Diablo® III

Hack Refund

(Locked)

http://us.battle.net/d3/en/forum/topic/5270832653
why not MAKE us have an authenticator? since they MADE us have to be online all the time it should not have been too hard
MVP - Technical Support
100 Draenei Mage
7215
Posts: 20,190
05/26/2012 03:57 PMPosted by Renana
Perhaps a better option for Blizzard's release of D3 would have been to include an authenticator dongle with every box purchase


They don't make the authenticators is the primary reason.

They can only order a limited amount from Vasco the company that both owns the patent on them as well as operating the factories where they are made.

They would not be able to book out all of Vasco's factories in order to get an authenticator in every D3 box. They are not Vasco's only client. And what of the people that order D3 digitally ? How do you get one to them ?

Blizzard already lose money on every authenticator sent out - they are selling them for less then the best corporate discount they could be buying them at. They've keep selling out of them on the Blizzard Store.

05/26/2012 04:21 PMPosted by Suzumi
That would mean a loss of about 40 million dollars for this week only (6.3 million sales within the first week times 6.50 dollars). I don't mean any disrespect but surely you don't think Blizzard will lose 40 million because of this debacle?


It is. Vasco Digipass Go series 6 Authenticators are well known in the security dongle industry. I've known of several people who have tried to get the best price per unit for them for their own client's corporate needs.

Best price I've seen was $9.90 USD. They sell them for $6.50 USD. IE They're losing at least $3 USD + post and packaging per Authenticatorthey sell.
Edited by bluspacecow#1174 on 5/27/2012 3:17 AM PDT
MVP - Technical Support
100 Draenei Mage
7215
Posts: 20,190
05/27/2012 12:47 AMPosted by Zombieshart
Lol the guy above me just created a more elaborate conspiracy for an already elaborate conspiracy


I have a different theory on that.

The gold sellers / hackers would of know ahead of time how closely Blizzard watches their servers. They would of known given this is a major game release , one of the largest for Blizzard in 12 years so they would of expected the servers to watched closely. They would of known that the whole blaming Blizzard thing provides a handy smoke screen for them.

So IMHO I do believe that they would of been gathering people's battle.net emails and passwords over a lengthy period. Not touching or compromising a single one until D3 release week.

Then they hit hard. They hit fast. They take whatever valuable they can find but do not stay on the account very fast.

All this discussion and drama about all this serves their purpose by cloaking how they got in and when.

I'm sorry. Something doesn't add up. Everybody either seems to know nobody who got hacked, or they seem to know "tons of people" that did. That sounds like hysteria to me.


Not really. Let me explain why.

You speak about all accounts with Diablo 3 on it. But I am sure that some of the annual pass accounts are "immune" to the problem, because some Annual Pass players doesn't even started playing Diablo III.

If we would deal with malware, etc. a lot of people would know someone who got hacked. Come on, you can name a friend who is careless enough. But if we speak about any security hole in the game, things can change quickly.

Why? If people can get hacked in public games, and hackers prefer valuable targets, so they hack people who unlocked inferno difficulty, we see a much smaller group of potential victims. If the exploit is possible in any multiplayer party in Diablo III, what would the hacker do? Well, once he access your account, would hack your friends too.

So if there is any security hole in how Diablo III handles multiplayer parties, you would see the same pattern.

But lets see something else: As blues named downloading, P2P and piracy in a post, I will have to do the same. Whoever worked on server emulators to pirate Diablo III had to analyze the protocol used by the game. At this point any *unsecure* network can be targeted. Unsecured WiFi, hotels, some small ISPs, campus networks, etc. can be targeted. If packet sniffing is enough to steal your login data, we can see a pattern already: People who live near each other and might use same unsecure network might get targeted at same time.

As you see I can explain the pattern in the attacks in 2 different ways, but at this point I have to dismiss the malware theory.

But there is one thing wrong with malware theory to begin with.

At first Blizzard said no accounts with authenticator attached was hacked. Now they changed the story. And they said they analyzed MSInfo files. But are you sure that each and every time they have dealt with a hacked account they identified both malware and P2P downloading?

I am unsure. First of all: You can get malware without any P2P downloading. We know this. In fact using P2P downloads to target Diablo III customers is one of the worst options.

Second: When you want to get your account back, one of the first thing you see is you have to secure your computer. If at this point you run any antivirus program, it would detect most non-stealth malware. And stealth malware would be undetectable with MSInfo.

Third: It is rare that Blizzard asks for MSinfo files. How come that they managed to get MSInfo files from all these people in short time, and one blue poster analyzed them all faster than it is humanly possible?

4th: As you see members of the press were among the people who were hacked. I am unsure if staff of The Examiner or other significant portals who get free copies as press would pirate much. And I am sure most of them have antivirus installed, etc.

The story doesn't add up with the malware theory posted by Blizzard.
85 Night Elf Druid
8490
Posts: 239
05/27/2012 03:15 AMPosted by Enerla
At first Blizzard said no accounts with authenticator attached was hacked. Now they changed the story. And they said they analyzed MSInfo files. But are you sure that each and every time they have dealt with a hacked account they identified both malware and P2P downloading?


No. She was referring to her years working with hacked WoW accounts. The statement still stands regarding D3.

As far as the rest goes, her explanations made perfect sense to me. Interesting theory, though.
Edited by Daydreamer#1458 on 5/27/2012 3:25 AM PDT
MVP - Technical Support
100 Draenei Mage
7215
Posts: 20,190
05/27/2012 03:15 AMPosted by Enerla
At first Blizzard said no accounts with authenticator attached was hacked. Now they changed the story. And they said they analyzed MSInfo files. But are you sure that each and every time they have dealt with a hacked account they identified both malware and P2P downloading?


You've misread that. You might want to go back and re-read the Blue's post.

He was talking about accounts compromised since the Authenticator was released. Not for Diablo 3 but ones that have been compromised over the last few years since they've had an authenticator available.

05/27/2012 03:15 AMPosted by Enerla
Third: It is rare that Blizzard asks for MSinfo files. How come that they managed to get MSInfo files from all these people in short time, and one blue poster analyzed them all faster than it is humanly possible?


They do actually. I see it in the Tech support forums , which I frequent every day.

And it wasn't a ton of MSInfo files in a short time. The blue was talking in general over many years.

05/27/2012 03:15 AMPosted by Enerla
4th: As you see members of the press were among the people who were hacked. I am unsure if staff of The Examiner or other significant portals who get free copies as press would pirate much. And I am sure most of them have antivirus installed, etc.


Means nothing IMHO.

Just because they are a member of the press does not mean they have particularly good computer security habits. That would be you using some aspect of authority (they being a member of the press) to assume things :)
Edited by bluspacecow#1174 on 5/27/2012 3:22 AM PDT

So IMHO I do believe that they would of been gathering people's battle.net emails and passwords over a lengthy period. Not touching or compromising a single one until D3 release week.


The problem is: They can't get data about authenticator in advance. And this theory doesn't explain some of the patterns. Like how most hacked accounts were involved in public games on inferno difficulty.

And if it would be a trend we would see a rapidly growing amount of WoW accounts emptied as well. After all, if they have bnet login data, they would use it as well.
05/27/2012 03:22 AMPosted by Enerla
And if it would be a trend we would see a rapidly growing amount of WoW accounts emptied as well. After all, if they have bnet login data, they would use it as well.


This would add up with the theory that the login details were saved. WoW has always had vicitms of hacked accounts. This is not a growing or new problem. They dont get into everyone's account that they have info for. Some might not even have Diablo 3, and just have WoW.
Edited by HenVorsh#1296 on 5/27/2012 3:26 AM PDT
Theories theories theories. I don't believe for one second that these people got malware. Trollers or not, most people that even use the forums in the first place know something about computers and probably don't have 60 toolbars on Internet Explorer (or don't use it at all).

I don't really care about some grand conspiracy but I haven't been hacked and I literally just login knowing that I soon will be.

...and if anyone tells me to get an auth go ahead and stop talking now, if that was essential then the game should have been 66.50 or an auth should have been straight out of the box.

You've misread that. You might want to go back and re-read the Blue's post.

He was talking about accounts compromised since the Authenticator was released. Not for Diablo 3 but ones that have been compromised over the last few years since they've had an authenticator available.


Earlier incidents doesn't mean anything. But I have reasons to believe that if members of press state they had authenticators and they got hacked, then that is the case. Of course there are other incidents were I have to trust the players who had authenticators.

Being a member of press doesn't make you invulnerable. But you are accountable for what you write. If members of press make false statements they can be sued. And editors check such statement. This gives them credibility. Also they make a living from credibility. They worked hard to earn that credibility, while Blizzard managed to lose a good deal of credibility in the past.
What members of the press, got hacked, with an authenticator?



Earlier incidents doesn't mean anything. But I have reasons to believe that if members of press state they had authenticators and they got hacked, then that is the case. Of course there are other incidents were I have to trust the players who had authenticators.
It's a very typical story to hear from someone who has been compromised. As I have already said earlier. If you are unwilling to admit that it was your lack of attention that cause this, then it's just going to happen over and over again, until they get more than your game account, or you stop doing anything online ever again for fear of losing your identity


whats there to admit? then explain first why ONLY my Diablo 3 is the only one hacked and ALL THE OTHER GAMES arent???!!!
http://www.examiner.com/article/accounts-on-diablo-3-hacked

Here is the link for one of the incidents involving press :)
05/27/2012 04:14 AMPosted by ANTASKIDAYO
It's a very typical story to hear from someone who has been compromised. As I have already said earlier. If you are unwilling to admit that it was your lack of attention that cause this, then it's just going to happen over and over again, until they get more than your game account, or you stop doing anything online ever again for fear of losing your identity


whats there to admit? then explain first why ONLY my Diablo 3 is the only one hacked and ALL THE OTHER GAMES arent???!!!


Yep, my email was fine, bank account, was fine, Steam account was fine, everything was fine. Only my WoW/SC2 account was hacked.

That sounds like pretty bad security to me, honestly.
05/27/2012 04:14 AMPosted by ANTASKIDAYO
It's a very typical story to hear from someone who has been compromised. As I have already said earlier. If you are unwilling to admit that it was your lack of attention that cause this, then it's just going to happen over and over again, until they get more than your game account, or you stop doing anything online ever again for fear of losing your identity


whats there to admit? then explain first why ONLY my Diablo 3 is the only one hacked and ALL THE OTHER GAMES arent???!!!


Look I am not your parents, and I don't need to sit here and explain to you how to keep yourself and your info safe.

Either man up and accept responsibility, or learn to deal with this sort of thing A LOT. it's your choice really, I am not here to argue this. I know from experience how this stuff is done, and how often the people I would talk to would run scans with the game open, and find a boat load of malware, after I explained to them that there s****y Norton and Mcafee has no idea how to detect malware.
05/27/2012 04:43 AMPosted by Froggystylex


whats there to admit? then explain first why ONLY my Diablo 3 is the only one hacked and ALL THE OTHER GAMES arent???!!!


Yep, my email was fine, bank account, was fine, Steam account was fine, everything was fine. Only my WoW/SC2 account was hacked.

That sounds like pretty bad security to me, honestly.


Perhaps they got into your email and dont know it, do you know how to check the IPs that have accessed your account if you have gmail? other than Gmail you have NO WAY of knowing if your email eas compromised. You are likely basing this assumption off the fact that you don't have any deleted emails, or sent ones that you didn't send out. They would have been in your email ONLY get go things like change your password, delete emails that were sent to you by Blizzard while this was happening. They are professional accounts thieves, not some 15 yr old script kid in their mom's basement.

There is nothing to gain from you Steam account. At least that these GOLD SELLERS are interested in.

Honestly, if you guys would spend 5 minutes reading the blue posts, and doing some damn google searches you would know these things. Instead literally the only thing you do is call Blizzard on their phones and accuse them of giving your information out, or come on the forums and do it.

People like you are what is wrong with this COUNTRY, you fail to take responsibility for yourself and anything in your life, and you whine and cry to the authorities when something goes wrong, and you expect them to fix it, because somehow it's not your fault.

Grow up, learn how to secure your information. Stop expecting everyone else to spoon feed you the info, and most importantly, move on and treat YOU getting hacked as a learning experience.
This topic is locked.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)

Reported!

[Close]