Yo.
So, it's come to my attention that keyloggers tuned to everyone's favorite INTERNET SPACESHIPS game have started to surface. Fun, eh? For those not "in the know", keyloggers do exactly what's written on the can: they log keystrokes, then send the logs to remote users who pour through them to find what you're typing in right after you launch EVE, then log in and sell/transfer all your crap to someone else. Sure, CCP will refund you all your crap (sans modules), but really, who wants to wait on them? Here are some tips on avoiding catching one of these things:
1) Make your password hard to guess. There are a handful of password management tools out there (There's one that's a Firefox extension; gets mentioned on Lifehacker a lot but I can't place it right now), and worse comes to worse you can always faceroll or hit random keys in a Notepad, copy-paste it to your change password, write it down, then clear your clipboard. Remember: Adding so much as 4 numbers to a simple password makes it just that much more secure. Also never use the same pass for forums and your game account.
2) Get virus protection. Ask anyone and they'll suggest a million different ones. Personally, I'm a fan of Avast for passive protection, and Malwarebytes for active. I run Avast in the background constantly, then scan MWB if I think I'm in danger. Keyloggers are hard to catch, but these programs typically find them without too much trouble.
3) USE COMMON SENSE. Always make sure you're logging in from eve-online.com and said site is registered to CCP. Check your hosts file (not detailing it; google "Windows 7/XP/vista/whichever hosts file") every so often and make sure there's no entry in there for the EVE site. Never, EVER click a link you don't 100% trust without making sure it's legit.
4) DO NOT SURF WITHOUT ADBLOCK PLUS. If you're on your main machine, you probably aren't using IE. If you are, stop. Now. You have no excuse. Go get Firefox or Chrome; they're both nice for different reasons. Now, go download Adblock Plus. Install it and use Fanboy's List. There. No more ads, and there goes about 75% of your virus droppers.
5) Don't open email attachments unless you know who they're coming from, and even then be careful. .PDF files should be on your FUCK THAT list; they're almost always injected with something nasty. If your girlfriend sends you "me_from_last_night_with_the_whipped_cream.jpg", it's probably safe. If some random guy sends you "ISK_3-0_extended_with_scamming_tips.PDF", DON'T OPEN IT.
--UPDATED
"But Vekter, how do I know if I'm screwed?"
Well, let's think for a second. Have you, in the last 5 minutes or so, disconnected two or three times? If so, have your corp buddies noticed you logging back on immediately (READ: Faster than you can do so)? And does your internet connection stay up? If yes to these, you're screwed. Kinda.
"Vekter, help! My system's been compromised! What do I do?!?!" Calm down, get a hold of yourself, kid! Not a big deal. You probably did something semi-stupid like open a .pdf attachment or go to a bad site. It's cool, we all fuck up. Take the following steps NOW:
1) Relax. Don't overreact and format your computer. At least not yet.
2) Change your account password now. Not in 15 minutes after your shower, not after this fleet is over, right fucking NOW. I don't care what you change it to, just change it to a temporary password so Mr. Achmed Q. Bumblefuck can't go sell your shit to Goonswarm or GHSC. You're going to do this multiple times until we format, so get used to the process.
3) If you've done something derpy like used a shared password for your EVE account, go change those too. This is why you don't fucking do that.
4) SECURE YOUR ASSETS. Get a corp buddy or, better yet, real-life friend to hold your shit until you get this sorted. All they need is 20 minutes to contract everything and give every last ISK you have to another character, and we want to prevent that. If you have a corp, drop roles now. If you're in a corp and have hangar access, drop your shit in a personal can, then drop roles. Dumbass can't liquidate what he doesn't have access to.
5) SECURE YOUR DATA. Back up your precious porn and Hello Kitty pictures. You're in for a wild ride.
6) Find your fucking Windows disk, pop it in, and format. Yes, there's a chance Avast or MWB or whatever you use might find the rootkit responsible for this shit, but there's also at least a 5% chance they won't. And 5% isn't 0%, so fuck it, wipe the drive and get over it. If you're on Vista or 7, make sure to format using advanced drive options instead of just re-installing, as that little bastard will just migrate over to your new install.
There you go. You're fine, all your shit's still there. If he got off with any of it, make a petition.
"Shows you, smartass! I'm on Mac/Linux/Whatever the FUCK". Okay, good for you. You're probably safe, and that's fine. However, that's a bad attitude to have; you still need secure passwords and such, as someone can still bruteforce your password, and all the preparation in the world won't save your ass if your password is "abcdefg" or "qwerty".
Fly safe, space cowboys. It's a dangerous world out there.
See you.
No comments:
Post a Comment