade their staff.

 

[WoenK]

I don't think that MA will do something.
They have no proof that the account was really hacked, could as well have been arranged to look like a hack and even if it is a hack, it is not their responisbility to have the user secure his account.
Goldcard was free with the first deposit over 500 PED if I remember correctly, 2FA is absolutely free .

I think the first thing I would do is wipe my computer completely, because if the password was really never shared, it has been definately bugged.

 

[forgo]

I do wonder if you had been using a VPN to access Entropia ever. For those not aware, China owns most of them, and they offer the illusion of security at the expense of risk. Using VPN's for work are part of China's intellectual property theft schemes they have pushed for years now. They will protect hackers who can compromise accounts without fear of their IP range getting blocked,(when MA blocked countries in the past, these VPNs didn't exist) but they very rarely protect anyone else. I know many Swedes using VPN's to access Entropia for boxes, just beware who ultimately owns most of those companies, and what you may be sharing with them.

 

[Nick Seventia]

There will be an IP trace of the person who logged in and traded the things, MA also has the tools to track trades so you should be able to get if not everything then most of it back.

Everyone should have 2FA, it requires about 5 minutes of setup, if you don't have a cellphone that can run it you can use a android emulator such as Bluestacks to run it on.
And if you are even more paranoid you can do what I'm currently doing and I have a seperate cellphone (One of my old ones) that is literally only set-up to run the 2FA with no other programs installed.

 

[WoenK]

There will be an IP trace of the person who logged in and traded the things, MA also has the tools to track trades so you should be able to get if not everything then most of it back.

Everyone should have 2FA, it requires about 5 minutes of setup, if you don't have a cellphone that can run it you can use a android emulator such as Bluestacks to run it on.
And if you are even more paranoid you can do what I'm currently doing and I have a seperate cellphone (One of my old ones) that is literally only set-up to run the 2FA with no other programs installed.

There are VPNs where IP trace does not really offer anything, Mostly the really cheap one are the "most secure"
As for the Adnroid emulation, it is really a hassle. Bluestack did not offer support for a camera, no way to get that QR code (really no option for a text extract like other solutions, event though it is mentioned in the documentation) into it. Used Nox for a while, until it simply stopped working.
I can understand taht a lot of people do not mind having an app installed on their phone, but I do and I really do not like that "wahh, its Goolge, cant be wrong" thinking on my hardware. Was quite glad that after my 2FA stopped working I had my goldcard back....has been working for over 12 years and only had to clean it 3-4 times and change the batteries twice.

 

[yeeck]

If my EU account is being hacked, I think no one will care...
Pray you will get a good result soon.

 

[Svarog]

Everyone should have 2FA, it requires about 5 minutes of setup, if you don't have a cellphone that can run it you can use a android emulator such as Bluestacks to run it on.

You also can use the desktop version of Authy. It's, of course, a risky move to have Entropia and 2FA app on the same PC unless the local and network access to it are well secured, but it's much less risky than having no 2FA at all, because it prevents breaches that don't originate from your own machine.

As for the Adnroid emulation, it is really a hassle. Bluestack did not offer support for a camera, no way to get that QR code (really no option for a text extract like other solutions, event though it is mentioned in the documentation) into it.

You can save QR code and use one of the online services to decode it to the string. Then you can install the Google Authenticator in the emulator and feed it part of the string as I've shown here.

Good to hear that your gold card still works but nothing is forever and with no support for it you really should look for backup plans.

 

[TeflonJR]

Was there any update on this? I had the same thing happen to me. Ended up at Icarus and a lot of items missing. Some valuable stuff was not touched which was odd but my precious armor and guns are gone. No update from support in 4 days. Also cleared items i had on auction but also placed bids on items spending the remaining PED i had on useless "for my avatar" items. My Pc is only used for gaming and EU PW is rather specific (only used for EU) so not sure how they got in. I super failed and turned off 2FA once i got new phone and never enabled again.

 

[qnaqnapow]

Damn... sorry to hear.
I just reactivated my 2FA after reading this. I deactivated it to buy stuff from the webshob and left deactivated. Im scared now.

 

[Deleted member 57599]

If you 'loan' your account out you do as at own risk gritz knows that

 

[Eli]

A friend of mine recently got hacked (in another game). Also was certain he had no trojan. The support told him to run a deep/full scan. 6 hours later, it found one thing. And that one thing... was the culprit. Escaped all normal scans. Try a scan overnight.