Wandering in Space's Kevin discord hack


I am sorry @Heliosurge feel free to delete this if you want but this have to get out.

I’ve been contacted by Kevin from Wandering in Space game some weeks ago for me to test the game but I told him I was now in a small room under the roof and didnt have space for standing VR for now.

Then, few days ago, this happened :

I am so mad, he almost got me but the worse is this company of lazy ass ppl, do you think once they know they did DM everyone, by a simple copy/paste a warning message instead of using a damn @everyone message? NO they didnt, this is inacceptable.
They dont even realize that once you join dozens of servers you must mute every servers or you get spammed every minute with @everyone message.
Incredible, a simple click → send message → paste and its done, even for 650ppl or so it would take a few min to a group of 3 or 4 ppl to do this.
But they DID NOT.
When you own a discord server and a company you also have responsabilities, like warning by DM everyone on the server about the hack of one of their dev who is asking everyone to open an .exe file to hack them also.

:no_entry_sign::x::name_badge::no_entry::no_entry:Wandering in Space team [MOONSEER VR] → Lazy ass shame company :no_entry_sign::x::name_badge::no_entry::no_entry:

To be honest this can be a good topic. From what O saw on Discord with them having to rebuild the server and such. Is that they are fairly new to social platforms.

Like the @everyone thing on Discord is something one might think would be effective as others suggested thi no s like DM and other things to do. Moonseer team.

DM on discord in my experience is not great either as I don’t always get the push notification and others have had similar issues.

Companies like most of us are more reactive than pro-active. Meaning that after we experience something unfortunate we make changes.

The Moonseer Dev make a mistake of trusting the wrong person and this started the dominos falling. One fellow whom was affected was also initially very angry refunded the game, posted some masty reviews. After je calmed and there team and community reached out. He came back saying he acted in haste.

Several discords from my understanding also were affected by this event.

So what do you think of discussing this event about how to safeguard ourselves netter?

I have to get ready for work and will later add to this topic.

Looks like there is a delay today for work.

In this modern age we have become very reliant on our mobile devices and PCs for doing just about everything. From simple web searches, gaming to sensitive stuff like banking.

Some good ways to protect oneself and there family:

  1. Don’t use simple easy to remember passwords. On OpenMR if you recall an admin level account was compromised by VRMust whom only had the user list & emails, on the plus we don’t have realky sensitive info stored. Which imho is a good thing.

The good is that even an Admin does not have access to passwords. So things like when Reddit had user list with passwords is very unlikely to happen.

  1. Multiple dedicated PCs: Keep 1 PC that looks after only sensitive stuff like online banking and perhaps online purchases. This computer should not be used for general browsing or used as the family PC. My gaming pc you wouldn’t get too much from it if hacked.

Your banking computer you should really never store passwords on it. Type them out each time.

  1. Use 2 Factor Authentication: This helps protect your accounts on different sites. that have this available.

  2. .Unknown Downloads & Perhaps Known Downloads: Download and open these on a safe pc. A hacker can only steal what is available.

The Moonseer DeV was hacked by misplaced trust and I do know he has had a hell of time fixing his personal finances as a result. It is never nice being hacked. The question for those like myself whom have never been hacked even on Facebook. Are we safe or lucky? I would say maybe a bit of both.

That being said a bad actor hacker is always out there waiting for opportunities to cause havok.

Site wise here I will be setting DM encryption default on for everyone. However need to ensure folks know to access DMs on other devices you will need to copy your paper key to authorize other devices. Otherwise you will not have access to your DMs on your other other devices.

Sorry but I cannot agree on this.
Even if we dont get the push message there is a notification on top of discord list, cannot miss it.
And last time I was on the serv, Kevin said he would DM everyone but he did not since right before I leave this serv, someone was asking about the hack and message he had from the hacked asking to download a file again, was something like yesterday.

Well I have missed DMs for days due to the poor layout. It always says there is posts above. And if your on multiple servers you can easily miss a DM… In fact a few ppl I DMed about the site here a few didn’t see it for a week. Maybeb8f your logging on with a PC it might be more visible but on Mobile it is a terrible design.

The notification system on Discourse is far better imho than Discord and Reddit.

You can’t control when someone will see things. A few users mentioned doing the Announce Category message you said yourself ppl get used to ignoring the @everyone.

Good habbits are the only real good protection. I have told pimax several times about crc checksum hash info on downloads. That way if it doesn’t match you know the download has a potential issue. How often have ppl claimed pitool has a virus?

Hmm wierd, on phone I have DM on top of the list, same as PC, impossible for me to miss a DM but 100% sure to miss a @everyone.
And yes I have joined about 30 servers so that is why they all are muted or I get easily @everyone spammed.

Of course I am not blamming them for being hacked, but not DM everyone about not replying to Kevin hacked account, this is a matter of minutes for a group of 3.

Well I miss DMs on discord if I am in pimax discord unless I swipe right and scroll up. There should be a popup to notify you of a DM vs the general notification used for discord server channels.

It was only fairly recently I figured out howvto find an @mention post to me on discord via the newer bottom menu. Before I usually scrolled up in a server channel until I found it.

Unfortunately out of there experience and didn’t have foresight for this type of situation.

Companies are often Reactive vs pro-active. Or rather a mix. Now there will likely be a procedure if this should happen. However with new safeguards in place it might not happen again. I am sure Kevin is more leary of trusting ppl as he was.

We see pimax often do things out of the norm we are used to; like the Terrible support issues at times that should be cut & dry. 4.5years since the KS launch and it is still often an uphill battle for people like Pimaxquorra and Jaap trying to get things to the level it should be.

I don’t see any DM unless I scroll up. DMs should not be handled the same as a server channel.

So yes it is easy to miss.

But by default it is scrolled to the top while servers are at the bottom/lower, when discord start up the DM notif are shown 100%
Or I would have missed the hacker message…while I missed the @ everyone from the team, like everyone else since the hacker keep messaging ppl and trying to hack some more, the @ everyone message is useless and a lazy and unresponsable way to warn ppl.

Not on my ap. It opens in the last channel/chat I was in. But I am on Android don’t know how it works on Apple.

As I said I have a few ppl whom have apologized for not getting back to me sooner due to Discord’s setup.

I have had the same until I changed how I use discord. I now swipe right and scroll up.

Best safety is safer internet use.

I checked on my kids phones and computers, they all have DM at top left when Discord is starting and asked a friend on IOS and same.
But even if it was the case that the DM notification is not showing up, it is about a DM sent from a hacker, so for ppl receiving their DM and before I leave the server (yesterday) there was some ppl again showing up asking about Kevin account sending them suspicious file, so the @ everyone (just like me) didnt work and a DM would have better effect, just like the hacker one.

Well yes it is at the top but it is not visible anytime I log into the ap. And as I also stated others I have sent DMs and others have found the same issue on Discord not being good at letting them know they have a DM.

The plus you didn’t fall victim because you checked things out on the server. It is also fortunate that you were not one of the earlier folks whom did fall victim. A couple of Discords had to rebuilt there servers.

In an age with majority of ppl having a gmail account it makes little sense to use a file hosting site. But that is besides the point.

The main thing is we all need safer online habits. And that is not always easy. I bought my mom an Android phone and will not be installing bank aps and the like because she often asks me when a popup ads say she has x number of viruses. But the phone os great for her with games to play.

I just loaded Discord for the first time today.

So I am not being dishonest as it seems you maybe suggesting. Loaded right into Pimax Discord.

This topic was automatically closed after 60 days. New replies are no longer allowed.