Diablo® III

I lost all my money and items? Ver 2

I think mine was a guy named BatairAlai#1826. I dont remember playing with him and he has 3 chars all named YLLWPhantom and 2 are lvl 2 and a 3rd one is lvl 42. he could be innocent but I dont remember playing with them. and the fact that I dont know which one of his YLLWphantoms it says i played with makes me suspicious.
From EU, hacked too. My 58 barb stripped of his rare gear except a magic ring(blue), cleaned stash except a few low lvl gems and my Nightmarish Staff of Herding and all gold gone. Haven't bought or sold anything on the AH.

Got a new guy on recent player list, named "Yandong". He has 5-6 chars with gibberish names, all of them lvl 1 except a monk on lvl 2, a total play time of 5-6 hours and ONLY 69 monster kills, which makes absolutely no sense if he was a legit player (playing the game).
He is clearly part of those who have been "hacking" peoples accounts.

Read something on the forum here about them getting your session id's and taking control of your account that way, without the need to login with account details through the login screen - Which makes sense since even people with authenticators have had their accounts compromised the same way as those without.

It's obvious that it isn't keyloggers and stupid users, but a giant flaw in Blizzards security.

But the most worrying about all this is not the accounts being "hacked", but Blizzard not giving us any info at all!
People have had this happen too them the last 3 days, so they must without doubt know about this, but still choose to keep quiet about it!

I can't start re-gearing my barb before I know this won't happen again, so it would be awesome if Blizzard could give some info when this is fixed or at least for starters admit that they are at fault and are trying to do something.

Cheers.


You have someone named Yandong on your list and you're from EU? I have someone named that too, but I'm from Americas. Unfortunately, he's no longer on my list, but I wish I could check his characters.
Rift hada problem like this too

Everyone said it was phishing, it was your fault, etc.

Turns out people could just hack your login session without knowing your PW or anything

Sounds like this is what is happening with D3 and Bliz are afraid to admit it
lost all my stuff too. oh well, back to grinding.
epic n00bz x) st0p d0wnl0ad1ng t3h pr0nz
http://www.examiner.com/article/accounts-on-diablo-3-hacked
eh lost almost 750k. They didn't touch my gear lol.
-Changed password, email, and added authenticator
-submitted ticket
-30 minute reply
-1-2 hours till they rolled back
-lost two levels
not playing anymore till they sort it out
eh lost almost 750k. They didn't touch my gear lol.
-Changed password, email, and added authenticator


Problem #1. Get an authenticator and fix your security. This is standard fare for anyone who played WoW. If you don't have an authent, and you get your machine compromised, they'll put an authenticator on your account themselves to slow you down while they use your account for their own purposes.

If this was a Blizzard problem, I'd expect the Mac tech support forum to be full of hack posts, too. But it's not. It's just a few of you; about the amount I would expect, and very few with an authenticator, and most of those added after the hack.

Get your own ducks in a row and stop looking for someone else to blame.

This forum doesn't even have the amount of hack posts I would expect if Blizzard's security was broken.
Edited by mavfin#1816 on 5/21/2012 7:34 AM PDT
I can't believe how bad Jay Wilson lied to us. How can something this big not have a single response yet when he assured us that the game would be supported after release around the clock. I understand yesterday was Sunday and it's 7:30AM PST right now but it's not like Blizzard is ran by some kid in a garage.

How can something like this possibly be silent while the forums are barraged and flooded by reports while Blizzard's CS dept. is 100% in the dark and misinformed.
@mavfin

Whay you don't understand is the number of people hacked is small because the number of hackers is small... Do nothing and give them more time and you'll get hacked too, authentificator or not.
Edited by Dolora#1624 on 5/21/2012 7:41 AM PDT
eh lost almost 750k. They didn't touch my gear lol.
-Changed password, email, and added authenticator


Problem #1. Get an authenticator and fix your security. This is standard fare for anyone who played WoW. If you don't have an authent, and you get your machine compromised, they'll put an authenticator on your account themselves to slow you down while they use your account for their own purposes.

If this was a Blizzard problem, I'd expect the Mac tech support forum to be full of hack posts, too. But it's not. It's just a few of you; about the amount I would expect, and very few with an authenticator, and most of those added after the hack.

Get your own ducks in a row and stop looking for someone else to blame.

This forum doesn't even have the amount of hack posts I would expect if Blizzard's security was broken.


You seem to be totally blind. Get your facts straight before telling people to use authenticators. Even people with those have been hacked. It's not on the user's side, it's on Blizzard's. There are hundreds of people complaining around it here and on other forums. I do not see how that is not the "amount of posts you'd expect".
Edited by Merenwen#1627 on 5/21/2012 7:47 AM PDT
Just came here to say I was hacked last night as well. I contacted Blizzard about it. Hopefully they help me out soon.
Same thing happened to me. Log in, my character is at the first waypoint in New Tristam. My gold is all gone, all my blacksmith components are gone and all my potions (???). I have a suspicious person in "Last played" named Oat, a lvl 1 barbarian who recently played "aweker".

Luckily, this person did not take all my gems. They also left all my gear intact, did not touch my auctionhouse.

I only had 15k gold, and 20-ish blue, and 20-ish yellow blacksmith components, so no big loss for me, but still disheartening.

I do not have an authenticator. Last played was 17 hours ago (my game started lagging heavily, so I logged out for the night.)
1. Did you buy something from the auction house? Yes
2. Did you sell anything in the AH? Yes
3. Have you played public games? Yes
4. Were any items equipped purchased from AH? Yes
5. Do you have SMS protect? Yes
6. Do you have an authenticator? Didn't have one before (thought SMS was an equiv.) but I do now
7. Have you downloaded/installed anything since installing D3. No

The hackers changed my password without prompting email confirmation or triggering SMS protection. As soon as this happened, I quickly went to change my password back which proceeded as normal (email was sent requiring me to confirm the action before resetting my password)

Most definitely serverside
most certainly

6. Do you have an authenticator? Didn't have one before (thought SMS was an equiv.) but I do now


You didn't have one, but you blame Blizzard? LOL.


Most definitely serverside


Um,no.
Question for those hacked with authenticators: Did you have your authenticators set to require use with every login? Just curious as I noticed today that it was optional to use it with every login (checkbox in account setting for authenticators). I assume this is a setting for games as I have had to use it to login to this site every time I've come here, but only had to enter it when playing D3 once.
same got hacked my barb gear all gone plus gold, funny how they never took any of the gear on the other characters :|
1. Did you buy something from the auction house? Yes
2. Did you sell anything in the AH? Yes
3. Have you played public games? Yes
4. Were any items equipped purchased from AH? Yes
5. Do you have SMS protect? Yes
6. Do you have an authenticator? Didn't have one before (thought SMS was an equiv.) but I do now
7. Have you downloaded/installed anything since installing D3. No

The hackers changed my password without prompting email confirmation or triggering SMS protection. As soon as this happened, I quickly went to change my password back which proceeded as normal (email was sent requiring me to confirm the action before resetting my password)

Most definitely serverside


Quoting this for the importance of #5 and his explanation. This heavily adds to the possibility of being able to login as someone without actually knowing their password while bypassing the standard login method and also manipulate their account settings on the fly.

EDIT:
In case my post isn't clear enough this is more ground breaking than people getting compromised with an authenticator.

In order to bypass the e-mail confirmation it means someone has direct access to your account credentials and does not need to perform the normal steps required to change it. They are accessing and editing your information on the fly.
Edited by viscrom#1983 on 5/21/2012 8:23 AM PDT
My friend got hacked as well and I find this very disturbing. Looks like no amount of carefulness on our part can protect our accounts. And that authenticator should be free.
What's up, Blizzard? Can't find any blue response regarding all these hacks. Did your database get stolen?
This topic has reached its post limit. You may no longer post or reply to posts for this topic.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)
Submit Cancel

Reported!

[Close]