Diablo® III

05/22/2012 12:09 AMPosted by pug

I've had guildies report the exact same thing. They also lived alone and no one had access to their home, let alone their computer. Yet it still showed up as no other IP. Maybe there's a separate issue that is masking this problem, but it's been proven in the past that it is possible to log in from a separate IP and not show it.

The hackers have malware on your guildies' computer and access the items/account through that. WoW's network protocol is public and creating a simple program that logs in and mails items to another account seems rather simple. That is why no other IP shows up to Blizzard, because the guys' computers are the ones doing the "hacking".

That's what I'm thinking, or just spoofing the IP. If you have a keylogger on someone's machine, you know what their IP is. It's not difficult for anyone, let alone someone engaged in this form of "hacking," to know how to do that. A simple google search will teach you all that you need to know.

Ah good to hear. Hope those who got hacked get back everything they've lost.

Too bad that the SMS option is not available for those of us with prepaid phones. Prepaid phones are often cheaper and have much better data plans ($45/month for unlimited data, texting and calls vs whatever ungodly amount the major carriers make you pay, all while forcing you into a locked down contract - that then charge you an arm and a leg for if you want to make amendments to).

Also lol, you know what I meant. Are you trying to inflate your ego or something? I mean they didn't use compromised in the way you were implying that they did. Okay so they imply themselves that the system is not compromised, but don't actually state it hasn't been.

They did say

05/21/2012 08:15 PMPosted by Lylirra

Historically, the release of a new game -- such as a World of Warcraft® expansion -- will result in an increase in reports of individual account compromises, and that's exactly what we're seeing now with Diablo III.

Which obviously means this is just the usual increase in reports of account compromises, same old story that's happened with every release of a new game. Yes, it didn't explicitly say WE ARE NOT COMPROMISED, but if we all understand written English, this is the message. Not going to argue semantics, which seems to be your preferred mode of discussion. They said this is the usual increase in compromises, nothing out of the ordinary. That's that.

Okay so I had to write this twice, but basically my problem was with you taking Blizzard's implication and spreading it as if it was factual proof that there's no hacking going on. There's no way to know in 1 day if your systems are compromised, or if the exploit is actually in game only with no account tampering required.

As for the semantics nonsense, I was imply trying to explain the logical deduction "tree" or process that leads to that stereotype/assumption/whatever. I wasn't trying to go back on what I said the first time.

05/22/2012 12:09 AMPosted by pug

The hackers have malware on your guildies' computer and access the items/account through that. WoW's network protocol is public and creating a simple program that logs in and mails items to another account seems rather simple. That is why no other IP shows up to Blizzard, because the guys' computers are the ones doing the "hacking".

Yep, I'm pretty sure this was the case with my friend, as her computer had been showing signs of infection that even those of us online noticed, including typing gibberish in WoW itself when she wasn't typing at all. But all the various AV scans, even with some tried and true ones on the web that we knew about, no virus/keylogger was found.

I still believe whatever it was, it was buried too deeply for the AV to find and having had my own experience with catching computer viruses in the past, which I learned from the hard way, I know that it's entirely possible the AV simply didn't "see" the virus. I learned from a good, established computer place, (established I mean has been around 20+ years and they'll sit down and explain stuff to you, whether you pay for continuing services or not, not BestBuy or the like lol) that viruses do this a lot. The computer techs even told me, the only way to totally get rid of the viruses is to do a clean install...

I learned how to install Windows very well as a result and learned to beef up my security, especially on the web, the latter of which has very much limited my need to do clean installs fortunately lol.

05/22/2012 12:12 AMPosted by Bul

That's what I'm thinking, or just spoofing the IP. If you have a keylogger on someone's machine, you know what their IP is. It's not difficult for anyone, let alone someone engaged in this form of "hacking," to know how to do that. A simple google search will teach you all that you need to know.

I agree, that's my suspicion too, on what's happening in these kind of instances.

But the thing is - when will there be any alternates to the standard Starcraft design one? I don't even play or like Starcraft! Please put in a Diablo III authenticator into the EU blizzard shop! :D

Authenticators are awesome - I have three keyfobs myself for work but I would never buy one for a game. If you want the added peace of mind go ahead and buy one. It would never hurt.

I would if the design was different. There's only starcraft ones in the blizzard shop. :3 Ironically no World of Warcraft (which I don't play either), no normal Warcraft, no Diablo... when was the EU blizzard shop last updated anyway?

And yes, the design matters if I'm going to be using it often next to my computer. :D

If Asia isn't smart enough to conduct an attack of this measure does that mean... Canada is attacking us?

If you dont have a smartphone, consider trying to download bluestacks app player (an free android emulator) and install and use the authenticator from there.

05/22/2012 12:16 AMPosted by IndigoAK

Too bad that the SMS option is not available for those of us with prepaid phones. Prepaid phones are often cheaper and have much better data plans ($45/month for unlimited data, texting and calls vs whatever ungodly amount the major carriers make you pay, all while forcing you into a locked down contract - that then charge you an arm and a leg for if you want to make amendments to).

Hmm I have a pre-paid that I use for this (and Facebook, and Yahoo, and GoDaddy) and none of them said anything against Pre-paid?!

I am from the lovely land of Canada though, maybe our pre-paid is different.

05/22/2012 12:19 AMPosted by MielTicket

If Asia isn't smart enough to conduct an attack of this measure does that mean... Canada is attacking us?

or simply a group of disgruntled hackers bent on trying to 'prove their point' about blizzard's security

We've been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring. Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password. While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand.

If your account has been hacked, please view the [url="http://us.battle.net/d3/en/forum/topic/5149619846?page=1"]previous post[/url] for information on contacting our support department.

I'm pretty sure nobody thinks you guys aren't taking this matter seriously. But is it possible that this is a game exploit? A method which doesn't require account tampering in any way?

There's no doubt a lot of these cases are probably user error, but something else seems to be occurring as well that may or may not be related.

'm pretty sure nobody thinks you guys aren't taking this matter seriously. But is it possible that this is a game exploit? A method which doesn't require account tampering in any way?

There's no doubt a lot of these cases are probably user error, but something else seems to be occurring as well that may or may not be related.

the problem with that theory would mean someone would have to crack the server itself

...dammit. I sold the knife that let me get an achievement for stabbing you, Bashy.

Its sad that Blizzard still exploits their customers by means of scaring them in to buying a authenticator. While every other MMO has a set system in place FOR FREE, because they care about their customers satisfaction.

We've been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring. Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password. While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand.

If your account has been hacked, please view the [url="http://us.battle.net/d3/en/forum/topic/5149619846?page=1"]previous post[/url] for information on contacting our support department.

I figured this was the case when I started reading these.

Good to see common sense prevailing.
I'm sorry that you have to put up with so many misinformation posts due to people with their own person grudge...

Should those of us with and loving the auth tool feel okay joining public games, or should we hold off for now?

or simply a group of disgruntled hackers bent on trying to 'prove their point' about blizzard's security

Hmmm interesting you say this... That would explain a lot.

People have had reports of friends on their list with distinct English names taking all the items after the account was compromised

Anything I have experience in WoW the hackers would make names like "asfasfasdfasf"

This would also explain the use of advanced hijacking and spoofing techniques to cover the logs.

I'm beginning to think this is an at home issue and not the normal Asian loggers and phisers

We've been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring. Despite the claims and theories being made, we have yet to find any situations in which a person's account was not compromised through traditional means of someone else logging into their account through the use of their password. While the authenticator isn't a 100% guarantee of account security, we have yet to investigate a compromise report in which an authenticator was attached beforehand.

If your account has been hacked, please view the [url="http://us.battle.net/d3/en/forum/topic/5149619846?page=1"]previous post[/url] for information on contacting our support department.

so you are saying all these account compromises are because of client users ?

Posted by Bul
I've had guildies report the exact same thing. They also lived alone and no one had access to their home, let alone their computer. Yet it still showed up as no other IP. Maybe there's a separate issue that is masking this problem, but it's been proven in the past that it is possible to log in from a separate IP and not show it.

The hackers have malware on your guildies' computer and access the items/account through that. WoW's network protocol is public and creating a simple program that logs in and mails items to another account seems rather simple. That is why no other IP shows up to Blizzard, because the guys' computers are the ones doing the "hacking".

That's actually the most reasonable explanation. It would be fairly trivial to write malware that also acted as a proxy. Once they had the username/pass, then they can log in using the client running it through the malware proxy on the users' machine. This also has the lovely benefit of getting around authenticators where people didn't select "ask me every time" because the connection is coming from the same IP it always has.