Here's something I found on sleepywood for those of you who don't go there.
I'm not saying it's fake. It's up to you if you want to believe it or not, personally I think it's bullshit.




Okay guys, let me clarify a couple of things about this "Fire Alarm" business. I know not everyone is an information technology professional, so I'm going to try and avoid difficult terminology or concepts whenever possible at the cost of not going in depth.

1. Look at the timing of this. The precaution to avoid getting hacked is to stay offline for three days during an event when you need to login everyday to qualify for the prize.

2. Look at the 'proof' that basilmarket presents. It's a bunch of whispers! Seriously? That's your proof? I could whisper whatever I want to whoever I want, that doesn't make it true.

3. I keep informed about the current and upcoming hacking situation on maplestory by reading several forums where hacking is supported. They say it's a complete load.

4. There is no way to use the same type of program to hack accounts as they did to hack guilds. Simply put, guilds were disbanded by sending malicious data to the server (that is, to maplestory, not to your computer). The server mistook this malicious data for valid data requesting a guild be disbanded by the founder and responded by disbanding it. There is no way to retrieve your login information this way.

5. They would need to somehow get a keylogger onto your computer for them to get your login info. As long as you don't download files from shady websites (in fact, stay away from shady websites altogether).

6. There have been worms in the past that do not require any action on your part to infect your system. However, for many many reasons, it would just be too much trouble to make one of these for hacking maplestory.

7. A hacking attempt of this magnitude would result in jailtime.

Here's the Basilmarket thread with the "proof", It's the first post on page 10
http://www.basilmarket.com/forum/673325/10/#

Also, please read Piggy-Bank's post on page one. Lots of info there too.

I think it's quite funny that people who have don't even understand the very basics of hacking are the one's who are spreading all these rumors.

Could someone explain this new 'Fire Alarm' threat? The Basil Market thread creator seemed to have edited his post. Even though I have no idea what this is, I think it's still safe for me to call complete and utter pig dung on this.

Yes, FireAlarm was complete and total bull. It was a fictional "hack" that someone on Basil posted, got everyone all riled up, and isn't true.

EDIT- Firealarm supposedly logged onto your account and deleted your character, or put you back at level one, or something ridiculous. I can't even remember what it was.

Lol fake or not, imagine nexon in all of this. They must be shitting their pants with all the hacks like the guild hack and the supposed firealarm hacks. But then again it is nexon, so they probably don't care ._.

They released a statement on their website about the recent events. This is what they had to say:

Dear Maplers,

We have been receiving numerous reports regarding the guild hack that has been affecting guilds across all of our servers. It is unfortunate that this has happened. We are investigating and working on rectifying the situation. We will provide more information when we can. Please keep in mind that even though we do not address certain situations immediately, it does not mean we are not aware of what is going on. Information needs to be gathered before we can make a statement.

Thank you for your patience and we apologize for any inconveniences this may have caused.Lol.

Ah well, it's Nexon. What do you expect? Wizet was worse. Before Nexon took over we'd get like a patch a year, now it's like a patch ever 7 months or so xD

Or in v.53 and v.54, a couple hours.

Nexon, agreed, is performing better then Wizet. But they are money sucking leeches. :-/

Nexon's not completely stupid. They know what types of hacks are possible, and which aren't. This 'Fire Alarm' hack is nothing to worry about, but Nexon is looking into the Guild Hacks. Like the person from Sleepywood said, a hacker just needs to send some malicious code over to the Nexon servers that includes a request for the disbandment of a guild. The code exploits some hole in Nexon's code and is allowed to execute because Nexon's filter allows it to pass. With this type of exploit still open, these hackers could send other code which could do other things. They could make it so it appears that someone has traded 20,000,000 mesos to them.

That's different from being able to hack someone's account (or this 'Fire Alarm' method as you guys call it). Sure, your account information would be stored on the Nexon servers, but Nexon isn't stupid enough to not encrypt your information and make it easy for you to spot something. It's not like you could just send a piece of code that retrieves all your information and all of a sudden a pop up box appears which tells the hacker all your user information. That would be completely stupid, and I'm sure Nexon has precautions to prevent these these things.

I don't know how Nexon operates, but this is how I believe you log in into the game. It's probably wrong, but this could be a good way of doing it*. Let's say I have the username "iLikePigs" and the password "Baconator". When I click the log in information, my client sends a message to Nexon's server that "iLikePigs" wants to login. Nexon would then check that information with another server that has all my login information. This server is different from the server which the game is hosted on. If my login information is correct, than I would be asked to put in my PIN number. If that's also correct, then the login server would direct me to the actual Maple Story server, which would allow me to play with others. I do not believe that Nexon tracks people by their username. It would be much safer to track me by an identification number depending on when I logged on. If Nexon would like to see my username and password, they would use that identification number (the one I would be assigned depending on when I logged on) and send that ID number to their login server to get my information.

A better way for Nexon to be safe is to put an encryption on my password. Then they could just put everyone on the same server because even if the hacker got my information, it would show up as a random jumble of mess. For example, if a hacker sent a code to Nexon's server for my information and the server's filter was exploited, the the hacker would get something like this:

Username: iLikePigs
Password: LJH*+(sh85l*5-23&)*54

Whenever I put in a password, an simple AES encyption would convert my information into the hash which you saw above. However, the hacker would believe that LJH*+(sh85l*5-23&)*54 is my password because that's all there is on the Nexon servers. But when they insert that into the password field when trying to login, they would get something completely different because of the AES hash. LJH*+(sh85l*5-23&)*54 would turn into something completely different and Nexon's server would deny that password.


I know. I know. I rambled on a bit too much about something that's probably wrong, but I hope some of you get my point. Bullet points for the win?

Summary:
--Nexon isn't stupid. If they have any brains at all, they wouldn't put your login info on the same server the game is on.

--If there are two different servers, then hackers wouldn't be able to get your login information through this 'Fire Alarm' since there would only be a one way communication between the servers. The login server can communicate with the game server, but the game server can't communicate with the login server.

--If Nexon has put an encryption on your password and had everything on the same server, hackers still wouldn't be able to get to your information because to them, your password would be utter rubbish.

--Guild Hacks will be patched. The holes that these Guild Hacks exploit can be used to ruin the game. Ruin the game and you'll get less people playing. Less people playing would equal no money. You get the rest.

Note:*
--I am probably wrong about all this stuff about Nexon's server and hackers because I myself am not a hacker so I don't know exactly how they work, nor do I know anything about how Nexon operates. All my information is based on the little knowledge of networks, servers, encryption, along with common sense. Don't hold me responsible for any errors, I'm still learning about all this stuff. Yes, even pigs can make mistakes.

I'm just saying that this 'Fire Alarm' hack is unlikely. You can choose to believe me, or you can choose not to. Just take a look at the evidence. It's almost impossible for someone to get your login information by brute forcing or by using this 'Fire Alarm'. The only way someone can get your login information is if you give it to them or you have a keylogger on your computer.

True, Nexon does I.D. each character by how they log on, not by their log on information. It is extremely obvious that to get to your information, they would literally have to "attack" the Nexon servers for your information.

The only hacks you need to worry about now are the packet editing hacks. For some reason, a hacker or someone made a tutorial of some sort to make packet editing seem extremely easy for every hacker. Now we have all seen this new, and extremely illegal, hack in action. Such examples are "Fame Hack" where they take the packet of one person faming them, and continuously resending it. The "Guild Hack" is where they take the packet of a guild leader, or Jr. Master, expelling someone (or alternatively, someone leaving the guild) and resending it to each I.D. mask of the guild.

Scary things can be done with packet editing. I'm surprised they haven't exploited a "Level Up" packet hack. Or a "Stat Unlimited hack.

Let's all hope these hackers get I.P. banned, or better yet, fined in real life.

Nice post Piggy, you might be right. You could be psychic! or just really smart.

There would be certain things that are impossible with packet edits. A thing that all script kiddies have noticed about the game if that whenever most of them try to go faster than 140 (The maximum speed) they'll disconnect after a short while. The reason for this is that Nexon has code in place which will detect many of these abnormalities. ALl they need is a snippet of code that does something like:

if speed>140; then disconnect

That's all they need in order to stop many script kiddies. I think the reason that there aren't any automatic 'Level Up' packets out there is because of Nexon's use of experience. I'm guessing that Nexon servers will keep track of the total amount of experience there are in each map, and you can't get more experience then there is to get. Hard thing to explain, but think of it like this. In a room, there are 30 pigs. No matter how many times you try to "hack the system", you can't get more than 30 pigs out of that room. So let's say that there is a possibility of 64 experience in a certain map. Even if you send packets telling the server you've killed a snail over and over again, the maximum amount on experience you're going to get out of that map is 64, until the monsters spawn again. You can only get experience if something dies. If there are only 30 pigs in a map and they all die, you can't just pull more pigs out of the air. (I can, but I'm special.) Hackers might not be able to automatically level up, but killing masses of monsters do just fine. In the same sense, there are certain limits to your stats. The game just won't allow you to do things, unless you delete some code yourself and run it again, which I doubt anyone would spend the time to do.

IP banning isn't going to do anything, especially to anyone who is actually coding these hacks. They are smart enough to hide within layers of proxies. Only idiots would get themselves caught by the law enforcements.

if speed<140; then disconnect


O.o You mean:

if speed>140; then disconnect

Lol, otherwise anyone who's not hacking would get d/c XD

O.o You mean:

if speed>140; then disconnect

Lol, otherwise anyone who's not hacking would get d/c XD
Oh gosh. I cannot believe I didn't catch that. Thanks for catching it.

I Fail.
http://i180.photobucket.com/albums/x215/HTO_lcm99/bush-fazendo-pose-burro-marcio-marc.jpghttp://failblog.files.wordpress.com/2008/01/bush_bookupsidedown.jpg

Pig is sorry.
http://i67.photobucket.com/albums/h292/rynn171/avatars/emotion%20avatars/pig/thmi36.gif
http://i163.photobucket.com/albums/t299/tonyhandersome/pig-imsad.gif
http://i67.photobucket.com/albums/h292/rynn171/avatars/emotion%20avatars/pig/thmi12.gif

I think I'm falling in love with you Piggy-Bank



(i'm not, but still...)
Kudos to you!

As Dan may soon post somewhere, our guild leader (no names) put up a smega. She then received a whisper that someone will hack her account, steal her items, and delete the guild and all.
So, what you're saying is that the worst the guy can ACTUALLY do is just delete the guild?
Well, the good thing is that we still have a backup guild.

Let's just hope they really don't start code caving. :)

There would be certain things that are impossible with packet edits. A thing that all script kiddies have noticed about the game if that whenever most of them try to go faster than 140 (The maximum speed) they'll disconnect after a short while. The reason for this is that Nexon has code in place which will detect many of these abnormalities. ALl they need is a snippet of code that does something like:

if speed>140; then disconnect

That's all they need in order to stop many script kiddies. I think the reason that there aren't any automatic 'Level Up' packets out there is because of Nexon's use of experience. I'm guessing that Nexon servers will keep track of the total amount of experience there are in each map, and you can't get more experience then there is to get. Hard thing to explain, but think of it like this. In a room, there are 30 pigs. No matter how many times you try to "hack the system", you can't get more than 30 pigs out of that room. So let's say that there is a possibility of 64 experience in a certain map. Even if you send packets telling the server you've killed a snail over and over again, the maximum amount on experience you're going to get out of that map is 64, until the monsters spawn again. You can only get experience if something dies. If there are only 30 pigs in a map and they all die, you can't just pull more pigs out of the air. (I can, but I'm special.) Hackers might not be able to automatically level up, but killing masses of monsters do just fine. In the same sense, there are certain limits to your stats. The game just won't allow you to do things, unless you delete some code yourself and run it again, which I doubt anyone would spend the time to do.

IP banning isn't going to do anything, especially to anyone who is actually coding these hacks. They are smart enough to hide within layers of proxies. Only idiots would get themselves caught by the law enforcements.

Awwwwww. AWWW. Look at this, everyone, EVERYONE, flash back, k? K, so, everyone remember when Piggy was that wee-teeny little OnRPGer in his little OnRPG diapers refusing to form grammatically correct sentences? Oh, oh, and he couldn't get a character past level 20, hahahah! Sooo cute.

But OSHIT, LOOK OUT, Piggy's all grown up and gansta' like. Pfft, look wrong at that bad *** motha' and you'll find yourself in a shallow grave. Dayummmmmm straight. Word up Piggy, word up.

There would be certain things that are impossible with packet edits. A thing that all script kiddies have noticed about the game if that whenever most of them try to go faster than 140 (The maximum speed) they'll disconnect after a short while. The reason for this is that Nexon has code in place which will detect many of these abnormalities. ALl they need is a snippet of code that does something like:

if speed>140; then disconnect

That's all they need in order to stop many script kiddies. I think the reason that there aren't any automatic 'Level Up' packets out there is because of Nexon's use of experience. I'm guessing that Nexon servers will keep track of the total amount of experience there are in each map, and you can't get more experience then there is to get. Hard thing to explain, but think of it like this. In a room, there are 30 pigs. No matter how many times you try to "hack the system", you can't get more than 30 pigs out of that room. So let's say that there is a possibility of 64 experience in a certain map. Even if you send packets telling the server you've killed a snail over and over again, the maximum amount on experience you're going to get out of that map is 64, until the monsters spawn again. You can only get experience if something dies. If there are only 30 pigs in a map and they all die, you can't just pull more pigs out of the air. (I can, but I'm special.) Hackers might not be able to automatically level up, but killing masses of monsters do just fine. In the same sense, there are certain limits to your stats. The game just won't allow you to do things, unless you delete some code yourself and run it again, which I doubt anyone would spend the time to do.

IP banning isn't going to do anything, especially to anyone who is actually coding these hacks. They are smart enough to hide within layers of proxies. Only idiots would get themselves caught by the law enforcements.

Piggy, they can change the speed>140 then disconnect thing. They're using it to do some other hacks like gode mode PG hack and crap.

PG hack / god mode doesn't involve any packet editing, and code caving isn't as dangerous as packet editing.

As Dan may soon post somewhere, our guild leader (no names) put up a smega. She then received a whisper that someone will hack her account, steal her items, and delete the guild and all.
So, what you're saying is that the worst the guy can ACTUALLY do is just delete the guild?
Well, the good thing is that we still have a backup guild.
As long as she keeps her info secure, she won't get hacked. Though I'd advise her to stay off maple, and get a mule or something to train. They can hack you though being in the guild, going into the FM, ect.
I would also tell her to make everyone a non-Jr, so no one can invite possible hackers.
http://www.basilmarket.com/forum/672731/1//Guide__Protecting_your_Guild.html#
See this for more info.

Damn... after the fame hack was released it seems someone found out how to use the program and disband the guilds on the servers

PG hack / god mode doesn't involve any packet editing, and code caving isn't as dangerous as packet editing.

Use code caving to add bits and pieces of your own code to make if ( speed > 140 ) disconnect into something completely different.

BUT WAIT. Don't the mounts add more than 140 speed? Or was that just an example Piggy used?

BUT WAIT. Don't the mounts add more than 140 speed? Or was that just an example Piggy used?

Lol in that case it would be something like


if speed>140 And mount = false then
disconnect

or something lol, that was like VB format XD

wouldn't there have to be some kind of java coding also?

this probably spread around by the same people who believe stat hacks work and therefore try and sell them.

there is no possible way for them to hack your account if they can't obtain your details.

they could try and brute force it but that would take years and years

in other words..don't be scared unless you happen to have been doing something dodgie regarding MS(ie looking for hacks or bots)