Player griefing with infinite accounts
Player griefing with infinite accounts
Hello,
I'm one of the admin of a popular multiplayer game (Free biter battle). We recently encoutered an issue with one toxic player who get banned but constantly rejoin server with new account names. We recognise him from behavior, way of playing and similar toxic talk and playing. Banning him is useless as he is able to generate an infinite number of new accounts. We suspect the use of a keygen, but are still unsure of the process. We have no solutions to manage this issue and we are forced to suffer from his toxic behavior as for now.
I'm one of the admin of a popular multiplayer game (Free biter battle). We recently encoutered an issue with one toxic player who get banned but constantly rejoin server with new account names. We recognise him from behavior, way of playing and similar toxic talk and playing. Banning him is useless as he is able to generate an infinite number of new accounts. We suspect the use of a keygen, but are still unsure of the process. We have no solutions to manage this issue and we are forced to suffer from his toxic behavior as for now.
Re: Player griefing with infinite accounts
Hi,
This is best resolved by emailing support:
support@factorio.com
With as much info as you can provide, usernames they use, etc.
This is best resolved by emailing support:
support@factorio.com
With as much info as you can provide, usernames they use, etc.
Re: Player griefing with infinite accounts
Thank you for the answer.
-
- Inserter
- Posts: 27
- Joined: Sat Nov 26, 2016 11:48 am
- Contact:
[1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
Hello,
We have noticed on biter battles server (which usually have 25+) players that one player is able to dodge/work around the ban system of factorio very often.
I'm unsure of how he does it, but he regurlary comes back (even when banned), it has been like that for months. Example of nicks :
perkele321, 20, Low3...and so on....
However everything is correctly checked on the server to prevent griefers (allow authenticated users only..). The only idea I'm seeing is that he has like 10-20 accounts, and he is switching nickname every x months to keep dodging ban and comes back once in a while maybe...?
We can't obviously not make it MP because it's a mp pvp scenario, and we like seeing new players joining us (so we will always allow new players to join)
I've tried by curiosity to see if I could log in as another user or change name by editing memory, didn't work at all.
Would it be possible to stick ban even after name change? Or maybe if you have an idea on how he does it on your end (maybe it's not nickname change he's doing to dodge ban but something else)...?
And I doubt he has 8797469165 steam accounts.
Thanks you in advance,
Regards.
Merged...
We have noticed on biter battles server (which usually have 25+) players that one player is able to dodge/work around the ban system of factorio very often.
I'm unsure of how he does it, but he regurlary comes back (even when banned), it has been like that for months. Example of nicks :
perkele321, 20, Low3...and so on....
However everything is correctly checked on the server to prevent griefers (allow authenticated users only..). The only idea I'm seeing is that he has like 10-20 accounts, and he is switching nickname every x months to keep dodging ban and comes back once in a while maybe...?
We can't obviously not make it MP because it's a mp pvp scenario, and we like seeing new players joining us (so we will always allow new players to join)
I've tried by curiosity to see if I could log in as another user or change name by editing memory, didn't work at all.
Would it be possible to stick ban even after name change? Or maybe if you have an idea on how he does it on your end (maybe it's not nickname change he's doing to dodge ban but something else)...?
And I doubt he has 8797469165 steam accounts.
Thanks you in advance,
Regards.
Merged...
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
Hi,Masamune00 wrote: ↑Sat Dec 11, 2021 7:30 pmHello,
We have noticed on biter battles server (which usually have 25+) players that one player is able to dodge/work around the ban system of factorio very often.
I'm unsure of how he does it, but he regurlary comes back (even when banned), it has been like that for months. Example of nicks :
perkele321, 20, Low3...and so on....
However everything is correctly checked on the server to prevent griefers (allow authenticated users only..). The only idea I'm seeing is that he has like 10-20 accounts, and he is switching nickname every x months to keep dodging ban and comes back once in a while maybe...?
We can't obviously not make it MP because it's a mp pvp scenario, and we like seeing new players joining us (so we will always allow new players to join)
I've tried by curiosity to see if I could log in as another user or change name by editing memory, didn't work at all.
Would it be possible to stick ban even after name change? Or maybe if you have an idea on how he does it on your end (maybe it's not nickname change he's doing to dodge ban but something else)...?
And I doubt he has 8797469165 steam accounts.
Thanks you in advance,
Regards.
Merged...
The process is ongoing, the jist of it, is that the guy is using hacked accounts, from leaked databases online, such as the recent town of salem breach,
These are all legit and proper Factorio accounts, they just have weak email and password combos
The best thing to do is to keep track of all the usernams and send them to us on Email (support@factorio.com),
It will help us with tracking down what accounts are breached
-
- Inserter
- Posts: 27
- Joined: Sat Nov 26, 2016 11:48 am
- Contact:
Re: Player griefing with infinite accounts
Thanks you for the explanation, I understand now how he does it at least. Even if we can't do much, we will report any suspicious account.
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
Well that "recent" hack was nearly 3 years ago. And Wube can do what the Town of Salem staff did according to this guy: Just force new passwords on each and every of the hacked accounts.Klonan wrote: ↑Sat Dec 11, 2021 9:57 pmThe process is ongoing, the jist of it, is that the guy is using hacked accounts, from leaked databases online, such as the recent town of salem breach,
These are all legit and proper Factorio accounts, they just have weak email and password combos
The best thing to do is to keep track of all the usernams and send them to us on Email (support@factorio.com),
It will help us with tracking down what accounts are breached
Author of: Factorio Blueprint Decoder
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
He does not, but you can buy hacked steam accs for 2-3 dollars, depending on the games they have. I am not linking to any sites, to not generate additional traffic for them, but there are a lot of those services, especially in the eastern hemisphere. Your best bet is to ban him, as soon as he appears. He has to buy these accounts, or pay for buying whole batches of accs, but every ban is literally a financial hit for him. Sooner or later, his enjoyment will be less, than the money/ressources he is spending on this.Masamune00 wrote: ↑Sat Dec 11, 2021 7:30 pmHello,
And I doubt he has 8797469165 steam accounts.
Thanks you in advance,
If it makes this any easier for you, this "technology" is more or less standard, and is used for ban evasion in GTA, Counterstrike, etc. The developers of course have no (easy) way to stop these people - you can never know, when a steam acc is stolen, and is being maliciously used by a third party.
Pony/Furfag avatar? Opinion discarded.
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
Yeah, it's either that or he's been doing some credential stuffing with leaked databases to find accounts with shared credentials.
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
well, yes, they can submit all of the account emails to the Have I Been Pwned db and reset the credentials for anyone who appears in a list.
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
Sure, but you only can do so retroactively, after you realise, that account has been hacked or is being used by a third party with malicious intent.
Pony/Furfag avatar? Opinion discarded.
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
ptx's point and my point above is exactly the opposite: Wube and Steam can do something proactively! The hacked usernames and the passwords are known - as I understand it these lists can be downloaded and/or are known to services like haveibeenpwned. Therefore both Wube and Steam can force each of these accounts to set new passwords during the next login. Setting these passwords should also involve control of the customer's email address. Then either the real owner changes the password and everything is OK XOR the attacker changes the password locking out the real owner. In that case I expect that the real owner will escalate the issue to regain their legitimate access -- after which all things are sorted out also and the owner is made aware of the issue. Of course the new password should not be allowed to be one of the hacked ones
Author of: Factorio Blueprint Decoder
-
- Smart Inserter
- Posts: 2768
- Joined: Tue Apr 25, 2017 2:01 pm
- Contact:
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
That, of course, assumes that the real owner cares, sees the notification, etc.
My Mods: Classic Factorio Basic Oil Processing | Sulfur Production from Oils | Wood to Oil Processing | Infinite Resources - Normal Yield | Tree Saplings (Redux) | Alien Biomes Tweaked | Restrictions on Artificial Tiles | New Gear Girl & HR Graphics
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
They would not be able to log in until they set a new password, so no matter if they care or not, the account cannot be hijacked anymore.FuryoftheStars wrote: ↑Mon Dec 13, 2021 5:20 pmThat, of course, assumes that the real owner cares, sees the notification, etc.
-
- Smart Inserter
- Posts: 2768
- Joined: Tue Apr 25, 2017 2:01 pm
- Contact:
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
If the hijacker can get into the real owner's email (cause, you know, many people use the same passwords for various accounts), then they can. Which is this statement:Loewchen wrote: ↑Mon Dec 13, 2021 5:34 pmThey would not be able to log in until they set a new password, so no matter if they care or not, the account cannot be hijacked anymore.FuryoftheStars wrote: ↑Mon Dec 13, 2021 5:20 pmThat, of course, assumes that the real owner cares, sees the notification, etc.
That then leads to this statement:
Which is what then lead to what I said.
My Mods: Classic Factorio Basic Oil Processing | Sulfur Production from Oils | Wood to Oil Processing | Infinite Resources - Normal Yield | Tree Saplings (Redux) | Alien Biomes Tweaked | Restrictions on Artificial Tiles | New Gear Girl & HR Graphics
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
AFAIK Steam already uses haveibbenpwnd to lockdown accounts, have been for a long time. However it's not instant, that a leak is known, and often it's not even a leak, but someone is running some fishing operation silently, without the intent of openly selling/announcing that they have been amassing accounts.asheiduk wrote: ↑Mon Dec 13, 2021 4:42 pmptx's point and my point above is exactly the opposite: Wube and Steam can do something proactively! The hacked usernames and the passwords are known - as I understand it these lists can be downloaded and/or are known to services like haveibeenpwned. Therefore both Wube and Steam can force each of these accounts to set new passwords during the next login. Setting these passwords should also involve control of the customer's email address. Then either the real owner changes the password and everything is OK XOR the attacker changes the password locking out the real owner. In that case I expect that the real owner will escalate the issue to regain their legitimate access -- after which all things are sorted out also and the owner is made aware of the issue. Of course the new password should not be allowed to be one of the hacked ones
Also don't forget, that being in a breach does not imply, that an account is compromised - my main e-mail acc is included in 11 breaches, does not mean that I feel in any way additionaly insecure about places where it's used, since I don't reuse passwords.
Pony/Furfag avatar? Opinion discarded.
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
That's good to hear! Do have references for reading up on that?aka13 wrote: ↑Tue Dec 14, 2021 6:40 amAFAIK Steam already uses haveibbenpwnd to lockdown accounts, have been for a long time. However it's not instant, that a leak is known, and often it's not even a leak, but someone is running some fishing operation silently, without the intent of openly selling/announcing that they have been amassing accounts.
The story I have liked here doesn't talk about the whole list of breached accounts but about a sublist of specific 2,418,341 accounts where the password has been cracked and that list escaped and nothing was done within one year. That's a completely different level of NOOP.
Author of: Factorio Blueprint Decoder
Re: [1.1.49]Ban dodgeing : stick ban even after name change, or hole somewhere..?
I just did my best to google it, but can't find anything. But I swear I remember reading somewhere about it a couple of years ago, that there was something going on where valve got involved directly, not sure if it was this whole town of salem thing or not.
Pony/Furfag avatar? Opinion discarded.
Re: Player griefing with infinite accounts
something i do is use /permissions to create a Default permission set that doesn't include any griefable options - basically only let them walk and talk they can ask for more