Diablo® III

Hacked with an authenticator

(Locked)

61 Undead Rogue
900
05/21/2012 10:39 AMPosted by Hyppy
All I can tell you is that I saw the venom spewed at players on the Rift forums when this happened in Rift last year


Let me guess, was it something along the lines of "QQ more loser. L2security"? I also assume none of them came back to the forums to apologize for being so rude, either.


It was every bit of this thread to a 'T' and more. Only one person, whom I recall, that had valiantly defend Trion throughout came back and apologized after the fact.
Bul, I'm definitely not saying that it can't be the user. That attitude would be contrary to the point I was making. There are some people who are not keeping their systems secure; that I know. I am saying, however, that it is not everyone, and that at least some people could have had valid attacks against their accounts. Believing that a system is invulnerable is the first step toward watching it fail.

The biggest point I was trying to make about not blaming the user is that you simply don't know, unless there's hard data showing these security flaws. Without proof that the user is at fault, insisting that it must be true is pure folly. If what you said about Blizzard being able to confirm the (non)existence of an authenticator on a potentially compromised account is true, that would be one example of a person fibbing to avoid looking foolish.

There are a lot of things to consider when putting up something this big. Now that Blizzard has moved to an online-only model, they have a bigger responsibility to the players to make sure their systems are safe to use. Given the substantial amount of profit they stand to rake in over the RMAH, I fully believe they will do everything they can to protect the security of their systems.

For what it's worth, I hope you're right. I hope that the alleged attacks are localized to people who have not tightened their security. It's not wishing ill-will toward victims; it's just my hope that the reason for these posts is poor habits and not something much more sinister. If it is an exploit, then we are all in danger of losing our gear.
I'll be the first one in the thread to apologize, if it ends up being something like what happened with Rift.

I just wish there was a rhyme or reason as to why people are being targeted. People only playing solo, with no "recently played" list are being infected. How else would people get access to a given player, if it's not a Trojan?

Honestly, the only thing my mind can settle on is the following. Get your tin foil hats.

When purchasing something from the Auction House, somehow they can see who they are actually buying from. Utilizing that information/Battletag, they use the session ID method used against Rift.

Is there anyone in here that's been hacked that hasn't used the Auction House?


Multiple people have confirmed they did not use the AH nor have they joined public games.

Your btag is open (public) information on the bnet forums. It's very possible that the people who are compromised posted on these forums before they were compromised.

The only relation between my friends and I is that I posted on the forums before I was compromised and my friends have not.
Edited by viscrom#1983 on 5/21/2012 10:50 AM PDT
I'm guessing that I was very lucky - or logged in during the middle of their raid against my account. When I logged in, I only noticed gold missing - I was at 0 gold. Luckily, I just went on a shopping spree, and only had 20k (which is nothing after getting to Act 2 Nightmare mode). I just picked up the pieces and kept playing - didn't think twice about it because I thought it was a server side error.

I did notice the extra names in the Recently Played section of my Friends menu. For some reason, I didn't put two and two together. Nothing happened to my account other than my missing Gold. I think leveled from 38 to 45 last night, and never looked back. Go figure.

Anyways, after hearing about all of this, I got my mobile authenticator linked, and changed my password. That should help any issues combating key loggers (which my virus scanner hasn't picked up any). This is also the first time I have ever been hacked. I hope this is the last . . . I've done my part now to secure my account. I trust that Blizzard will do their's.
05/21/2012 10:50 AMPosted by Andojin
Nobody has ever been hacked. No, you haven't.


I would love to see your data.
I don't think it is a keylogger or individual hack, mainly due to the volume of people hacked (lets face it, not everyone that has been hacked is going to post on these forums, so the number has to be greater than the number that has been posted).

The reason I don't think it is individual hacks on a persons computer is it would require the both the person with the trojan, and the person using that trojan, to be Diablo III players. It just seems a little weird for the volume of complaints, and the coordinated hacking that appears to be happening, to be tied to random trojans and keyloggers who just happen to be playing Diablo III so they can exploit it.

The only way I can see it being feasible is if there is a popular Diablo site that is distributing the keylogger or trojan (thus maximizing the targets that you want).
well this must be the launch week from hell for blizzard no?
Whether or not all this is true, I am now terrified to continue playing D3. I dont have epic loots yet, but if hacking is this prevalent, why bother playing?
Nobody has ever been hacked. No, you haven't. What happens is either crappy security, or not paying attention to virus and malware, or having easy to guess passwords and usernames, or even giving the password and username to somebody else, or a third party simply using an exploit (and exploit doesn't equal hack.) Either of these examples happens on a daily basis. And if you're lacking in security, don't pay attention to malware and stuff, or just throw around your password like crazy, well, then it's your own damn fault. The threats are out there, you are aware of them, it's your fault if you don't protect yourself against them.

If your car has a safety belt and you don't use it, and you crash into something and get hurt because you're not using the belt... it's not the car maker's fault. It's your own fault.

As for Blizz having to be on top of this... what do you think they're doing? Apparently some people here think that Metzen himself will just wave a magic wand and then everything is fine within 10 seconds. You do realize that things like this need time, right? Investigation, finding out what happened where, how, why and to whom. That takes time. That can take days, depending on the volume of issues they have to deal with.

Would you do the same if you'd had to deal with police in an actual crime? Would you camp out in front of the station whining and screaming for police to do something?

Oh wait, you entitled twerps probably would. Sadly, Blizz can't nail you for obstruction of justice like real cops can.



Let me guess, was it something along the lines of "QQ more loser. L2security"? I also assume none of them came back to the forums to apologize for being so rude, either.

Apologize? On the internet? To totally random people neither you nor I will ever meet, people who have no significance whatsoever in your or my life? Seriously?


Wild speculation from a person who has zero knowledge of the situation and zero proof to back up any of his claims.

Also posting as a troll.

Derp.
05/21/2012 10:58 AMPosted by amd
well this must be the launch week from hell for blizzard no?


"Evil is Back on May 15"
64 Orc Death Knight
630
So many people getting hacked, damn I can see why this is scaring people from getting this, until it's fixed in the future anyway.
Same thing happened to me. Luckily I was still in NM so I just played another char and bought gear off the AH to replace what was lost and now my original char is back to normal.


That's all I can think of to help this discussion, except for reiterating my stance on attacking the victim. This is literally the same attitude as blaming the victim of a violent attack. You can't say "Well, of course it happened. Look at what you were wearing." There is no measure by which I can communicate how arrogant, selfish, malicious and childish this attitude is. It's right in the forum rules, people. Be respectful.


Thanks for saying this, dude. The general lack of decency and overwhelming sh**n*** people exhibit on this forum along with people's acceptance of this behavior (it's the internet; deal with it) just because it's the way it is, well, it's upsetting.

So thanks.
05/21/2012 11:03 AMPosted by Kdos
Same thing happened to me. Luckily I was still in NM so I just played another char and bought gear off the AH to replace what was lost and now my original char is back to normal.


did you change your password or do anything else to mitigate the possibility of this happening again?

What about a ticket to Blizz?


It is simply a Bug. People can overtake the games SessionID and loot your char.
Gratz to Blizzard for ****** programming.

If you happen to understand a bit german:


For those of us who don't understand German, care to give us a quick rundown?
85 Gnome Mage
2625
obviously someone is using vodoo magic to hack these accounts.
This topic is locked.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)
Submit Cancel

Reported!

[Close]