Hi, quite a serious post, please don't instantly dismiss what i have to say as there is something fishy about it.

About 3 months ago I had my account hacked, it just happened to conincide with myself starting up multiboxing again. After getting everything recovered i attached an authenticator to the account and have never had problems since.

About 2 weeks ago a RL mate re-subed and I logged on to his account a couple of times from my machine to give him gold and let him know what state his character was in as he was DL'ing and patching the client. Now hes running a Mac and although they are not immune to viriuses I do know that there are few people that bother writing them for it.

This morning as we both logged on I accidently hit the Innerspace short cut on my quickstart bar. thinking nothing of it i closed the application 10 secs after opening it. About 1 hour later my mate kept getting disconnected, then his password was changed and he couldn't log on. he quickly managed to reset his password and got back on his account before much damage was done.

When i was hacked about 3 months ago it was when i had download innerspace for the first time. i has never crossed my mind until now as i paid for a 3 month sub, loads of people use it and it seems like a legit piece of software. my mate also logged into his email from my machine so all the details nessesary to take the account and change the password where there, it just so happened to be just after i opened innerspace, which i haven't done for the last 2 months.

This may just be a massive coincidence but it needs to be looked at.

Thanks

Just my two cents,

I don't think the account hacking issue has anything to do with Innerspace or ISBoxer. I have been subscribed to Innerspace since December last year. I only recently (couple months ago) got an authenticator for my accounts. I have never been hacked with or without the authenticator, or while using Innerspace.

What PROBABLY occured, is that some website you visited managed to install a keylogger on your system. That would explain how both accounts got hacked. If the keylogger is still on your machine, when you logged into your friend's account, it got his account info.

The fact that you happened to use the IS shortcut is probably just a coincidence. I would strongly recommend that you completely wipe and scrub your system to remove the keylogger, then re-install everything clean.

Also, your friend needs to get an authenticator ASAP, since whoever installed the keylogger now has his account login info. Without an authenticator, they can just brute force his password.

Hmmm... Inner Space hasn't hacked me yet.

I dont know man, Lax is pretty close to Hax........... busted!

Innerspace, assuming you got it from a valid source, should be perfectly safe. It would be just plain bad business for Lax to go around letting his program get tied to keyloggers. You could have gotten it simply by visiting a site, as some can be installed without your knowledge through ads etc. And it doesn't need to be a fishy or even wow-related site.

Both you and your friend should do a full virus and malware scan, make sure ALL your plugins and security tools are patched and up to date and change your passwords and Battlenet info from a CLEAN computer. Since some keyloggers are notoriously hard to get rid of, you may need to go all out and format/reinstall your OS. There's also been a few posts stating that some keyloggers won't be detected until you load WoW, so try that, too.

I'd also second the idea of getting an authenticator on your friend's account.

I've been using Innerspace and Lax's products for probably at least 3-4 years. Over multiple games. Never had a problem. Innerspace "hacking" accounts would be about as smart as Blizzard hacking their own accounts.

I never got hacked because I know how to use the internet:o

I wear protection each time I start IS.

I wear protection each time I start IS.

Sounds nasty on days with long playing time. Sweaty ftl;)

I never got hacked because I know how to use the internet:o

Atleast you think you do :P

I never got hacked because I know how to use the internet:o

This is a false statement, even though I'm sure you were saying it in jest. You don't need to do anything incorrect to get hacked now a days.

I know how to use the internet and I was hacked a few years ago when wowhead.com sold advertising space to someone who put up a malicious ad which installed a keylogger. Even when visiting sites with a good reputation you can get hacked.

Yes I could have "not installed flash" and I wouldn't have been hacked, but I compromise my internet safety to enjoy the internet experience and rich multimedia content. This is a trade-off that I make.

These things can happen outside of your control. Honestly no one is safe if they are on the internet. If someone wants to get into your computers and they are on the internet there is almost nothing from stopping them if they want it bad enough.

It's like saying a car alarm protects your car. The alarm is just a deterrent, just like locks, or any other security device. Those things only stop the people that are opportunistic thieves. If someone wants it bad enough you don't have a chance.

We all risk this while on the internet and we protect ourselves from 99.9% of the threats because we just aren't worth the time/effort to get hacked by the people that could get to us regardless of what we do.

It is possible your Innerspace exe got infected with something that got run everytime you clicked on it.

Like others I have been using Lavishsoft products for awhile now and been very happy with the updates, the support and the product itself. I think my only gripe I've ever had about the software is its lack of detailed documentation, but I can forgive this for the software evolves so quickly and I love that part about it. :)

Perhaps download AVG/Mcafee and Spybot etc and check your system?

this happened before I got hacked, therefore it caused the hack

These things can happen outside of your control. Honestly no one is safe if they are on the internet. If someone wants to get into your computers and they are on the internet there is almost nothing from stopping them if they want it bad enough.
...
We all risk this while on the internet and we protect ourselves from 99.9% of the threats because we just aren't worth the time/effort to get hacked by the people that could get to us regardless of what we do.

You can always use a decent operating system you know ... and I lol-ed @ the 99,9%

I didn't read the other posts here but I'm willing to give my thoughts, it is quit possible that if you were doing a lot of research about class/macros/FTL at the same time as acquiring the IS/ISBoxer software, you just happen to get hacked at the same same time. I have used Lavish software for over a year without ever a thought about hacking.

I do take a lot of precaution in the things I do but online, that doesn't mean that I won't get hacked, just that I'm a bit more proactive than some. Just saying, consider that you were doing a lot more than just buying multiboxing software, you needed the info on what your specs/gems/whatever else that you looked into at that same time.

It's an interesting thought... Symantec seemed to think Inner space was acting like a keylogger after it updated itself in the last couple of days. But I haven't been hacked yet. :) so can't say I'm too worried. Not all of my accounts have authenticators on em yet.

One of the simplest and easiest things one can do beyond AV/Firewal, windows updatesl etc etc is use Firefox instead of Internet Explorer. While far from full proof it generally seems to be a safer option when surfing.

One of the simplest things you can do is spend a buck on the Authenticator app or $7 on a keyfob authenticator. Counting on a browser to protect you is like counting on an uncommon name from protecting you from identity theft.

One of the simplest things you can do is spend a buck on the Authenticator app or $7 on a keyfob authenticator. Counting on a browser to protect you is like counting on an uncommon name from protecting you from identity theft.

I'm fairly confident in my computer security... since I work in the industry.. I wasn't recommending people not get one, I think everyone should get one, if they don't they can't really complain about getting hacked since it is so very easy to get hacked these days.

I'm fairly confident in my computer security... since I work in the industry. I wasn't recommending people not get one, I think everyone should get one, if they don't they can't really complain about getting hacked since it is so very easy to get hacked these days.
So was heyaz over here (http://www.dual-boxing.com/showthread.php?t=30393). [His third post down from the 1st]

I seriously doubt that; I'm a security analyst by profession and have done phishing campaigns myself. I loaded the emails in a VM and inspected the headers and links which all pointed to the official Blizzard sites - they would've had to have spoofed the content client-side via a rootkit level proxy, DNS or some other method. The accounts were locked out before I even read the emails. If they managed to trick me, honestly, they deserve it.

Hmmm... Inner Space hasn't hacked me yet.

Hmmm, but I do seeem to recall you got a very 'persuasive' letter from Blizzard's Legal department that one time...


To the OP - I highly doubt it's Innerspace, Lax has too much to lose to do something like that. The only possible connection would be if you somehow downloaded it from an unnoficial source, like a torrent, and a nasty person had snuck a keylogger on it - but that could happen to any file you download.

So was heyaz over here (http://www.dual-boxing.com/showthread.php?t=30393). [His third post down from the 1st]

hey that hack was the best thing to happen to me in awhile, I made 10s of thousands of gold off it. Got professions up, ton of 264 gear for my pally tank, and more

I wish they'd do it again

I've decompiled ISBoxer and there is no hack in it.

I've decompiled ISBoxer and there is no hack in it.

I'm the Queen of England and I've given Innerspace the Royal Seal of Approval.

Seriously, some random guy saying something on the internet doesn't make it true...

I got hacked by Lax and he still hasn't given me my gold back :(

I was playing my shammy team, all of a sudden I get a tell from a slave shaman saying, "This is Lax, I haz your golds"

Sorry, OP, I think its a random coincidence and not innerspace.

It isn't Innerspace because I am the unluckiest person in the world and have been using IS for over a year now =) Surely considering my previous luck I would have been the first on the list!

But seriously... Do you realize how much trouble Lax would be in if he had hacks builts into his software? Sure Lax comes on here and talks to us but he is a professional software developer. He isn't just some dude who knows how to code and threw together a piece of multiboxing software. Lavish Software is his company and his career. If the interest was large enough it'd be sold in stores.

Anyway Lax is a real stand up guy and wouldn't do such a thing. You just had a run of that old bad luck.

I've decompiled ISBoxer and there is no hack in it.

As you've decompiled IS and gone through it to look for hacks you'll be able to answer this question:

How does Innerspace send keystrokes and mouse clicks to background windows and make it look like the window has focus? A technical answer is needed not just the name of some random high level technology.

Of course if you don't know, well then that just proves you're a liar.