Jump to content
3DXChat Community

Serious Security Threat Detected on your Website


The92Ghost

Recommended Posts

I was going through my antivirus reports and it seems that my Antivirus blocked twice your website at my login since it was sending unencrypted password once written down. This is serious breach of security and privacy, especially for the EU Region. Please secure your website better and code it so that it can accept the encrypted password and not turning it into unecrypted password.

Capture.PNG

Edited by The92Ghost
Link to comment
Share on other sites

4 minutes ago, Leeloo said:

Be carefull, a hacker is in game. He hacked my account to use my avatar to have sex with men. His last known name in game is DarkReflection

Hmm.. are you serious? or trolling? because that was funny, feeling like the problem wasn't the hacker or your account from your comment, but mostly "HE HAD SEX WITH MEN!".

Link to comment
Share on other sites

10 hours ago, MistyMu said:

The 3DX forum is HTTPS, 3DX Chat is not HTTPS. All websites and anything that connects to a server these days should use HTTPS as a minimum. Also, another thing that is not great is that when you forget your password on 3DX, they will email you your forgotten password in plain text, leading me to believe that passwords are not encrypted properly. Ideally, you would be sent a unique link to then reset your password. While there should be no personal information linked to your 3DX account, it would still allow a bad actor to use the account that you are paying for as well as impersonating you. Services like Pandora and hacked DLLs would have been a lot less likely had security been taken more seriously from the start.


In general, I recommend using the HTTPS Everywhere browser extension. It is available for most popular browsers like Chrome and Firefox. Browsers such as Brave has HTTPS Everywhere built-in.

I've had other online places send a password in plain text and I've yet to have an issue with it because I change the password.  That's the simple solution for that problem  Allow this game as an exception in your virus software and it will only allow what should be allowed.  As long as I've played and countless other, none of them have had an issue with their account.  Use common sense when online as you would anything.

Link to comment
Share on other sites

I'm getting this as well and never have before. Every time I get an update for some reason, I have to re download the game. Never an issue with that, except today. I went to download and it says it didn't pass security requirements. Nothing new, no new AV... soooo.... I'll keep trying.

Link to comment
Share on other sites

11 minutes ago, Ross The TboR said:

going a tad overboard with this...

1- credit card info isn't stored on 3dx servers

2- whats the worst that can happen, someone hack your game and pretend fuck your pretend girlfriend?

3- if they get into your forum account, what can they do, post naked memes, oh nooo. 

no but I did get through after 2 hours on my desktop and just copied everything to my thumbdrive that I have the rooms stored on (found out the hard way if you keep the rooms with the game and don't back them up you will lose them if you ever have to erase the game and reload it. So hoping I can transfer from my thumbdrive to my laptop.

Link to comment
Share on other sites

I've also received an unsafe message.  As of right now if they hack your/my account they can cause some serious social mayhem and get you ignored by many.  Hopefully those who know you well will recognize the unusual behavior and know something is not right.  They can delete the pictures stored in your gallery and change your profile to the point where if it is reported enough will earn you a permanent ban.  They can use all your coin to change names of your avi, create new avis,  get married etc.  It is not just having sex with pixels as Rob states.  

As a side note, if as has been suggested, we were able to transfer coin the hacker could do that too.  They'd be able to rid you of every coin in your account.

Link to comment
Share on other sites

1 hour ago, Ross The TboR said:

your on a sex game under an assumed name, you have no reputation

I don't mean my rl reputation, obviously. But over more than a year of playing this game some people from there took their place in my heart and this game become important for me. But I doubt you really looking to talk about it Rob, you obviously just trying to attack and troll people again, so I why I even bother answering, really.

Link to comment
Share on other sites

  • 2 months later...

I have to agree with the above comments and concerns. Putting aside that Rob guy, who doesn't understand the meaning behind online reputation, friends and connections. I think this is serious and that the developers must take serious look into this and advance to better security.

One of the fast solutions would be to put 2FA security. 

As far for the others who think that this is not serious, as a Developer and as a coder, I can assure that this is very serious. I am sure that most of you don't understand how security protocols work, or how breachable the data can be if your password is unencrypted. Anyone, who might have access to your computer can catch this data and use it on another websites. Thank god, I am not using common password here. But for others who might be using their usual password or anything among those lines, well this is really serious. 

I wouldn't raise the matter if it wasn't important. So I do request the Developers to take it under serious consideration. Or it will be repeat of the DDoS attacks all over again. When something is not secured well, it will only lead to problems and hackers will be aiming for that. I do recommend hiring Cyber Security specialist and developer for fixes. So you can secure your game and your forums from Hackers to the best point possible. 

Edited by The92Ghost
Link to comment
Share on other sites

 

6 hours ago, <TALON QUEEN> <DREAMFALL> said:

you can't expect 99% of these inept primitives to understand you. as most of these kids come from imvu and second life....lmao need i say more 

Ahhhh such an elitist attitude. It must be hard living in a world that is so inferior to you, having to take time to demean and attempt to devalue everyone but those you feel on your level but not quite your equal.

Link to comment
Share on other sites

4 minutes ago, panCDCA said:

 

Ahhhh such an elitist attitude. It must be hard living in a world that is so inferior to you, having to take time to demean and attempt to devalue everyone but those you feel on your level but not quite your equal.


What else would you expect from someone with delusions of grandeur, the one who was banned for... "no reason"? 😄 There's always one, they come and go. It never changes, it's history repeating itself over and over again.

Link to comment
Share on other sites

2 hours ago, Leeloo said:

I don't know if it's normal or not, but since the hacking attack, each time i load the forum page, something is checking my browser. Is anyone else have that ?

I am too. 

Link to comment
Share on other sites

7 hours ago, Leeloo said:

I don't know if it's normal or not, but since the hacking attack, each time i load the forum page, something is checking my browser. Is anyone else have that ?

It is normal and bears no threat to the users. Currently 3DX sites (both forum and main site) use CloudFlare protection system and this system is used to prevent or reduce the potential threat of new DDOS attack. This is done in automatic mode with every visitor who comes here.

Link to comment
Share on other sites

7 hours ago, Leeloo said:

I don't know if it's normal or not, but since the hacking attack, each time i load the forum page, something is checking my browser. Is anyone else have that ?

It's cloudflare verifying you're not a botnet or illegitimate traffic. It's nothing to worry about, it's just the CloudFlare DDoS protection being active on the forum domain.

Edited by Ashbash
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...