Diablo® III

Battle.net® Account Security & Diablo® III

(Locked)

05/21/2012 08:17 PMPosted by Hikillerhiod
Battle.net SMS sounds very useful. :)


I never got an sms report when I lost all my items.....
Ice, I think Diablo 3 gold farmers , that specifically do that, would definitely use the exploit(whatever), if not be responsible for it themselves. That would be a case of, a 'Keylogger for a specific purpose'. Apparently, there's the anticipation for a very big pay-day for these scum.
90 Night Elf Hunter
11360
Posts: 140


The same people who engineer keyloggers purely to steal WoW items and gold? Maybe?

There's a reason these people stick to video game accounts. The legal repercussions should they be caught are significantly less than if they steal credit card information or anything else of real monetary value. They can earn a good living sticking to low-risk video games, so they do.


Why aren't they using the opportunity to steal WoW items and gold too then?

Also, most of these hackers are in China. Do you really think American law affects them in the slightest? Do you really think the FBI can just go to China and charge people for internet crime? Get real.


The spoof doesn't, and can't, work on WoW, because there is no access to the login information to begin with - they aren't compromising your login, they're hijacking an existing Session ID.
Posts: 56


Are you reading your own tripe? Seriously, how can anyone subscribe to the "you got phished/keylogged" nonsense. Who engineers a keylogger purely to steal Diablo 3 items and gold.

Nobody.

I have yet to see anyone complaining their WoW accounts have been accessed, Starcraft accounts, bank accounts, email, etc. All of those stuff are a hacker's dream to access, so the idea they're purely going after D3 stuff is ludicrous.


You have the burden of proof because you are making the claims. You have no proof. So you start talking !@#$.

Seriously, put up some facts or shut up.


And no, I don't have the burden of proof as I haven't made any claims outside of one, and that is that the idea that all of these hundreds of people (probably thousands given the forums is a small representation of the actual player base) all being keylogged in the same three day period is absurd.
FACTS:

1) People creating tickets on the issues are getting responses from Blizzard GMs that there is no evidence of suspicious activity on their account... (IE, no different IP addresses)

That in itself negates keyloggers.

2) EVERYONE who has been compromised has had specific, widely reported, "friends" added to their contacts after being compromised.

3) People with authentification HAVE been compromised including members of certain media outlets. http://www.examiner.com/article/accounts-on-diablo-3-hacked

4) There are video's on youtube showing this happening in real time. Its not a myth.

5) This has happened before, actually when Diablo 2 was released.... It took around 1 month for Blizzard to admit it.

I can go on and on, I can even provide security scan logs (which I have done in numerous posts and within the ticket I have submitted). My system has NOT been compromised with keylogging, I !@#$ing work I/T and deal with this %^-* on a daily basis at work. I KNOW what the !@#$ Im doing!

I Run Peerblock
I run Mcafee Enterprise edition
I run superantispyware
I run malwarebytes

I ran Super Anti Spyware minutes after it happened thinking that I might have been compromised.... All it came up with are the usual adware.tracking cookies that are all false positives...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/20/2012 at 01:32 PM

Application Version : 5.0.1146

Core Rules Database Version : 8623
Trace Rules Database Version: 6435

Scan type : Complete Scan
Total Scan Time : 00:59:12

Operating System Information
Windows 7 Enterprise 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 673
Memory threats detected : 0
Registry items scanned : 71434
Registry threats detected : 0
File items scanned : 118949
File threats detected : 276

Adware.Tracking Cookie

Here is my scan log for Mcafee ENTERPRISE edition.... Run through my companies EPO server which I get updates through after going through VPN..

System Information
Computer Name: (blanked out for security reasons)

McAfee Agent
Version number: 4.5.0.1810
Managed
Last security update check: 5/22/2012 12:30:18 AM
Last agent-to-server communication: 5/22/2012 12:29:13 AM
Agent to Server Communication Interval (every): 4 hours
Policy Enforcement Interval (every): 2 hours
Agent ID: {23502318-AAF8-4B6A-AAC4-AA74E321A88F}

(removed EPO server, DNS, Domain, IP address and computer name for security reasons)


McAfee SiteAdvisor Enterprise Plus
Version number: 3.0.0.561
Language: Multiple
Hotfixes
Version: 2


McAfee VirusScan Enterprise Workstation
Version number: 8.8.0.849
Language: Multiple
Virus Definitions
Version: 6718.0000
Install Date: 5/21/2012 5:59:19 PM
Created On: 05212012
Hotfixes
Version: 1


McAfee VirusScan Enterprise + AntiSpyware Enterprise
Version number: 8.8.0 (8.8.0.849)
Build date: 9/15/2011

Anti-virus License Type: licensed

Scan engine version (32-bit): 5400.1158

Scan engine version (64-bit): 5400.1158

DAT version: 6718.0000
DAT Created on: 5/21/2012

Number of Signatures in extra.dat: 0
Name of threats that extra.dat can detect: None
Buffer Overflow and Access Protection DAT version: 567

Installed Patches: 1

Installed Modules:


Copyright © 1995-2010 McAfee, Inc.
All Rights Reserved.
www.mcafee.com


MY SYSTEM IS CLEAN!!!!
05/21/2012 11:16 PMPosted by YukariOro
she was hacked not because the authenticator was hacked, but because her computer had a keylogger on it.


My only point was that if there is a vulnerability, it's not in the authentication. I don't want people reading this thinking that an authenticator is not foolproof - it pretty much is... and if your friend had settings requiring authentication every time she logs on, the apparent keylogger would not have compromised her d3 account.
Posts: 56


Why aren't they using the opportunity to steal WoW items and gold too then?

Also, most of these hackers are in China. Do you really think American law affects them in the slightest? Do you really think the FBI can just go to China and charge people for internet crime? Get real.


The spoof doesn't, and can't, work on WoW, because there is no access to the login information to begin with - they aren't compromising your login, they're hijacking an existing Session ID.


That seems like a logical reason for it, but according to the people that I'm "arguing" with, it's not a Blizzard problem, but rather thousands of people being keylogged or victims of phishing. Now, if that is the case, then these hackers have the battlenet account name and password, with which they can get into any game you choose unless you're authenticated. And considering that most people don't want to be inconvenienced by setting up the stupid authenticator, the WoW forum should also be full of people complaining of stolen gold and loot.
90 Blood Elf Priest
13615
Posts: 116
Have an email address for battlenet only, use a different password, use an authenticator with sms notifications and you won't have any problems.

Been doing this for years with my wow account and now the same with D3, and not once had any issues

/knocks wood
90 Night Elf Hunter
11360
Posts: 140
Great post, Phyzik!

For all the good it will do against the Blizztards on this forum.
Posts: 364
Fair enough, I'll believe someone with an authenticator was compromised when I actually see proof of it. People lie about it when their WoW accounts get hacked all the time too. O.o
FACTS:
...
MY SYSTEM IS CLEAN!!!!


Facts - AS FAR AS THEY KNOW,
your system is clean.

Just saying.
You guys should stop arguing and pretending to be good at computers and read my post on page #23 half-way down.
Now I fully understand how it was that we burned women at the stake in Salem.

I always wondered how people could be that dumb.
my WoW account got hacked a week ago which makes me very nervous for the saftey of my D3 account. I changed my passwords (all of them) and attached an authenticator. If it gets though all of that I will be livid and I will blame you blizzard, because I followed your recommendations to the letter.
90 Blood Elf Priest
13615
Posts: 116

That seems like a logical reason for it, but according to the people that I'm "arguing" with, it's not a Blizzard problem, but rather thousands of people being keylogged or victims of phishing. Now, if that is the case, then these hackers have the battlenet account name and password, with which they can get into any game you choose unless you're authenticated. And considering that most people don't want to be inconvenienced by setting up the stupid authenticator, the WoW forum should also be full of people complaining of stolen gold and loot.


Sure there is cross over between wow and d3, but there was a huge influence of new players who don't play wow that are playing D3.

And i would take a guess and say the wow players are more savy anyway and have secured their accounts better after years of these issues with hijacks on every MMO ever
We can only wait and see. Not rush to conclusions.

My character was compromised, and I'll agree that it is rather fishy, especially since I've not been hacked in any other online game before.
90 Night Elf Hunter
11360
Posts: 140


The spoof doesn't, and can't, work on WoW, because there is no access to the login information to begin with - they aren't compromising your login, they're hijacking an existing Session ID.


That seems like a logical reason for it, but according to the people that I'm "arguing" with, it's not a Blizzard problem, but rather thousands of people being keylogged or victims of phishing. Now, if that is the case, then these hackers have the battlenet account name and password, with which they can get into any game you choose unless you're authenticated. And considering that most people don't want to be inconvenienced by setting up the stupid authenticator, the WoW forum should also be full of people complaining of stolen gold and loot.


Exactly!

The fact that the WoW forums aren't flooding with reports of a hack - where of course it would be much more rewarding currently to an exploiter - is itself yet another damning bit of evidence.

Of course, I'm sure the response will be that nobody who plays D3 also plays WoW, so anyone affected by this wouldn't show up as a compromised WoW account /rollseyes.
Ok blizz. Like WoW then, which I was compromised, why can't you check your logs to see who logged on to my account and see what is changed?
Posts: 56
05/21/2012 11:23 PMPosted by Bootes

Evidence? No. Of !@#$ing course there is none: thats the entire point of this tactic, as IT LEAVES NO EVIDENCE.

In fact, thats exactly the point: In anything client-related, there is a thief and use of login credentials. They are litterally login in, just from a different IP, something Blizz can track.

In this case, there have been multiple confirmed CS reports of players loosing everything but no suspicious activity nor third party logins were detected by Blizzard.

Now you are accusing ppl of being Google happy... i would suggest you Google some more actually, because you dont seem to understand what is going on here.


First of all, I have a CCNP Security, so I know a bit about what we're discussing.

Second of all, and more importantly, if there is no evidence, then shut the fck up until you have some.

Look, make no mistake.. I have a ton of sympathy for people who have been hacked. What I don't have any sympathy for is this hive-mind Blizz-bashing for which there is absolutely no evidence.


Anecdotal evidence IS evidence when there's a giant stack of it. I don't see how you can say it isn't just because people have the capability of lying. If you seriously believe that, how can you believe in any history books you've read? How can you believe anything anyone tells you is true?

I understand the internet breeds natural skepticism because most internet "regulars" act differently than they would in the real world, but there's just too much complaining to file this down to a user error. Even IF it's a giant phishing net or keylogger, these people all had to get it somewhere. Who's to say it's not on a supposedly "secure" website like the D3 information page? Blizzard AT LEAST has to investigate WHY all of these people are getting hacked at the same time. The reason they gave at the beginning of this thread is bollocks. How does a new game launch lead to more hacks? There's no logic behind that when you use the same account for every Blizzard game.
This topic is locked.

Please report any Code of Conduct violations, including:

Threats of violence. We take these seriously and will alert the proper authorities.

Posts containing personal information about other players. This includes physical addresses, e-mail addresses, phone numbers, and inappropriate photos and/or videos.

Harassing or discriminatory language. This will not be tolerated.

Forums Code of Conduct

Report Post # written by

Reason
Explain (256 characters max)

Reported!

[Close]