Guess what. Apparently somewhere around a 1000 Minecraft accounts and passwords have leaked thanks to a client modification of some sort. I don't know the full details, but they say there were client mods that promised stuff like flying, but meanwhile sended your information to the creators (giving them free access to your name).

Article:
http://forums.mcbans.com/index.php/topic,186.0.html

And mentioned on the "official" forum:
http://www.minecraftforum.net/viewtopic ... 0&t=222953

Check if you are one of the leaked accounts:
http://dinnerbone.com/minecraft.php

If you want to be safe, I suggest changing your password.

If you are op+ it is compulsory to change your passwords.
^ (Ollieboy added this)

If you dl'd a client mod just to fly you'd be a bit clueless.

_________________
Faberyayoooo
"War is just God's way of teaching Americans geography" - Ambrose Bierce

Some might find it too much of a hassle to register at the official WoM forums and go download a client somewhere else. It's clueless, but still, it won't hurt to send out a warning.

Was just about to post this, then saw you did.

Thanks.

I checked a few people from SpA, and found nobody on the list. No guarantees nobody's on, but several of our players are clean.

_________________

I'd go ahead and change your passwords anyway. Mine wasn't on the list but I don't REALLY wanna trust a website to tell me that.

If you are op+ it is compulsory to change your passwords.

_________________
Breasts

I am going to ban luketainsh from all of our servers. He has access to such a list. He has been banned on several servers for the same thing. He is a vet on here atm if anyone objects unban him.

Not on the list, but changed pass

_________________
Building worlds, destroying griefers, having fun. Not specialy in that order.

Since when is it compulsory to change passes?

_________________
[22:07] <@FBB2> +Ollieboy: %d+Pandorum%f: So Ollie when shall we have sex again?
[22:07] <@Xesdra_> fail
[22:07] <@FBB2> +Ollieboy: Noo the say failed me
[22:08] <@FBB1> +Pandorum: LOL

Iunno, since this happened?
Changed my pass though, just for good measure.

_________________
#Rico_Faraguez: I WANT KIRSHIS MOANS!!!!!!!!!

Kirshi Fur: they're up in my bummmmmmmmmmmmmm

luketainsh: i need you rico
luketainsh: <3
#Rico_Faraguez: Alright, then, bye

Since I made it compulsory to change passwords because you have moderation powers on the servers. Whether you're on that list given by that website or not, it is still a preservation of the server's interests.

_________________
Breasts

What if I know for a fact I did not download anything except WoM, from worldofminecraft.net.

_________________
Faberyayoooo
"War is just God's way of teaching Americans geography" - Ambrose Bierce

If you ONLY use WoM and NEVER EVER put your password somewhere else then you should be safe. This was mainly a SMP security issue where a TINY LITTLE DINOSAUR ARMS posted a fake flymod and harvested passwords. A password like ifhGdeuHHB646#%#bfeh wuold take tens of thousands of years to brtueforce so thats a sure bet though these password were phished. No ammount of complicated shit will protect you from that.

A few good tips that i employ are.

a) If a server has a stay logged in feature, use it. It help you identify a fake website since you won't be logged in. And if your aren't then check the URL.

b) Don't try to hack SMP. If you do chances are you will be entering your password into a key logger. Also if you make an account on third party minecraft related websites use a completely different password. Alot if accounts are stolen when those databases are leaked or sold. Curse.com is a good example.

c) If you use autofill on your browser, occasionally reset the saved passwords and resave only trusted ones. This will prevent the autofill from being a TINY LITTLE DINOSAUR ARMS and posting your passwords publicly somewhere they were meant to go.

The well known griefing team they mention, but don't name is Team Avolition, who are at war with Reddit SMP servers.
http://www.youtube.com/user/teamavolition

They are also able to hack mcbans and ban whoever they want as well, good thing we don't use that.

I wasn't on the list, but I changed my password as well.

_________________
I used to do drugs. I still do, but I used to, too.
-Mitch Hedberg
Front page of a very old website of mine back in 1999:
Hello, today is December 30, 110 and this site is Y2K compatible.

O.O i almost installed mcbans on our server... Orcs server uses it so perhaps it might be a good idea to stay clear of them for a bit. Until this all quietens down a bit.

Mann, hopfully with /bb , along with mcbans (when it gets its shit together) little clubs like this fill fade away, or have very little impact. Really something like mcbans should be something that would put a quick end to grief teams, not assist them

I reset my password too... though I wasn't on the list.

_________________
Inferiority is the true ascendancy.

Willdo as soon as I get home.

I automatically went to change my password when I read the topic's title on Wednesday, didn't read the text though. Now I did read it + the comments, and since many people on the servers never visit the forums, I think we should inform everyone on the servers... Somehow. If there has been a breach in the moderating circle, I will not take it lightly... This means Vet+.

+ the right to kick should be taken away from Members, since so many seem to abuse it (not directly abusing, but kicking with questionable reasons).

_________________
https://www.youtube.com/playlist?list=PL502D6BAD7E3A5EB8 – My compositions :U
_____

“If I myself had to portray the term 'people' by drawing it, I'd draw a mere gaping mouth, a clamouring mouth.” ― Pentti Linkola.

I changed my password to a new, hyper-super secure one. protorules

_________________

Mkay added a feature on my bot that automatically uses that website to check if any joining player is on the list and warns them if they are.

_________________
<+FBB2_> Thimerit: There is actually a real dankirk? lol

<+FBB2_> dan9201: Does anyone else think Dankirk may possibly be....
<+FBB2_> dan9201: GOD?

I'm not in the list but changed my pass too.

500 MORE ACCOUNTS STOLEN!

And is luketainsh is a ... hacker?!?

_________________
<PTB1> FREGUE99: pour parler
<PTB1> Samiak_: Poop parlour

<Mono> <PTB3> badrandsteve: ima go in smp for 8 mins then rage quit love u all
<Mono> * PTB1 * badrandsteve connected.

I didnt hack them myself, it was passed on from someone i know who plays another server, his friend hacked them, i have no clue how though..

_________________
Look behind you.









Ohai

A Flying Client is collecting passwords? Please tell me you are not talking about WoM?!!

Not at all, WoM has more than 1000 users

_________________
Breasts

yay im safe on all three accounts

_________________
[15:31] <+PTB1> Frankwj1: i need to repair all the fuck

[15:36] <+PTB1> Frankwj1: what did you do?
[15:37] <+PTB3> Frankwj1: you fucked the pool
[15:37] <+PTB2> Frankwj1: miner.....

It's not like they hacked into databases or anything, they just built their own malicious client that sent your login to Notch and themselves.

_________________

Really people should do a few password changes for all their valued accounts, whether it's your minecraft or school/college login, it's a good habbit to make, especially for me back at school when people would try and see what you were putting in for your password.

There's that and phishing sites, like a well disguised steam one got the better of me before. I use a program called Rapport, gives me a heads up when somethings trying to see the password I'm putting in, not sure how that work though.