Serial logins & VPNs & Rollback
-
Hello Players,
Not sure if you knew the full story already, but let me share some information about what happened in the last few weeks and why we were forced to change some things in the game.
Back in March, there was a player who connected to the server and changed the scoreboard's layout. That was our first case with the turkish cheaters. (at that time we didn't know who it was) We banned him (serial + ip + account) but he could change the ip and serial as well, and register new accounts.
We even asked MTA to help but they were 'unfriendly'.
When the server was down from April to late July due to my life threatening condition, nothing could happened.
There was a turkish guy on FB who said, someone is going to copy the server. Showed some really shitty proof, like taking photos/videos with mobile, etc.
He showed the F3 gangmanager menu's UI (the interface you see when press F3) that it was already copied. (Not sure if you know, but only having an UI is nothing. The behind logic, the backend still has to be programmed)
He said many times, that it isn't him, he just gives informations about it etc. He also said that the copy version is unplayable.We can do nothing about copy servers. If someone has the scripting knowledge he can do it. There is no trademark or things like that in MTA.
When the server was finally running, there were cheaters everyday, and we had to ban them like every 2-3 mins.
A few days later we noticed huge ammount of warnings in the server log that someone is trying to add himself as admin.
we banned the ip + serial, and one player automatically disconnected(Banned) - It was the guy who said he knows information about the copy server etc.He thought that his tries will not be shown and so foolishly he joined to the server with his real account, real ip and real serial. So we finally found out who was behind all of this.
Next day we banned the whole country (Turkey). Of course there will be some casualties, but we got informations that more turkish player use this kind of cheat, alongside with the vpn and serial changer. Not to mention that voteban for Turkey was a thing for years, and we never faced one turkish player who never ever insulted, did stating or bugabused.
He asked these turkish people for help to bring down GTO by sending unregistered communication events to the server.
Luckily or not, a lot of other MTA servers faced the exact same attack, and the MTA dev team rapidly made two useful functions against this kind of attack which we had to implement too.
But they could still connect to GTO and do cheats. We had like zero protection even though we use all AC and SD provided by MTA, and we have our own AC as well.
We implemented a VPN checker service, so at least they can't connect to the server. But this is not 100% accurate.
What they usually do is, to connecting with existing accounts, for example mine and do cheat on them.
When you connect to any server on MTA, you are already spawned at location 0,0,0 (Blueberry Acress) in dimension 0, and interior 0.
The camera is just pointed at Grove Street. Your charachter is frozen, so you can't move.
However somehow they can unfreeze the account, change the camera view back to the account and teleport it.
They can then add weapons and kill people. If you check on gtasa.eu no login happened so they can't harm any accounts this way but they can kill you and make xp/money lost, not to mention your precisious stats.Today their sickness has leveled. They knew that they can basically set their serial to anything. They just had to get a working VPN.
With this way, they changed their serials to existing ones, and loggined via the automatic serial based feature to accounts. They got information on what could be certain accounts' serial is. For example if you ban yourself for 60 minutes on web, your serial will be visible for 60 minutes. Or if you already lent your account to them, they can login to it on web, and go checking all the IPs and serials in Player Settings.They used these ways to get accounts serial and did all kind of bad things, like selling houses, buying new ones, transferring money to someone etc.
We could not investigate on exactly which accounts were harmed.Since every account has 50+ associated serials and every serials are used on like 50+ accounts there is no way for us to detect the real person behind players. This is why it was a bad thing to ever let your account to someone else ....
The IPs they used for this attack was a well known VPN service which some of you players are used already.At this rate the only solution for us was to rollback the server database. Rollback means that we periodically make a save file of the database, and when it is needed (like now) we can set back the server to one of those backup savefiles.
We had a backup save at 01:00.
The attacks were started after 06:00.
The rollback happened at 18:00.
So 17 hours of progress lost. Their harm got undone, but your player progress lost also, like levels, money etc.
We are very sorry for that.We today disabled a feature called automatic serial based login and will never ever be enabled again.
This means that everytime you connect to the server you must pass the credentials in order to play on that account.
We understand that some of you already forgot what was the password of an account.We are very sorry to say this, but it is fully your responsibility to set up an e-mail address to your account, and provide a password you remember, and strong enough.
We will not help any of you on recovering lost password accounts.
You can use https://gtasa.eu/recover if you have the e-mail on the account, otherwise the account will be lost. Don't ask for any kind of recover.I would also warn every single player now, that if a turkish or any other country's player connects with your account, and LOGINS to it with the password, that account will be banned if they cheat.
If they simply connect, without logining, you are fine don't worry.We highly recommend everyone, that change their passwords periodically, use strong passwords, like generated ones. Use different password on every account, even use different one on your e-mail address.
You can use password managing tools as well, or simply put them into a file with a key on it.Use /gtochangepass <newpassword> to set up a new password on an account. Best is to use this command in F8 Console, without '/' so you won't accidentally type your new password in the chat.
Use https://gtasa.eu/recover for recovering accounts with e-mail.
Please keep in mind that we recommend the use of @gmail.com as Microsoft blocked our VPS e-mail service due to other VPS users sent millions of unwanted spams to Microsoft e-mails (@hotmail.com, @outlook.com, etc.) so Microsoft just banned the whole Digital Ocean.