Hacked with an authenticator

General Discussion
Prev 1 19 20 21 26 Next
Lawrence,

I only had sms alerts, but it was off..
Checked my emails. yesterday there were password reset attempts..

If blizzard was at fault... it would not be hard to restore..
But 1st thing's 1st.. i want my stuff back!

Anyone who has gotten a restore can post?


this


He has an authenticator.... can you people not read?


then the hacker needs to input the authenticator code to login to the game, unless the "hacker" is logging in from the OP's computer.

Which means nothing if the hackers are using an exploit to circumvent this security measure. And assuming that that people are telling the truth that they are using authenticators correctly and are still getting hacked.

Also, there are no reports yet of people getting their items back at all, so no. Nothing to report yet.
Blizzard should have kept it so that you ALWAYS had to enter your Authenticator code.

Once you have entered your PW and Authenticator code, the game remembers where you play from and bypasses the Authenticator function.

Trion did this with coinlock. If you played from somewhere else you had to get a code in your E-mail to unlock the higher functions of your game, otherwise you could only move around and use skills. No buying, selling, trading etc.

If a hacker has your IP (or GUI? not sure exactly how it works with Blizz's system) then they can most likely emulate you or find a work around to the recognition function.

Blizzard Set it back to ALWAYS needing to enter our Authenticator codes.
Blizzard Set it back to ALWAYS needing to enter our Authenticator codes.


Are you aware you can turn that back on in your security options?
Blizzard should have kept it so that you ALWAYS had to enter your Authenticator code.

Once you have entered your PW and Authenticator code, the game remembers where you play from and bypasses the Authenticator function.

Trion did this with coinlock. If you played from somewhere else you had to get a code in your E-mail to unlock the higher functions of your game, otherwise you could only move around and use skills. No buying, selling, trading etc.

If a hacker has your IP (or GUI? not sure exactly how it works with Blizz's system) then they can most likely emulate you or find a work around to the recognition function.

Blizzard Set it back to ALWAYS needing to enter our Authenticator codes.


I always get asked to enter authenticatioon code when logging in....
The "always on" setting for the authenticator shouldn't matter, since you are forced to authenticate if you are connecting from a different IP.

The only reason "Always on" would help is if you have a trojan on your computer and the hackers are using your computer to log on, but I find that to be highly unlikely.
http://www.examiner.com/article/accounts-on-diablo-3-hacked

Getting some notice outside the community.
Stop trying to download load hacks, or buy money off a website and you will be fine!
I was hacked last night as well. I haven't played on public games at all, and I have two recent players showing up on my list:

wx7197
davidsabeast

I do not know these people. I've only played with one person I don't know IRL, and he was a friend of a friend. I don't even know how someone would know to try to hack my account and I didn't do anything fishy (like using my Blizzard email and pass on some third party site or something).

Frankly I'm stunned as I've never had a problem with any other game. I strongly suspect a breach on Blizzard's end. I did not use an authenticator.
The "always on" setting for the authenticator shouldn't matter, since you are forced to authenticate if you are connecting from a different IP.

The only reason "Always on" would help is if you have a trojan on your computer and the hackers are using your computer to log on, but I find that to be highly unlikely.


It SHOULD detect a changing IP but from what I can tell it is not. It should have detected a different location login and locked down even Non-Auth accounts for password reset. I have seen no reports of that. Best advice is to have it always ask at this point. People can set that in Account Management --> Security

@ headcrab - there are lots of reports in tech support about people getting items restored if Bliz can see evidence of a compromise (diff IP location logging in). The problem is that the restores are roll backs to an unknown backup point so you lose levels and progress too. It is not like WoW.

We may have more than one issue here so I am interested to see what Bliz finally says. I would not be surprised if we have a database glitch, compromised accounts AND an IP login location detection system that are all part of it.
The only way you can be hacked with an authenticator is if you have a man-in-the-middle trojan on your computer. This basically fakes the game login screen and sends your authenticator code to the hackers instead of Blizzard. They then have about a 30 second window to log into your account.
Mogrigg, that is certainly a way they can do it and it is rare. However the authenticator system was changed to only ask for the code once a week unless a login location change is detected. If that detection system is down then the Auth system would not be asking for a code :(

What you say is true as far as we know for those with it set to ask every time though!
All of those who've been hacked should really try to see if you have any commonalities, such as using 3rd party software such as Dark3D or something else.

Either:

1.) Blizzard databases were compromised and the hack is from their side, or...

2.) You've let something into your PC that is spoofing logins and sending that data back to a server for the hackers.

I do NOT use an authenticator and I have no problems with my account so far. Then again, I do not use any 3rd party software for D3 and protect myself against javascript from unknown sites with NoScript in Firefox.
Got hacked by the same guy. George Melchers. Submitted ticket waiting for account or character rollback... This sucks.
Cipher, I'll be honest with you. That's exactly what I thought -- last night. I've never been hacked on any game before and I practice good security procedures. Surely I'm safe and this is all a bunch of sturm und drang?

This morning, log in quick to check auctions? Hacked, all my !@#$ gone.

I haven't used any third party software nor registered (regardless of credentials used) on any third-party diablo sites.
05/21/2012 06:17 AMPosted by Zireael
Yeah, hacked here as well. Anyone knows how long the rollback takes?


Bizz auto responce sad 24-48 hour but i doubt it will be that fast giving the number of ppl hacked. So we might w8 3+ days.
All of those who've been hacked should really try to see if you have any commonalities, such as using 3rd party software such as Dark3D or something else.

Either:

1.) Blizzard databases were compromised and the hack is from their side, or...

2.) You've let something into your PC that is spoofing logins and sending that data back to a server for the hackers.

I do NOT use an authenticator and I have no problems with my account so far. Then again, I do not use any 3rd party software for D3 and protect myself against javascript from unknown sites with NoScript in Firefox.


I don't believe the Blizzard databases were compromised, it seems highly unlikely. But at the same time, since I have installed D3 the only websites I have visited are this forum, facebook, and youtube (neither of the latter two sharing my bnet password).
I haven't downloaded anything, no exe's, no torrents, nothing. Haven't filled out any forms. By profession I should be able to tell a phishing site from a real one anyway - otherwise I'd be unemployed.
Still scratching my head about this one.

Join the Conversation

Return to Forum