Home › Game Forums › Diablo 3
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
So somebody with a physical authenticator got hacked...
simplyawful
Member Posts: 84
in Diablo 3
Or so it says here: http://us.battle.net/d3/en/forum/topic/5639234717?page=1
Anybody else found any other info on this? This is making me really worried, since I don't have an authenticator, but am somewhat experienced on a PC.
Comments
I think I've read of WOW players w/physical authenticators still getting their accounts hacked; nothing is 100% fool-proof, but w/authenticator, is less likely to be hacked than without.
This.
With millions of accounts ( D3, SC2, WoW ) all on Bnet and people who's job it is to hack and steal gold / items then some people will get hacked regardless.
I do feel for the people that this happens to for sure. But out of the millions if not 10s of millions accounts its a low % that actually do get hacked. And many of these can probably be attributed to keyloggers on their PCs, phishing emails, email hacks, ect.
Nothing is hack proof, history has shown that time and again.
I do wish blizzard would implement a "coin lock" feature like rift did. To me that would solve alot of the problem, not all, but alot IMO.
Does Blizzard have a policy that restores stolen items/money or are players SOL? I have only had an account broken into once with them and it had not been active for about a year. A friend happened to be on and called me when he saw I had logged in, or so he thought. Short story, Blizzard support was quick to get him off and give me a new password before anything damaging was done. I wander what they would have done had damage been done though.
Same thing happened to me and yes they are pretty quick to repair the damage. The guy that hacked me or whatever paid for a months time so my wife was able to log into my characters and look around. They not only fixed my character, but replaced stolen stuff from the guild bank.
RIP Jimmy "The Rev" Sullivan and Paul Gray.
There's still no proof, only hearsay. Your thread title is a bit sensationalist, don't you think?
You really should get an authenticator of some form. There are so many attack vectors that a "secure" PC is impossible to guarantee. I consider two-factor authentication to be the only reliable form nowadays.
On another note, Ritf's "Coin Lock" feature should be mandatory for any AAA MMO going forwards.
Thats rather arrogant to blame every user. I never bought gold, nor did I fall for any of those painfully obvious philsing emails. I even regularly scan my computer for viruses. Most likely it went to wowwiki(didn't realize it was a bad site, shame on me) and they got in sometime between my virus scans. Most likely, you were just not unlucky,
Don't forget to remind addons with phishing script inside
Two things are infinite: the universe and human stupidity; and I'm not sure about the universe.? -Albert Einstein
"The ability to speak doesn't make you intelligent" - Qui-gon Jinn. After many years of reading Internet forums, there's no doubt that neither does the ability to write.
So if you notice that I'm no longer answering your nonsense, stop trying... because you just joined my block list.
I got my WoW hacked a couple of years ago and Blizzard helped me retrieve some of the stuff I lost. So when I got it back I promptly installed a mobile authenticator for both mine and my wife's accounts. Smooth sailing since. I also signed up for the sms alerts when they became available. These steps are not 100% foolproof as I could still be hacked by someone with enough determination to do so. BUT what it does is add an aditional hurdle for attackers to jump to get to my accounts.
But what people are doing when they start these unfounded rumors is NOT helping anyone. They are basically telling people who are trying to defend themselves that adding hurdles is a moot point. Why on earth would anyone who is against hacking spread such untruths? The only thing I can think of is there are people out there that have a vested interest in steering players away from getting authenticators, sms alerts and complex passwords.
I would NOT be surprised that gold/account sellers have networks of people working for them to "convince" players to lower their defenses by claming Blizzard's sercurity measures have been compromised. And I damn sure would not be surprised if those campaigns originated in the gold/account selling capital of the world a.k.a. South Korea.
"Small minds talk about people, average minds talk about events, great minds talk about ideas."
It sure does.
Actually that would be China. The average South Korean income is a bit too high to make it that popular there.
There are thousands of goldfamers that sell theyr gold for cheap to goldsites. Those sell it again for very expensive price.
There are some ways ppl get hacked:
1. They paid to powerlvl theyr account
2. They gave theyr loging data to fake diablo 3 sites
3. They used same login data in Bot programms
4. THE MOST COMMON WAY:
THEY USE SAME LOGIN DATA as their account IN DIABLO 3 FANSITES, those sites get hacked alot, since they have no security!!!
(100% proven in many different interviews with gold sellers)
YOU CANT HACK AN ACCOUNT WITHOUT USERS *FAULT*!
you know Blizzard makes billions. Companys get hacked every day we never hear about. And dont think for one second Blizzard is some how better than anyone else. They never tell you nor will they. They bend the law like everyone else. If your in law enforcement you know this kind of thing happens none stop now days. And if you know what your talking about.. you don't need to hack someone computer to get their info..not any more. Its ALWAYS somewhere else.
I'll reserve judgement until more info comes out.
There are so many trolls out there that got their accounts hacked, think they are experts who strongly believe it's not their fault.... it ain't even funny anymore.
Take this guy for example! Hilarious!
http://eu.battle.net/d3/en/forum/topic/4551307023
There has yet to be a single case confirmed regarding an account compromise that had a physical authenticator attached.
Cheers
RMT companies can finally run their businesses without worry of Bans and losing some of their investment. Of course they are going to do whatever they can to hack accounts and increase their profits.
I want to chime in here...
First the facts:
Last week, I got hacked.
I got the email from Blizzard saying my WoW account had been Banned for exploiting the economy. Typically, this gets written off as spam, but found out, "Oh sh*t this is real!" So I thought to myself "Wait a Minute? My WoW Account is inactive + I have an authenticator, how could this be?"
After putting in a ticket to Blizzard, they got back to me about 6 hours later. Yes, my account had been compromised, yes, my WoW account had been raped, including the bank of the guild I used to belong to. ALL WHILE INACTIVE. (as in, the character couldn't be logged into to play.)
No time was added to my account, no anything, yet they got in, had some fun, took everything, and did it all against a SECURED account.
In Diablo, nothing was missing, however, when I logged back in I saw unfamiliar names in my "Recently Played" list. So again, a ticket to Blizzard, where they acknowledge somebody had also infiltrated my Diablo account and they offered me a rollback.
Now, all of this while on an Authenticator. The email account used with my Battle.net account is used for nothing else but Battle.net. My password is random generated garbage and used nowhere else but the Battle.net account.
In my many years of having an active WoW account, I've never ever been hacked, compromised or any problems. Within 2 weeks of Diablo 3 being played, sh*t went wrong. Very wrong.
So coincidence? Maybe. But very unlikely. Of course Blizzard would never admit to screwing up on the security side of things, but whatever is going on, is on their end.
To add to that fact, a friend of mine, who has not played WoW in almost 2 years, bought Diablo 3 on release, played, etc.. He's Authenticator'd too... He just got his "Your Account Has Been Banned: Exploiting Economy Email" last night.
He's at a @hotmail.com email thought, which I'm sure he uses for everything, so that doesn't help. But again, coincidence? Don't think so.
Hey TSW Players http://www.unfair.co/ for Mission guides, Lore Locations and stuff....
Just curious,is it possible for a hacker to login to your account if they have a authenticator and your password as well?
only ever been hacked once..that was lotro a few yrs back,and they got at me thru the forums..took the GM 30 mins to reinstate everything.i guess the more you put yourself about the more you become a target for these scumbags.i just hope there is such a thing called karma where they get what is coming to them for doing stuff like that.
The thing is that it is often the users fault but far from always and people tend to assume that everyone is a moron just because 90% of the players who got hacked bought gold or were scammed (90% is a guess without any fact to back it up but it is a large percentage).
Diablo 3 will be the mostly hacked game ever since the hackers can sell the stuff for real money within the game. Every hacker in the world would like to get in on that.
If indeed someone with a physical auth got hacked it is very bad news for Blizz.
On the plus side is all your other games safe since they will focus on D3, but be sure to not have the same password for D3 as your MMOs.
Any security measure is only as useful as the user of it is intelligent.
I don't use any authenticator and never got hacked in any game. In 99% of all cases, the person who got hacked simply did something stupid. I doubt this is any different in the mentioned case.
Let's play Fallen Earth (blind, 300 episodes)
Let's play Guild Wars 2 (blind, 45 episodes)
... I love the user blame going on here. Go back and read my post. Sure, many users are stupid, I'm sure many of them have bought/ sold gold or something shady, HOWEVER - there is a legitimate problem present, and it all started with Diablo 3.
Hell, they even acknowledged in the ticket response that they see all my logins and transactions are done on a Mac, so their suggestions of Malware scanning were not valid in my case.
They didn't really answer my question as to why a completely inactive account and character was accessed, stolen from and banned. It seems they don't want to try to explain the logistics of that impossibility.
Regardless, I'll give them a +10 points for the speed and ease of resolution of this issue. (start to finish in 6 hours)
So blame whoever you want for whatever you want, but this recent security breech is a Blizzard failing, having something to do DIRECTLY with Diablo 3 - end of discussion.
Hey TSW Players http://www.unfair.co/ for Mission guides, Lore Locations and stuff....
Mac has malware too! Look up flashback.
In addition to having an authenticator, you can take other precautions.
For example, (1) create a unique battlenet email address that you never use anywhere else for any other purpose, (2) change your password frequently and make it unique and random, and (3) use the on-screen keyboard to log in.