Chat CIMB kena hack?
|
|
 Dec 17 2018, 03:55 AM
Show posts by this member only | IPv6 | Post
#421
|
 
Senior Member
1,437 posts Joined: Mar 2009 From: ME TO YOU   
|
QUOTE(Boy96 @ Dec 17 2018, 03:41 AM) Great. Now suddenly my CIMB say need to reset password after I tried the password + 123456 trick.. Sounds like good thing. Imagine if it actually worked. Someone might already took advantage of that.Kenot even login already  |
|
|
|
|
|
Dec 17 2018, 03:57 AM
|
Junior Member
72 posts Joined: Apr 2015
|
20k celery wei
kek |
|
|
Dec 17 2018, 04:04 AM
|
Junior Member
80 posts Joined: Jun 2011
|
QUOTE(juneong @ Dec 17 2018, 03:22 AM) my password need 34 thousand year to crack, is that secure ? That site knows your password now, all they need is your username. If only there was a site to check how secure your username is xD |
|
|
Dec 17 2018, 04:04 AM
|
Senior Member
3,125 posts Joined: Jun 2008 From: Mars 
|
QUOTE(leftycall9 @ Dec 17 2018, 03:16 AM) CIMB didn't send any warning or anything about this through message or announcement. yeah I'm really pissed :/ it happened to mine and my friend's account. not sure about others but I have changed my password QUOTE(haimirmaya @ Dec 17 2018, 03:38 AM) Pukimak fucking thru. Password + 12345678 is working. Only through apps? If website working or notI need to disable my clickaccount until this sort out!!! |
|
|
Dec 17 2018, 04:13 AM
|
|
Senior Member
3,125 posts Joined: Jun 2008 From: Mars
|
I use any character plus 12345678 is not working.. So I am safe?
|
|
|
Dec 17 2018, 04:17 AM
|
Senior Member
3,317 posts Joined: Jun 2008 From: Cheras ~ London WC1E 7HU~ Shenzhen 
|
i think i kena, not too sure as i did not receive the SMSes, but my available balance is definitely far lower than I expected, and debit transactions don't update until at least 3~4 days later.
called CIMB call center, have been put on hold for 20 minutes, looks like they're really overloaded, even at this hour |
|
|
|
|
|
Dec 17 2018, 04:23 AM
|
|
Senior Member
3,125 posts Joined: Jun 2008 From: Mars
|
QUOTE(KuzumiTaiga @ Dec 17 2018, 04:17 AM) i think i kena, not too sure as i did not receive the SMSes, but my available balance is definitely far lower than I expected, and debit transactions don't update until at least 3~4 days later. What the issue actually? My acc is new and my password is not 8 characters... So I shouldn't be affected rite? But I see they said those recapcha is other story?called CIMB call center, have been put on hold for 20 minutes, looks like they're really overloaded, even at this hour |
|
|
Dec 17 2018, 04:26 AM
Show posts by this member only | IPv6 | Post
#428
|
|
Senior Member
1,998 posts Joined: Jan 2003 
|
Other bank got this problem?
|
|
|
Dec 17 2018, 04:27 AM
Show posts by this member only | IPv6 | Post
#429
|
|
Senior Member
1,998 posts Joined: Jan 2003
|
QUOTE(KuzumiTaiga @ Dec 17 2018, 04:17 AM) i think i kena, not too sure as i did not receive the SMSes, but my available balance is definitely far lower than I expected, and debit transactions don't update until at least 3~4 days later. Ur wangs kena ccuri?called CIMB call center, have been put on hold for 20 minutes, looks like they're really overloaded, even at this hour See transaksi rekod to where This post has been edited by olman: Dec 17 2018, 04:28 AM |
|
|
Dec 17 2018, 04:35 AM
|
|
Senior Member
3,125 posts Joined: Jun 2008 From: Mars
|
Idk what is the problem after read so long.. How the hack take place? The recapcha ntg, I saw it and I didn't click or do anything.. I just use desktop go website n try simple password my acc still secure till I use my own password I only able login.. So I logged in will my password leak? Lol
|
|
|
Dec 17 2018, 04:38 AM
|
Junior Member
412 posts Joined: May 2009
|
Lel try login with that exploit using webpage also could work just now..
|
|
|
Dec 17 2018, 04:43 AM
|
|
Junior Member
91 posts Joined: Oct 2018
|
QUOTE(haimirmaya @ Dec 17 2018, 03:38 AM) Pukimak fucking thru. Password + 12345678 is working. But the hacker has to resolve the "Password" part of the equation first right?I need to disable my clickaccount until this sort out!!! |
|
|
Dec 17 2018, 04:44 AM
|
Senior Member
1,110 posts Joined: Jan 2003
|
After i changed my password to complex password now I cannot login with the password trick anymore.
Still considering moving my money out of CIMB for now |
|
|
|
|
|
Dec 17 2018, 04:49 AM
|
Junior Member
597 posts Joined: Oct 2018
|
QUOTE(aku_ker @ Dec 17 2018, 01:32 AM) The only issue is you can type your password + random numbers and able to login.it takes more than that to transfer money to unknown account. Can explain more on the above? For Maybank u know right you can withdraw money without ATM card. Anyway it's a security flaw and cimb should announce and take action.  QUOTE(Jibbynomo @ Dec 17 2018, 01:38 AM) For me i noticed now transfer money also no need any tac for verification. Crazy. So if they masuk someone acc and no need tac verify... Thats it Which bank can do that? QUOTE(hor @ Dec 17 2018, 02:14 AM) My wild guess: 1) Business: ok guys we need to remove the 8 char pw limitation 2) Tester: wth I used to type the same but now couldn't login 3) Dev: that's easy, we just attempt login with full input and if cant we try again with first 8 char only *roll out* 4) Customer: wth I can login with extra junk char 5) Dev: (*oh shit)  QUOTE(teehk_tee @ Dec 17 2018, 02:22 AM) Cant they void all the old passwords and force customers to update new pw upon login? Many brokerages do this. Maybank actually do this a couple of months ago, I was force to change my password a couple of times. Probably kena... Not allow 8char + whatever shit to login.  QUOTE(leftycall9 @ Dec 17 2018, 03:16 AM) CIMB didn't send any warning or anything about this through message or announcement. yeah I'm really pissed :/ What! it happened to mine and my friend's account. not sure about others but I have changed my password Password : 12345678 can log into your accounts?  |
|
|
Dec 17 2018, 04:50 AM
Show posts by this member only | IPv6 | Post
#435
|
Junior Member
150 posts Joined: Mar 2008
|
can someone uodate the first post regarding what to do with this case. wake up 4.30am and read all this shit up.
|
|
|
Dec 17 2018, 04:54 AM
|
|
Senior Member
1,110 posts Joined: Jan 2003
|
QUOTE(leymahn @ Dec 17 2018, 04:50 AM) can someone uodate the first post regarding what to do with this case. wake up 4.30am and read all this shit up. TLDR: if your password is a simple password, change to complex password (UPPER CASE + lower case + NUMBER + special character) then your login is safe |
|
|
Dec 17 2018, 04:55 AM
Show posts by this member only | IPv6 | Post
#437
|
|
Junior Member
150 posts Joined: Mar 2008
|
QUOTE(sharpman @ Dec 17 2018, 04:54 AM) TLDR: if your password is a simple password, change to complex password (UPPER CASE + lower case + NUMBER + special character) then your login is safe okay thanx |
|
|
Dec 17 2018, 05:18 AM
|
Senior Member
979 posts Joined: Jan 2003
|
from my what i understand.
CIMB put limit of 8 characters long password, but on their login page their password text box can input more than 8. So when people key in their password + random characters, they still can login. BUT technically correct cos the system only check the first 8 characters which is their password. BUT logically is wrong cos anything you key in is not the same as your password EVEN with extra character is considered wrong. eg, apple123 is not the same as apple123456 imma rite???? |
|
|
Dec 17 2018, 05:39 AM
Show posts by this member only | IPv6 | Post
#439
|
Senior Member
1,566 posts Joined: Jun 2013
|
wanna log in via browser but already ask to click captcha, sked to proceed.
so how now to change log in and change new password??? |
|
|
Dec 17 2018, 05:42 AM
|
Senior Member
4,723 posts Joined: Apr 2008
|
QUOTE(red1982 @ Dec 17 2018, 02:46 AM) For those who wants to know whether your password are secure .. test it here https://howsecureismypassword.net/ It would take a computer about93 TRILLION YEARS Kek |
| Change to: |  0.0166sec
 0.44
 6 queries
 GZIP Disabled
Time is now: 13th December 2025 - 01:01 PM |
Quote