hacking and blackmail

I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

Replies

  • how do they get access to the account?
    thats not as easy as you think if you never used an emulator
  • Jkal_el91 wrote: »
    I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

    What ahnaldt showed on his video is something that happens by chance, only with people using emulators under a very specific set of circumstances - it does happen, but this isn't something that can be done intentionally.

    I agree that it's serious, and it's something that should be addressed, but I'm pretty confident in saying that this isn't the kind of security hole that can be intentionally exploited for nefarious purposes. Someone will correct me if I'm wrong - but as long as you've got your account linked to a google play or apple account, you should be fine.
    F2P since the last time I bought Kyros, Crystals, or the Conquest Pass.
  • don't mislead people. this bug exists since the beginning of the game on android. When you reinstall the game, it may randomly log you into someone else's account. I haven't had that once. And I even lost my account like that and ea did nothing about it for a few months
  • Olek301 wrote: »
    don't mislead people. this bug exists since the beginning of the game on android. When you reinstall the game, it may randomly log you into someone else's account. I haven't had that once. And I even lost my account like that and ea did nothing about it for a few months

    What was said that might be misleading?
    F2P since the last time I bought Kyros, Crystals, or the Conquest Pass.
  • scuba
    14034 posts Member
    1. Unlink Facebook
    2. Bind account to Google/apple

    Most of it happens because players use the Facebook link option to copy thier account to an emulator and than they don't bind the account to a Gmail account afterwards.
  • Jkal_el91 wrote: »
    I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

    If you have solid proof of your guild doing this, you can and should report them.
  • TargetEadu
    1513 posts Member
    scuba wrote: »
    1. Unlink Facebook
    2. Bind account to Google/apple

    Most of it happens because players use the Facebook link option to copy thier account to an emulator and than they don't bind the account to a Gmail account afterwards.

    Can you unlink an account that you’ve moved to an emulator safetly? I’m stuck on an emulator because I can’t move my account multiple times.
  • MaruMaru
    3338 posts Member
    TargetEadu wrote: »
    scuba wrote: »
    1. Unlink Facebook
    2. Bind account to Google/apple

    Most of it happens because players use the Facebook link option to copy thier account to an emulator and than they don't bind the account to a Gmail account afterwards.

    Can you unlink an account that you’ve moved to an emulator safetly? I’m stuck on an emulator because I can’t move my account multiple times.

    Emulator is the same as smart phone, so what applies there applies here...as long as the game is working.
  • scuba
    14034 posts Member
    TargetEadu wrote: »
    scuba wrote: »
    1. Unlink Facebook
    2. Bind account to Google/apple

    Most of it happens because players use the Facebook link option to copy thier account to an emulator and than they don't bind the account to a Gmail account afterwards.

    Can you unlink an account that you’ve moved to an emulator safetly? I’m stuck on an emulator because I can’t move my account multiple times.

    Yes.
    1. Link it to a Google account (they are free)
    2. Start another account (throw away) on another device and then use Facebook link to overwrite the one on the emulator.

    You can have your game linked to multiple emulator guest accounts (very bad idea) and/or multiple Google accounts. Testing I think I liked mine to 3 different Google accounts.
  • Lumiya
    1431 posts Member
    Jkal_el91 wrote: »
    I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

    What ahnaldt showed on his video is something that happens by chance, only with people using emulators under a very specific set of circumstances - it does happen, but this isn't something that can be done intentionally.

    I agree that it's serious, and it's something that should be addressed, but I'm pretty confident in saying that this isn't the kind of security hole that can be intentionally exploited for nefarious purposes. Someone will correct me if I'm wrong - but as long as you've got your account linked to a google play or apple account, you should be fine.

    Almost right... the link to Google play or Apple store does not however mean that the account is safe because someone can delete your account if they access it (even if it is unintended access). They can also unlink the account from Google or Apple and then link it to their Google and Apple.

    So yes you can not hack someone on purpose but you can do bad things to an account that you hack on accident.
    We are all made of star-stuff
  • scuba
    14034 posts Member
    CG should just make the android requirement 8 (I think 8) or higher.
  • BubbaFett
    3311 posts Member
    Lumiya wrote: »
    Jkal_el91 wrote: »
    I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

    What ahnaldt showed on his video is something that happens by chance, only with people using emulators under a very specific set of circumstances - it does happen, but this isn't something that can be done intentionally.

    I agree that it's serious, and it's something that should be addressed, but I'm pretty confident in saying that this isn't the kind of security hole that can be intentionally exploited for nefarious purposes. Someone will correct me if I'm wrong - but as long as you've got your account linked to a google play or apple account, you should be fine.

    Almost right... the link to Google play or Apple store does not however mean that the account is safe because someone can delete your account if they access it (even if it is unintended access). They can also unlink the account from Google or Apple and then link it to their Google and Apple.

    So yes you can not hack someone on purpose but you can do bad things to an account that you hack on accident.

    Nobody can access your account through google play or apple without your google play or apple password or, at best, your facebook ID and password... If they get that based on Phishing, you have much bigger things in your life to worry about than SWGOH.... And, none of that is preventable by CG....

    As for emulators like Bluestacks, that is how Ahnaldt got "hacked", but they are not supported by CG and it explicitly says so in the ToS......

    The moral of the story is don't fall for Phishing scams and use bluestacks at your own risk....
  • TargetEadu
    1513 posts Member
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.
  • BubbaFett
    3311 posts Member
    TargetEadu wrote: »
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.

    You can switch from Apple to android easily, wht did you start playing on?
  • scuba
    14034 posts Member
    Lumiya wrote: »
    Jkal_el91 wrote: »
    I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

    What ahnaldt showed on his video is something that happens by chance, only with people using emulators under a very specific set of circumstances - it does happen, but this isn't something that can be done intentionally.

    I agree that it's serious, and it's something that should be addressed, but I'm pretty confident in saying that this isn't the kind of security hole that can be intentionally exploited for nefarious purposes. Someone will correct me if I'm wrong - but as long as you've got your account linked to a google play or apple account, you should be fine.

    Almost right... the link to Google play or Apple store does not however mean that the account is safe because someone can delete your account if they access it (even if it is unintended access). They can also unlink the account from Google or Apple and then link it to their Google and Apple.

    So yes you can not hack someone on purpose but you can do bad things to an account that you hack on accident.

    Emulators themselves are not the problem.
    The problem is copying your account to an emulator using Facebook link (required way for iOS users) and than not binding it to Google account.
    Many think just because they copied the account to Android using Facebook link that it is now linked to Google play which is not the case, it is link to the emulator Android id which is basically just a random string of numbers and letters used to identify the account.
    Same thing can happen using Facebook to copy iOS account to a supported Android device, granted android 8 and higher is using a different id type, however the auth to the game is still just done with an id.
    Using Google actually goes thru an oauth2 flow that requires an auth token from Google, not just an id that is the same for every login auth.
  • TargetEadu
    1513 posts Member
    BubbaFett wrote: »
    TargetEadu wrote: »
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.

    You can switch from Apple to android easily, wht did you start playing on?

    Started on Apple, my account got tied to an Apple ID I no longer use, and per EA Support apparently it’s impossible to un-tie it to put it on my current Apple ID. On an Android emulator at the moment.

    If the Connect page says “Sign out of Google Play”, would that indicate it is bound to a Google Account? I’m pretty sure yes but messing with accounts is weird.
  • MaruMaru
    3338 posts Member
    TargetEadu wrote: »
    BubbaFett wrote: »
    TargetEadu wrote: »
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.

    You can switch from Apple to android easily, wht did you start playing on?

    Started on Apple, my account got tied to an Apple ID I no longer use, and per EA Support apparently it’s impossible to un-tie it to put it on my current Apple ID. On an Android emulator at the moment.

    If the Connect page says “Sign out of Google Play”, would that indicate it is bound to a Google Account? I’m pretty sure yes but messing with accounts is weird.

    The answer is yes
  • scuba
    14034 posts Member
    TargetEadu wrote: »
    BubbaFett wrote: »
    TargetEadu wrote: »
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.

    You can switch from Apple to android easily, wht did you start playing on?

    Started on Apple, my account got tied to an Apple ID I no longer use, and per EA Support apparently it’s impossible to un-tie it to put it on my current Apple ID. On an Android emulator at the moment.

    If the Connect page says “Sign out of Google Play”, would that indicate it is bound to a Google Account? I’m pretty sure yes but messing with accounts is weird.

    Yes
  • scuba
    14034 posts Member
    TargetEadu wrote: »
    BubbaFett wrote: »
    TargetEadu wrote: »
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.

    You can switch from Apple to android easily, wht did you start playing on?

    Started on Apple, my account got tied to an Apple ID I no longer use, and per EA Support apparently it’s impossible to un-tie it to put it on my current Apple ID. On an Android emulator at the moment.

    If the Connect page says “Sign out of Google Play”, would that indicate it is bound to a Google Account? I’m pretty sure yes but messing with accounts is weird.

    That is partially true.
    They rarely unlink it from another apple id, however you can use the Facebook link to link it to another apple id
    1. Make sure you are signed out of the game on apple device and you are seeing the cantina lady that shows at the start (this means it is a level 1 guest account)
    2. Copy to an apple device the same way you copied to the emulator using Facebook link. You know overwrote the guest account on apple device
    3. Sign in to game with apple id account to bind guest account to apple id
    4. Profit

    The whole purpose of the Facebook link is to allow copying account to a new device. Apple to apple, apple to Google, Google to apple, Google to Google, mainly for those that can't bind to apple or Google accounts
    However it also allows binding a new ID to it
  • Lumiya
    1431 posts Member
    BubbaFett wrote: »
    Lumiya wrote: »
    Jkal_el91 wrote: »
    I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

    What ahnaldt showed on his video is something that happens by chance, only with people using emulators under a very specific set of circumstances - it does happen, but this isn't something that can be done intentionally.

    I agree that it's serious, and it's something that should be addressed, but I'm pretty confident in saying that this isn't the kind of security hole that can be intentionally exploited for nefarious purposes. Someone will correct me if I'm wrong - but as long as you've got your account linked to a google play or apple account, you should be fine.

    Almost right... the link to Google play or Apple store does not however mean that the account is safe because someone can delete your account if they access it (even if it is unintended access). They can also unlink the account from Google or Apple and then link it to their Google and Apple.

    So yes you can not hack someone on purpose but you can do bad things to an account that you hack on accident.

    Nobody can access your account through google play or apple without your google play or apple password or, at best, your facebook ID and password... If they get that based on Phishing, you have much bigger things in your life to worry about than SWGOH.... And, none of that is preventable by CG....

    As for emulators like Bluestacks, that is how Ahnaldt got "hacked", but they are not supported by CG and it explicitly says so in the ToS......

    The moral of the story is don't fall for Phishing scams and use bluestacks at your own risk....

    You misunderstood what I said. I did not say they can access your Google or Apple, I said they can unlink your Google or Apple and link their own if they get access to your in game account.
    We are all made of star-stuff
  • scuba
    14034 posts Member
    Lumiya wrote: »
    BubbaFett wrote: »
    Lumiya wrote: »
    Jkal_el91 wrote: »
    I want to raise my next concern, I have seen videos and in other forums how easy it can be to hack an account, just as Ahnald showed in one of his videos, now what worries me the most is that there are guilds of which I will not mention, where they take advantage of this security problem to blackmail those who want to leave the guild or fight with the guild leader for "x" reason, they keeping the accounts or eliminating them..., I find this very serious, since nothing it assures me that my account can be safe; currently in the guild to which I belong, it has already begun to carry out these practices, and who knows if others will do it too, that is why I want to raise this alert, for the developers and the community.

    What ahnaldt showed on his video is something that happens by chance, only with people using emulators under a very specific set of circumstances - it does happen, but this isn't something that can be done intentionally.

    I agree that it's serious, and it's something that should be addressed, but I'm pretty confident in saying that this isn't the kind of security hole that can be intentionally exploited for nefarious purposes. Someone will correct me if I'm wrong - but as long as you've got your account linked to a google play or apple account, you should be fine.

    Almost right... the link to Google play or Apple store does not however mean that the account is safe because someone can delete your account if they access it (even if it is unintended access). They can also unlink the account from Google or Apple and then link it to their Google and Apple.

    So yes you can not hack someone on purpose but you can do bad things to an account that you hack on accident.

    Nobody can access your account through google play or apple without your google play or apple password or, at best, your facebook ID and password... If they get that based on Phishing, you have much bigger things in your life to worry about than SWGOH.... And, none of that is preventable by CG....

    As for emulators like Bluestacks, that is how Ahnaldt got "hacked", but they are not supported by CG and it explicitly says so in the ToS......

    The moral of the story is don't fall for Phishing scams and use bluestacks at your own risk....

    You misunderstood what I said. I did not say they can access your Google or Apple, I said they can unlink your Google or Apple and link their own if they get access to your in game account.

    Hmmm. They could link their own apple/google. Not sure they could unlink an apple/Google with out support/help from EA CG, otherwise someone who got "hacked" could remove the hackers access
  • TargetEadu
    1513 posts Member
    scuba wrote: »
    TargetEadu wrote: »
    BubbaFett wrote: »
    TargetEadu wrote: »
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.

    You can switch from Apple to android easily, wht did you start playing on?

    Started on Apple, my account got tied to an Apple ID I no longer use, and per EA Support apparently it’s impossible to un-tie it to put it on my current Apple ID. On an Android emulator at the moment.

    If the Connect page says “Sign out of Google Play”, would that indicate it is bound to a Google Account? I’m pretty sure yes but messing with accounts is weird.

    That is partially true.
    They rarely unlink it from another apple id, however you can use the Facebook link to link it to another apple id
    1. Make sure you are signed out of the game on apple device and you are seeing the cantina lady that shows at the start (this means it is a level 1 guest account)
    2. Copy to an apple device the same way you copied to the emulator using Facebook link. You know overwrote the guest account on apple device
    3. Sign in to game with apple id account to bind guest account to apple id
    4. Profit

    The whole purpose of the Facebook link is to allow copying account to a new device. Apple to apple, apple to Google, Google to apple, Google to Google, mainly for those that can't bind to apple or Google accounts
    However it also allows binding a new ID to it

    Trying this just ends up with “An unexpected error occured while linking accounts” when I try and sign in with Facebook on my phone, although I may be missing some step.
  • Gifafi
    6017 posts Member
    I bought a rock that prevents this from happening. Judging from the results it was a great investment
    Maybe End Game isn't for you
  • scuba
    14034 posts Member
    TargetEadu wrote: »
    scuba wrote: »
    TargetEadu wrote: »
    BubbaFett wrote: »
    TargetEadu wrote: »
    I have to use an emulator because apparently it’s “impossible” to get my account onto a new Apple ID. Or I could switch phones to an Android but I’m not doing that for one mobile game.

    You can switch from Apple to android easily, wht did you start playing on?

    Started on Apple, my account got tied to an Apple ID I no longer use, and per EA Support apparently it’s impossible to un-tie it to put it on my current Apple ID. On an Android emulator at the moment.

    If the Connect page says “Sign out of Google Play”, would that indicate it is bound to a Google Account? I’m pretty sure yes but messing with accounts is weird.

    That is partially true.
    They rarely unlink it from another apple id, however you can use the Facebook link to link it to another apple id
    1. Make sure you are signed out of the game on apple device and you are seeing the cantina lady that shows at the start (this means it is a level 1 guest account)
    2. Copy to an apple device the same way you copied to the emulator using Facebook link. You know overwrote the guest account on apple device
    3. Sign in to game with apple id account to bind guest account to apple id
    4. Profit

    The whole purpose of the Facebook link is to allow copying account to a new device. Apple to apple, apple to Google, Google to apple, Google to Google, mainly for those that can't bind to apple or Google accounts
    However it also allows binding a new ID to it

    Trying this just ends up with “An unexpected error occured while linking accounts” when I try and sign in with Facebook on my phone, although I may be missing some step.

    I haven't done the face book link in a while. It is very insecure and all accounts should be binded to Google or apple otherwise you risk losing it. Relying on Facebook is asking for trouble
Sign In or Register to comment.