GMS MTS – WARNING!

UPDATE: MTS is now down because of this issue. Good news – it will be fixed during tomorrow’s 6-hour maintenance. However, you might still get hacked. Click here to see a list of people whose information is in hackers’ hands. Please note that this list is ONLY character names, so search for your character’s name (use CTRL + F). The original list also had Nexon ID’s but it will not be posted. Credits to Penitent of BasilMarket for the list.

Hello Maplers,

As some of you may be aware there is an exploit with the MTS that allows certain abusers to find your user ID. While we work on addressing this exploit please know that the MTS is safe to use and will not compromise your account as long as you have kept your password up to date with a secure PIC.

We greatly apologize for the inconveniences this has caused for our players. Thank you.

-GM Hime, Source: http://forum.nexon.net/MapleStory/forums/thread/8165829.aspx

Seems ridiculous, I know. Not too long ago I warned you about MapleStory Adventures, and now it’s MTS.
However, this is much more serious. With MapleStory Adventures, I had no solid proof at all nor did Nexon say anything. Here, Nexon IS our proof.

Apparently, selling an item in MTS exposes your ID and password and hackers can get it. There have been reports of people being hacked because of this issue, however nobody trusted them till now.

The matter is serious. If you have anything in MTS, TAKE IT NOW. Don’t buy anything till it’s fixed.

While we work on addressing this exploit please know that the MTS is safe to use and will not compromise your account as long as you have kept your password up to date with a secure PIC.

No. Don’t use the MTS at all, even if your PIC is something like ‘HEJFOFNWIDKFBWK13378384773’. PIC is actually crackable and hackers will have no problem bypassing it.

This is your warning, get all the stuff you currently have in MTS and stay away from MTS until further notice. Many people are getting hacked lately, and you don’t need to be the next victim.

~shakar96

By shakar96 Posted in gMS

58 comments on “GMS MTS – WARNING!

  1. I doubt passwords are being found out just from the MTS. It’s more likely that hackers find out your password or bypass the password when they acquire your ID.

    • Let’s say I’m a hacker.
      > Get ID.
      > Now password. Mhmm, what to do now? RANDOM CODE GENERATOR!
      > After a couple of tries, banned. However, assuming he can bypass the penalty (which he can’t):
      Not possible to spam random codes, all those codes are sent to Nexon’s server and they would notice a billion codes every second from the same source. He’ll have to do it slowly.
      > 1 year later – YES I HAXED TEH ACCOUNT ZOMG! (…the password was 123456).
      > NOO! (The person he hacked quit MapleStory/got hacked by then)

      Nope, pretty sure they can also see the user’s password. Unless they’re really good password guess’ers.

      • Okay maybe they can bypass the password >.<. Why would Nexon admit to hackers being able to acquire your ID but not your password and then not take down MTS?

      • They don’t want people to know that they messed up, again. The only way they could possibly get the password (if not from MTS) is hacking Nexon’s server, which they wouldn’t do (otherwise they’d go to jail). Not possible to be bypassed.

      • Actually, you can input a password an infinite number of times now. I and a few friends tried it out. So yes you can spam random codes now and its worse if you have a bot do it.

        There is also supposedly a hack that allows you to obtain a person’s pass and pic using the IGN and Neon ID of someone.

      • I’m not so sure about that. DC hacking works by spamming players with packets until their client crashes with an Error. Its likely that nexon has no defence against any form of packet spamming.

  2. Hey what if you have store items in the past month by just listing an item in a impossible price so it doesnt get sold, but it will pass by like ten days unsold so it will go to that storage area in mts. Ps I haven’t been to mts in a month.

  3. God, maybe they used Maple Adventures as a decoy and this was the real thing, cuz i linked my accs and didnt get hacked. Maybe they have other tricks up their sleeves too, be careful!

      • Well, it’s FaceBook. Facebook and Maplestory are two very different sites, and if you did link your maplestory account to the FaceBook one, well you automatically got a 50/50 chance for your account info to get leaked onto the site ads. That’s why even FaceBook is not safe at times because they literally got permission to “share” the info you linked.

  4. Hackers can crack your pic super easily and there’re some exploit on the Earn free NX site that allow they to find out your resistered information ( Name, B day,…). The best way to prevent being hacked is STAY AWAY from logging in on the website, scan your computer daily to prevent being keylogged and change your pic on a scanned computer.

  5. If I just cancel the sell, but I keep it in MTS, can I get hacked?
    And can I get hacked only from entering MTS or only selling stuff there?

  6. The hackers can get ID and Passwords, both. But Nexon WILL NOT accept it because that would be terrible for them, they will NEVER accept that their players gets hacked for Nexon’s fault, after you take off your items through MTS I suggest you to change your password.

  7. Did you guys realized about the new thread in Nexon main website?

    “Greetings players,

    DFO is currently running a security campaign asking everyone to change their password. If you have created a DFO character at some point, you may be included in this campaign so if you see a message asking you to update your password or possibly a login error, please update your password on the Account Settings page.

    -The Nexon Team-”

    Ok so, everyone knows that the hackers took It’s ID’s players and PASSWORDS, (not the PIC thought) Nexon just doesn’t want to accept it because they do not want to be responsible of their exploits that caused thousands of players hacked. They don’t want to assume the rensposability because they should be screwed and more hated of their players.

    • Woah that’s a lot of people. Luckily, I didn’t log on to GMS in months.
      Change your password. They are not distributing the users’ passwords for obvious reason but they will hack each player, one at a time, on that list since they have their passwords.

  8. … Umm what’s the hack list? I mean the website? Because I would REALLY like to know Dx
    And if I’m on there… Oh well I don’t play that much anyways 😛

  9. oh gosh this is scary o.o im already parinoid cause of da facebook thing ( cause u no i didnt realy….read your warining untill…..after…..) so everytime i log on im checkin my stuff expecting to get hacked and now im like changeing my password and pic daily T.T (amazing how i can remember dem all) so anywayyyy anyOTHER advice or am i good 😛

  10. Trust me, I’m 100% certain that it only gives IDs, as I’ve seen the release of the method used to find the IDs.

    They have other, indirect ways of finding PWs, which explains why most people who use the MTS aren’t hacked.

  11. Thanks for posting the list. Its a relief that mine are not on it, but I did see some of my friends on their. They need to offer ID change or something. This is very sad, but UNFORTUNATELY after playing MS for 5 years, its just more O’ the SOS.

  12. “selling an item in MTS exposes your ID and password and hackers can get it.”

    I don’t think it exposes the password. They might be able to guess/obtain the password by password crackers but I don’t think the MTS exposes them.

    • Its confirmed that they can obtain your login ID, and its confirmed that that mass hackings have occurred because of this exploit.

      How they get the pass and pic varies between brute force, to other form of password/pic crackers. Who knows, maybe there is a hack that is allowing them to read your password off of these same packets.You never know what these hackers have up their sleeves.

  13. I looked through the list and didn’t find any of my character names or any of my friends names. 😀

    Oddly enough though, I looked up a person who recently scammed one of my friends (One of my newbier friends who just started playing -.-) and his name was on this list. I guess it is karma.

    Btw, I’m not celebrating about him probably going to be hacked because no one really deserves to be hacked but it is just one of those coincidence moments.

  14. Hey do you have any info on the hacker making some characters lvl 1 in random worlds? I got a “djpong3” character created in windia after this happened.

  15. So now I got hacked. I have only visited this site just now..
    And my character’s name is in the list of vulnerable people…
    I swear to God that I have not shared any information regarding my account and I have not downloaded any malicious software..

    I really hope Nexon would rollback my account…
    Until then, I don’t feel like playing because I lost too much from the hack that came just because I utilize the use of MTS…

    I honestly would tell that I really hate Nexon in the past for letting hackers and exploiters run the game..Recently I learned to appreciate what they do. NOT UNTIL THIS MTS LEAK HAPPENED.

    Seriously now, Nexon MUST do something about this. They could check my account and see if I am lying, I really was hacked and deserves to be compensated for getting hacked because of the fault and shortcomings of the very company that I patronized.

  16. I’m just saying that I got hacked oliva chair, dragon chair(inferno), 10ATT wg, PAC, IlbiX5, evolving ring 7, 100m. But my name isn’t on there. Does that mean I won’t get my items back? My nickname is IEhwI

  17. Hi there! This article couldn’t be written any better! Looking through this article reminds me of my previous roommate! He continually kept preaching about this. I am going to send this post to him. Pretty sure he’s going to
    have a good read. Many thanks for sharing!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s