I myself have not been hacked yet however please fill your detailed information on the hacks.
Keep in mind this is just situations I have taken from almost every post I can find in the technical support forum post. There are speculations within the forum, and are my ideas only on how number 2, 3 were performed. Please if you are more knowledgeable in the situation feel free to correct me this is just a precaution on people for hacks.
From all the posts I have read in the past week there appears to be 3 types of hacks that are occurring.
1)Key-logging hack I figured I would start with the basic. There have been some people getting their B-net account hacked which posted on the D3 forums of their account being hacked where they're having the B-net password changed and are unable to claim their account. After running virus scans they have found the key-log and removed it off their computer.
Things missing; Diablo 3 characters wiped, items, gold, Auctions, friends removed, B-net password changed, in some cases even their linked Wow accounts compromised as well.
This is actually one of the lowest common hacks that I have found on the forums so far.
Steps to avoid this:
Avoid strange sites, emails, etc. Have a good anti Virus program, with the physical key chain authenticator. These still are not 100% protection but is the best you can get against these types of attacks.
2) D3 account hacked not B-net. This one occurred shortly after release and hasn't appeared much after the first scheduled maintenance. The results in this one seem quite strange people would be kicked off playing their toon then get the 37 error. When logging in, all their toons would be stripped clean as well as the AH. Nothing would be changed on their B-net account suspecting that it was not actually a B-net hack since it was set to only the diablo 3 accounts.
Things missing; All toons wiped, gold, auction house, stash, removed, Strange names listed in recently played.
Difference between 1-2. B-net left alone, friends list left alone.
These appeared to have been accepting character logins which if they had the physical authenticator they would not have been able to run this hack. Also these ones seem to have stopped since the first scheduled maintenance.
Ways to avoid Physical (key-fab) authenticator with the always require authentication when logging in.
3) Main toon session ID possible hack. This appears to be very Very common at the moment.
High level toons are being hacked on the softcore accounts I have not found a single case of a Hardcore toon that has been hacked. If you find one please let us (The community) know.
What happens is the victim if they are currently online will start to get a massive lag spike and get kicked from the game when they get back online their main character is striped of all his gold, items, and stash. Their auction house is fine as well as their other toons.
Things missing; Stash, items, gold, gear on main toon.
Reasoning as to why this is a session ID hack is the following below (speculation on how they were accomplishing this):
What appeared to be happening is the following before 5/30/2012 there was a command valid the /who command which at this moment now crashes the game. You could set a parameter to search for level toons this allowed people to find the high level toons you could then place that high level toon as a friend on your list without confirmation from the recipient. Currently the game allows you to quick join friends games without confirmation.
Now we have identified a 60 toon and wish to quickjoin them as the hacker sends a massive DDOS to the recipients game it kicks that player out the hacker then sets up the session ID hack pretty much taking the place of the booted person. They then quickjoin their level 1 toon and strip the high level of everything they have. They also have the players recently played and friends list and continues down new people they haven't hacked yet.
There has been few cases of people logging on durring the hack where they prevented mid selling and kept part of their gear,stash. The difference here is they didn't get re-hacked after they kept off the game sessions. That is why it is presumed as a session ID hack.
The reason the auction house and other toons are unharmed is because they never get to the menu section. This bypasses all authentication methods and making extra security invalid. My thoughts is if they were actually forced to leave the game to get to a menu it would mess up their program maybe even require an authentication which is why the auction house is safe as well as the other toons.
Keep in mind a hacker would not spare a low level toon just because they're low. all the hackers are doing is selling the gear to a vendor and transferring the gold to their level 1 they could get an extra 1k gold off a lowbie since it only takes about a maximum of 2 min to strip everything and sell it
Ways to prevent this- Press esc in game click on options, click on social, under the friends and chat section make sure to uncheck Allow Quick Join. Also stay out of public games so you cannot get hacked through a person in that public game. DO NOT TALK IN GENERAL CHAT.<< this is by far the easiest way at this moment to compromise a persons game it is the same as placing your name in a functioning /who list. I know this way is terrible but until blizzard fixes this issue which it appears they are catching on. Since the /who command is causing crashes I am almost positive that bug was intentional.
Please if I have missed a situation in how you were hacked symptoms/preventions let us know. However I feel I have covered all the basis on preventions on the specific types of hacks seen on the Technical Support Forum.