• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

PSN being compromised via Neverwinter?

Justified

Member
See a lot of "My PSN was Hacked" lately, and I saw it mention in one of the threads about a Neverwinter exploit, but it wasnt explained. I just did a quick Google search and it seems the issue is started to spread (people accounts being compromised), and Neverwinter is starting to look like a common denominator.

Here is reddit discussion on it: https://www.reddit.com/r/Neverwinter/comments/4wer4o/beware_of_being_hacked_on_ps4/

https://www.reddit.com/r/Neverwinte..._would_a_hacker_profit_from_buying_zen_on_my/
 

androvsky

Member
Sounds like the old Fifa "exploit", where there's not actually an exploit from that game, but every other exploit and leaked password is used to buy currency that can easily be sold to other accounts.

edit: Yeah, what Palette Swap said
 

Solal

Member
My friend was hacked this week-end. I was at his place when it happened...

The hacker spent the 34€ he had in his wallet to buy some NEVERWINTER shit and changed his password.

We tried to get to Sony but their costumer service is closed during the week-end.

So we sent a mail to them... but no news yet.

Fortunately, my friend uses PSN cards and never saved his credit card in the system.
 

RootCause

Member
You don't have to have the game for people to use this 'exploit'. Deleting it does zero to being compromised. Having good password policies, 2fa where applicable, and no saved payment info does.
So I can get harmed even though I've never purchased Neverwinter or war frame? ;_;
 

Xenoflare

Member
Fortunately, my friend uses PSN cards and never saved his credit card in the system.

Biggest advice anyone could get when it comes to this, regardless if it's PSN or XBL or eShop I only use prepaid cards. Having my banking info compromised is much worse than trying to get a game that you are off by 1 cent
 

Rellik

Member
So I can get harmed even though I've never purchased Neverwinter or war frame? ;_;

It's no different to FIFA. The game isn't a point of entry. It just allows people to send currency to a different account so it becomes a popular game to steal money and accounts for.
 

Orca

Member
So I can get harmed even though I've never purchased Neverwinter or war frame? ;_;

It has nothing to do with those games aside from them being used to monetize the hack. They get your password/email elsewhere, then use those games to make money off it. Blaming the game is ridiculous and solves nothing.
 

RoySFNR

Member
I'm pretty sure that's the real culprit.

164 million emails and passwords were compromised, a fair amount that were probably associated with PSN accounts.

In this case, NWN just looks like FIFA: not a point of entry, just a way to somehow launder that money.

This is exactly the case. It's stupidly hilarious how easy it is to get your hands on a PSN account with an active PayPal account on it. Creditcards require atleast the first or last couple of digits and an expiration date but with PayPal, everything is fine.

All you have to do is basically avoid having an active PayPal account connected to your PSN until it atleast forces some kind of two step verification.

Neverwinter is just being used as a way to quickly offload the goods. People used to buy a lot of digital games from the PSN store and sell the account but using Pay2Win items allows the hacker to move a larger amount of money in a lower amount of time.

It's currently being used instead of Fifa Ultimate Team coins since the only way to get those is through buying in-game trading card packs which is largely luck based and therefore less reliable.
 

RootCause

Member
It has nothing to do with those games aside from them being used to monetize the hack. They get your password/email elsewhere, then use those games to make money off it. Blaming the game is ridiculous and solves nothing.
I didn't blame anyone. I don't know how you got there. I'm asking a question, going by the tittle of the thread.
 

5taquitos

Member
So Sony can't exactly be blamed for these recent hacks then? More on the devs for letting their game be exploited?

Sony can be blamed for not having 2FA, but there is absolutely nothing wrong with the games.

This is literally people using the same password (or similar passwords) for multiple accounts online.
 

Rellik

Member
So Sony can't exactly be blamed for these recent hacks then? More on the devs for letting their game be exploited?

Neverwinter is on the Xbox One too. The console with 2FA. I'm not seeing multiple threads on here reporting Xbox accounts being taken for Neverwinter cash.
 
Waiting for that PSN two factor authentication

2617480347_96fbb47a4a.jpg
 

Jotaka

Member
Biggest advice anyone could get when it comes to this, regardless if it's PSN or XBL or eShop I only use prepaid cards. Having my banking info compromised is much worse than trying to get a game that you are off by 1 cent

The biggest advice is stop using the same fucking password everywhere.
 

Kayant

Member
WTF? I didn't see no thread about this. GAF failed me!?
More info on the hack -

 

8bitghost

Member
It has nothing to do with those games aside from them being used to monetize the hack. They get your password/email elsewhere, then use those games to make money off it. Blaming the game is ridiculous and solves nothing.

That is true of FIFA and Neverwinter, but the Warframe server was compromised and usernames/emails copied.

If you use the same credentials on multiple web pages, an unscrupulous person has a greater chance of gaining access to your account. When the victim enters their information in here --> https://haveibeenpwned.com/ <-- we see a high coloration between prior compromises their gaming account being hacked.
 
After so many password breaches, you really do need different passwords for everything these days, that or a password manager. I just started playing NWN last week and this makes me nervous.
 

RedAssedApe

Banned
After so many password breaches, you really do need different passwords for everything these days, that or a password manager. I just started playing NWN last week and this makes me nervous.

yep. i have separate passwords for anything i consider sensitive or where financial transactions can be made.

for the rest i just use the same less secure password. as i dont care if someone hacks my gaf account or posts as me on reddit lol
 

EmiPrime

Member
All these reported hacks really scare me.

Sony 2step security as soon as possible please.

They shouldn't scare you as long as you don't reuse the same password on every website/service. Use a password manager and make 30 character passwords and stop worrying about this nonsense.
 

JP

Member
It's bewildering that people are still using the same passwords for different places, it's just asking for trouble.
They shouldn't scare you as long as you don't reuse the same password on every website/service. Use a password manager and make 30 character passwords and stop worrying about this nonsense.
I'd always recommend Diceware as a method of producing passwords, a really good way to increase your bits of entropy.
 
Good passwords are useless against social engineering. 2FA and a OTP are far more impervious to that sort of attack.

Nothing to engineer if I have unique passwords/email for each service I use, plus two-step.

One service goes down, there's basically nothing tying it to my other accounts.

Besides, critical data is better protected, so there's very little chance my bank/visa/whatever involving money can be touced.
 
Top Bottom