People Selling Streamyx Account ( Malaysia ISP )

[scriptop]

Hi there
Just want to inform that i have encounter many website and blog who claimed that they sell 4mbps streamyx account username and password..
Just for educational purpose, i send a few message to one of the blogger and he offer me an attractive price for a few 4mbps streamyx account. the reason why he selling "few" account is that because when the original owner of one of the account changed their password, at least i have a backup account ( that what the blogger told me ).
So I asked for a trial account ( which i didn't expect the blogger would really give me one ) and he gave to me one 1mbps account...then i test it..i change my account and password using the account that the blogger gave me..then i wait for my modem to reset..then, wow, i feel a significant change in my internet speed ( btw i subscribed to 384kbps at that time )
Finally, i test the speed using streamyx speedometer ( in my opinion the most accurate internet speed test for streamyx) and, woo woo woo, my internet speed became 1mbps.Then i quickly get back to my original setting afraid that TM might detect.
I am impress on how the blogger manage to get the account ( if somebody know, please reply this post or PM me ).
Then i asked the blogger what if TM finds out that i'm using other peoples account. Then he replied, that he has been using other people 4mbps account too and he intentionally call TM that his streamyx line has been hack. Then the TM staff just advice him to change the password, yes i repeat , just change the password..then he asked if TM can trace the hacker and the answer is yes but no action can be taken to the hackers..hahaha..typical TM excuse..

Well, i can explain more about other people experience where their streamyx account is is being used by somebody at other location but i am afraid i will be off topic.

By the way , the points is, with no stern action from TM and increasing number of account have been breached, just by changing password every week ( or maybe days ) seem to be an unproductive solution.

ohh, before i finished, at that time the blogger sell me 4 account for a double digit ( in ringgit malaysia )...but for now 1 account can reached RM100+..imagine selling 50 account per day..

I am very sorry for this long thread, just want to inform other people about this. I have send an e mail to TM regarding this problem and the reply is "Concerning on your enquiry, for your kind information subscriber only can enjoy connection speed based on package that customer had subscribed." haha.once again typical TM respond. Well, i am just concerned about the way TM handling these thing

Thank You for reading this thread and please be kind to like it or even expand this thread.

WooWooWooYouKnowIt ( WWWYKI )

[Raymond]

For a user that has never subscribed to broadband, they cannot connect to Streamyx even with a valid username and password because the port itself is not DSL enabled. So it only means that he is able to sell it to people that is already paying for Streamyx who wanted a much faster speed. Moreover when you are connected to the account, the owner of the account cannot connect to it and sooner or later he'll call up TM to reset his password.

Getting/Stealing a streamyx account is actually quite easy through wifi. If it is an open wifi without password, connect to it, and login to the router. Even WEP which can be cracked in 5 minutes using BackTrack. Those *tupid guys at TM gave routers for free WITH default login username and password (tmuser or tmadmin). Using a a tool called BulletsPassView, you are able to see the hidden password.

[scriptop]

it's so easy to steal a streamyx account.
Is there any procedure to keep the Wi-fi safe beside having long password and WEP which seem to be useless now.

[Raymond]

WEP is just useless. Use WPA2 with a password that don't exist in dictionary.
If you are forced to use WEP, enable mac filtering.

---------- Post added at 09:05 PM ---------- Previous post was at 04:36 PM ----------

While washing the plates just now, I thought of a much easier way compared to hacking wifi.

All they need to do is use a port scanner that is able to scan IP ranges, and scan for 80 (web based administration). The port scanner can be configured to look for a specific text from the web base admin page and then use the default tmuser or tmadmin to login.