Diablo® III

Hacked with an authenticator

(Locked)

Look guys, lets stop beating the same point over and over again.

If the people reporting these problems are telling the truth AND are using authenticators CORRECTLY, there is obviously something wrong.

If they're not, then there are possible holes, and its not nearly as easy to point to the finger at Blizzard. Anything is game. Then yes, it is possible the problem lies on the user's side.

But many of you are basing an argument on if the OP is lying or not. Maybe he is. Maybe he isn't. But who knows? Only him. Not you. Not me.

Only thing we can do is wait and see how this pans out. Just because Blizzard says they don't see a problem doesn't mean one doesn't exist. Neither does it mean that one will eventually pop up either.
Edited by splashattack#1108 on 5/21/2012 4:00 AM PDT
81 Human Warlock
1560
If thousands of people have gotten hit overnight, authenticator or not, it sounds like Blizzard itself has been hit by hackers.

Seriously-- this same thing happened in Rift right after launch. Hackers found a hole in the code which allowed them to completely bypass the login process altogether. They were able to log in to thousands of accounts directly as administrators and did not need passwords, etc. (notice whenever any game GM helps you with your account in any game, he never asks for your password because they don't need it?).

Each account in Rift's case anyway also has a 5-digit code attached to it that identifies it, and the hackers went directly to that point and just started spamming 5 digit numbers (I'd guess with bot programs) until they got "hits." Then they went in with a basic bot program and wiped out peoples' gold.

Trion Worlds, Rift's developers, left nary a comment about the whole fiasco on their boards, until one of their PLAYERS found the problem. He went public with the generalities on the forum, PMing the devs in private with the specifics, and within hours the devs subsequently found that hole in the code and plugged it.

I wonder to this day if Manwidaplan hadn't publicly stated what happened if Trion ever would have admitted it, but they had no choice later on.

Dear Blizzard,

Let's hope Manwidaplan is now playing Diablo III, because it's beginning to look like you could sorely use his help right about now.

Perhaps online games are the easiest to mass hack right after they go live, when little snafus are still largely untested. It's certainly a thought at this point, and something I hope Blizzard is looking into right now.
If the people reporting these problems are telling the truth AND are using authenticators CORRECTLY, there is obviously something wrong.

If they're not, then there are possible holes, and its not nearly as easy to point to the finger at Blizzard. Anything is game. Then yes, it is possible the problem lies on the user's side.

But many of you are basing an argument on if the OP is lying or not. Maybe he is. Maybe he isn't. But who knows? Only him. Not you. Not me.

Only thing we can do is wait and see how this pans out. Just because Blizzard says they don't see a problem doesn't mean one doesn't exist. Neither does it mean that one will eventually pop up either.


I fully agree with this, but not everyone does use a authenticator and should, so that this may not happen to them in the future as easily.

This issue will be resolved sooner or later, it's just a matter of time before it becomes an issue. I have seen snippets that the issue is involved with joining public games.

"IF" this is tue, then avoid public games until this issue is resolved?
90 Night Elf Druid
5825
Let me guess, you put your authenticator hash key in a .txt document somewhere on your computer?

Either that or your account security questions are horrible.
and this was directed towards whom?

Let me guess, you put your authenticator hash key in a .txt document somewhere on your computer?

Either that or your account security questions are horrible.
If the people reporting these problems are telling the truth AND are using authenticators CORRECTLY, there is obviously something wrong.

If they're not, then there are possible holes, and its not nearly as easy to point to the finger at Blizzard. Anything is game. Then yes, it is possible the problem lies on the user's side.

But many of you are basing an argument on if the OP is lying or not. Maybe he is. Maybe he isn't. But who knows? Only him. Not you. Not me.

Only thing we can do is wait and see how this pans out. Just because Blizzard says they don't see a problem doesn't mean one doesn't exist. Neither does it mean that one will eventually pop up either.


I fully agree with this, but not everyone does use a authenticator and should, so that this may not happen to them in the future as easily.

This issue will be resolved sooner or later, it's just a matter of time before it becomes an issue. I have seen snippets that the issue is involved with joining public games.

"IF" this is tue, then avoid public games until this issue is resolved?


Pretty much the same conclusion I came to after reading everybody's stories. It all seems to revolve around group games. So assuming there really is a problem, avoiding group games for now seems to be the logical first step to take.

Which kinda sucks, but you gotta do what you gotta do.
0% chance you had an authenticator.
05/21/2012 04:16 AMPosted by Vaelen
0% chance you had an authenticator.


Can you provide proof of this? or are you just wanting to be included by any trolling necessary?
well, probably most people who have a wow account may have thier b.net account attached to it? So that could possibly explain the hackings... Bad add-on usage?
Can we ask for a rollback/restore if we just got hacked?
i have seen reps say that it's not as easy to restore items as it is for world of warcraft.
Got hacked too. Only time I ever input my account details was to login to Battle.Net to buy the game online, and in the client to play. I have experience with phishing and keyloggers, so I don't think either of those would be the case.

Didn't haven authenticator unfortunately. Got one now, as well as SMS alerts. Just hope I get some of my items/gold back. Curious as to how this happened though, on such a mass scale - it would be stupid to think that so many people fell victim to some simple scam in such a short period of time.

Also - I'm hoping Blizzard are capable of easily tracking down the movement of items/gold/etc. Because for a game that has a currency-based auction house not to have that security just doesn't make sense.
Edited by Lawrence#6193 on 5/21/2012 4:40 AM PDT
Has anyone confirmed how long the restore typically takes?

I'm pretty frustrated.
My ticket hasn't been answered from 5/19 yet. Excellent.
Lawrence,

I only had sms alerts, but it was off..
Checked my emails. yesterday there were password reset attempts..

If blizzard was at fault... it would not be hard to restore..
But 1st thing's 1st.. i want my stuff back!

Anyone who has gotten a restore can post?
Got hacked too. Only time I ever input my account details was to login to Battle.Net to buy the game online, and in the client to play. I have experience with phishing and keyloggers, so I don't think either of those would be the case.

Didn't haven authenticator unfortunately. Got one now, as well as SMS alerts. Just hope I get some of my items/gold back. Curious as to how this happened though, on such a mass scale - it would be stupid to think that so many people fell victim to some simple scam in such a short period of time.

Also - I'm hoping Blizzard are capable of easily tracking down the movement of items/gold/etc. Because for a game that has a currency-based auction house not to have that security just doesn't make sense.


agreed. there definitely has to be some tracking if there're gonna have a real money trading platform. hackers shouldn't be able to benefit if they're able to track where stolen goods are.
05/20/2012 02:09 PMPosted by iMax
Weak passwords are weak. An authenticator is an additional but not undefeatable security measure.


He has an authenticator.... can you people not read?


then the hacker needs to input the authenticator code to login to the game, unless the "hacker" is logging in from the OP's computer.
90 Night Elf Druid
5825
and this was directed towards whom?

Let me guess, you put your authenticator hash key in a .txt document somewhere on your computer?

Either that or your account security questions are horrible.


The guy who made the thread, or really anyone else who has gotten "hacked" while having an authenticator on their account. The serial key you had to put in when you set up the authenticator is what's used to bypass or turn it off, and if there was a keylogger on your comp when you typed it in then it might as well not even exist.
This topic is locked.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)
Submit Cancel

Reported!

[Close]