Jump to content
3DXChat Community
The92Ghost

Serious Security Threat Detected on your Website

Recommended Posts

I was going through my antivirus reports and it seems that my Antivirus blocked twice your website at my login since it was sending unencrypted password once written down. This is serious breach of security and privacy, especially for the EU Region. Please secure your website better and code it so that it can accept the encrypted password and not turning it into unecrypted password.

Capture.PNG

Edited by The92Ghost

Share this post


Link to post
Share on other sites

Be carefull, a hacker is in game. He hacked my account to use my avatar to have sex with men. His last known name in game is DarkReflection

Share this post


Link to post
Share on other sites
4 minutes ago, Leeloo said:

Be carefull, a hacker is in game. He hacked my account to use my avatar to have sex with men. His last known name in game is DarkReflection

Hmm.. are you serious? or trolling? because that was funny, feeling like the problem wasn't the hacker or your account from your comment, but mostly "HE HAD SEX WITH MEN!".

Share this post


Link to post
Share on other sites
Posted (edited)
11 hours ago, Ross the RoberT said:

iver gotten those warnings for years, its a false positive

You`ve got serious mental illness warnings for years, rob. There is no false. Take a help.

Edited by ☙𝔼𝕩❧

Share this post


Link to post
Share on other sites

The 3DX forum is HTTPS, 3DX Chat is not HTTPS. All websites and anything that connects to a server these days should use HTTPS as a minimum. Also, another thing that is not great is that when you forget your password on 3DX, they will email you your forgotten password in plain text, leading me to believe that passwords are not encrypted properly. Ideally, you would be sent a unique link to then reset your password. While there should be no personal information linked to your 3DX account, it would still allow a bad actor to use the account that you are paying for as well as impersonating you. Services like Pandora and hacked DLLs would have been a lot less likely had security been taken more seriously from the start.


In general, I recommend using the HTTPS Everywhere browser extension. It is available for most popular browsers like Chrome and Firefox. Browsers such as Brave has HTTPS Everywhere built-in.

Share this post


Link to post
Share on other sites
1 hour ago, Ross the RoberT said:

sounds like your software has a virus, take a help doesn't make sense but since im here...…..

omg lol what did I say?

Image result for psychiatrist

Share this post


Link to post
Share on other sites
10 hours ago, MistyMu said:

The 3DX forum is HTTPS, 3DX Chat is not HTTPS. All websites and anything that connects to a server these days should use HTTPS as a minimum. Also, another thing that is not great is that when you forget your password on 3DX, they will email you your forgotten password in plain text, leading me to believe that passwords are not encrypted properly. Ideally, you would be sent a unique link to then reset your password. While there should be no personal information linked to your 3DX account, it would still allow a bad actor to use the account that you are paying for as well as impersonating you. Services like Pandora and hacked DLLs would have been a lot less likely had security been taken more seriously from the start.


In general, I recommend using the HTTPS Everywhere browser extension. It is available for most popular browsers like Chrome and Firefox. Browsers such as Brave has HTTPS Everywhere built-in.

I've had other online places send a password in plain text and I've yet to have an issue with it because I change the password.  That's the simple solution for that problem  Allow this game as an exception in your virus software and it will only allow what should be allowed.  As long as I've played and countless other, none of them have had an issue with their account.  Use common sense when online as you would anything.

Share this post


Link to post
Share on other sites

I'm getting this as well and never have before. Every time I get an update for some reason, I have to re download the game. Never an issue with that, except today. I went to download and it says it didn't pass security requirements. Nothing new, no new AV... soooo.... I'll keep trying.

Share this post


Link to post
Share on other sites

going a tad overboard with this...

1- credit card info isn't stored on 3dx servers

2- whats the worst that can happen, someone hack your game and pretend fuck your pretend girlfriend?

3- if they get into your forum account, what can they do, post naked memes, oh nooo. 

Share this post


Link to post
Share on other sites
11 minutes ago, Ross The TboR said:

going a tad overboard with this...

1- credit card info isn't stored on 3dx servers

2- whats the worst that can happen, someone hack your game and pretend fuck your pretend girlfriend?

3- if they get into your forum account, what can they do, post naked memes, oh nooo. 

no but I did get through after 2 hours on my desktop and just copied everything to my thumbdrive that I have the rooms stored on (found out the hard way if you keep the rooms with the game and don't back them up you will lose them if you ever have to erase the game and reload it. So hoping I can transfer from my thumbdrive to my laptop.

Share this post


Link to post
Share on other sites

I've also received an unsafe message.  As of right now if they hack your/my account they can cause some serious social mayhem and get you ignored by many.  Hopefully those who know you well will recognize the unusual behavior and know something is not right.  They can delete the pictures stored in your gallery and change your profile to the point where if it is reported enough will earn you a permanent ban.  They can use all your coin to change names of your avi, create new avis,  get married etc.  It is not just having sex with pixels as Rob states.  

As a side note, if as has been suggested, we were able to transfer coin the hacker could do that too.  They'd be able to rid you of every coin in your account.

Share this post


Link to post
Share on other sites

I don't care too much about coins, but getting my profile and reputation ruined, maybe even leading it to ban of my account because of things my avi would say under control of a hacker sounds really bad.

Share this post


Link to post
Share on other sites
1 hour ago, Ross The TboR said:

your on a sex game under an assumed name, you have no reputation

I don't mean my rl reputation, obviously. But over more than a year of playing this game some people from there took their place in my heart and this game become important for me. But I doubt you really looking to talk about it Rob, you obviously just trying to attack and troll people again, so I why I even bother answering, really.

Share this post


Link to post
Share on other sites
3 hours ago, Ross The TboR said:

your on a sex game under an assumed name, you have no reputation

as well as you. but you have reputation. bad reputation. nullify yourself.

Share this post


Link to post
Share on other sites
Posted (edited)

I have to agree with the above comments and concerns. Putting aside that Rob guy, who doesn't understand the meaning behind online reputation, friends and connections. I think this is serious and that the developers must take serious look into this and advance to better security.

One of the fast solutions would be to put 2FA security. 

As far for the others who think that this is not serious, as a Developer and as a coder, I can assure that this is very serious. I am sure that most of you don't understand how security protocols work, or how breachable the data can be if your password is unencrypted. Anyone, who might have access to your computer can catch this data and use it on another websites. Thank god, I am not using common password here. But for others who might be using their usual password or anything among those lines, well this is really serious. 

I wouldn't raise the matter if it wasn't important. So I do request the Developers to take it under serious consideration. Or it will be repeat of the DDoS attacks all over again. When something is not secured well, it will only lead to problems and hackers will be aiming for that. I do recommend hiring Cyber Security specialist and developer for fixes. So you can secure your game and your forums from Hackers to the best point possible. 

Edited by The92Ghost

Share this post


Link to post
Share on other sites

 

6 hours ago, <TALON QUEEN> <DREAMFALL> said:

you can't expect 99% of these inept primitives to understand you. as most of these kids come from imvu and second life....lmao need i say more 

Ahhhh such an elitist attitude. It must be hard living in a world that is so inferior to you, having to take time to demean and attempt to devalue everyone but those you feel on your level but not quite your equal.

Share this post


Link to post
Share on other sites
4 minutes ago, panCDCA said:

 

Ahhhh such an elitist attitude. It must be hard living in a world that is so inferior to you, having to take time to demean and attempt to devalue everyone but those you feel on your level but not quite your equal.


What else would you expect from someone with delusions of grandeur, the one who was banned for... "no reason"? 😄 There's always one, they come and go. It never changes, it's history repeating itself over and over again.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...