Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Fuzzy Avatars Solved! Please re-upload your avatar if it was fuzzy!

Just a heads up. ( my acct. was hacked).

madnosmadnos maynard, MAPosts: 84Member

First off ,this isn't a rant ,nor am I overly upset.

My acct. was hacked yesterday afternoon.

 Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

 My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

 I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

Anyways, this is just a heads up to everyone :D.

Just be careful ....

 

Comments

  • PravanaPravana Denver, COPosts: 48Member
    Originally posted by madnos

    First off ,this isn't a rant ,nor am I overly upset.

    My acct. was hacked yesterday afternoon.

     Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

     My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

     I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

    Anyways, this is just a heads up to everyone :D.

    Just be careful ....

     

    ANET has been informing people to have a separate email for GW2. This is due the fact that databases from various fan sites and games have been hacked recently.

    http://wiki.guildwars2.com/wiki/Game_status_updates

    image

  • blackwyvernblackwyvern Euless, TXPosts: 3Member
    Same exact thing happened to my account. Logged in, found my account stripped of ores, money, and crafting items. Anet desperately needs to bring on the password changer online. When they told us to change our passwords a while ago, hey that's great, but you tell us to do this but you disable the only method to change the password!  Completely ridiculous. 
  • KingJigglyKingJiggly Simpsonville, SCPosts: 777Member
    They should have a double password system... as in type in two passwords to log in. That woould force people to be mroe creative with their passwords, and require double hacking time which is not worth it. Also, I got mail today btw about buying gold at "insert webiste here".com is their a way to report this mail? Cause I didn't find it :P
  • jpnolejpnole Tampa, FLPosts: 1,656Member Uncommon
    Originally posted by madnos

    First off ,this isn't a rant ,nor am I overly upset.

    My acct. was hacked yesterday afternoon.

     Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

     My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

     I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

    Anyways, this is just a heads up to everyone :D.

    Just be careful ....

     

    Why would you need to give anyone a heads up? If players are following all of the security protocols they should be following, there shouldn't be any problem. You should not have used the same password for GW2 that you use for other sites you visit. Be it your email, another game or forum account. It's your fault. Don't try to convince us that you only visit 2 sites on the whole internet. It wasn't a key logger, it was failure to use a unique password that got you hacked.

  • RokurgeptaRokurgepta wallington, NJPosts: 2,136Member
    Originally posted by jpnole
    Originally posted by madnos

    First off ,this isn't a rant ,nor am I overly upset.

    My acct. was hacked yesterday afternoon.

     Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

     My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

     I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

    Anyways, this is just a heads up to everyone :D.

    Just be careful ....

     

    Why would you need to give anyone a heads up? If players are following all of the security protocols they should be following, there shouldn't be any problem. You should not have used the same password for GW2 that you use for other sites you visit. Be it your email, another game or forum account. It's your fault. Don't try to convince us that you only visit 2 sites on the whole internet. It wasn't a key logger, it was failure to use a unique password that got you hacked.

     For years I have had a bad habit of using the same password in different places. For no reason at all when I signed up for GW2 I used one I have never used before and so far I have not been hacked in GW2. I was just lucky this time I guess.

  • jpnolejpnole Tampa, FLPosts: 1,656Member Uncommon
    Originally posted by Rokurgepta
    Originally posted by jpnole
    Originally posted by madnos

    First off ,this isn't a rant ,nor am I overly upset.

    My acct. was hacked yesterday afternoon.

     Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

     My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

     I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

    Anyways, this is just a heads up to everyone :D.

    Just be careful ....

     

    Why would you need to give anyone a heads up? If players are following all of the security protocols they should be following, there shouldn't be any problem. You should not have used the same password for GW2 that you use for other sites you visit. Be it your email, another game or forum account. It's your fault. Don't try to convince us that you only visit 2 sites on the whole internet. It wasn't a key logger, it was failure to use a unique password that got you hacked.

     For years I have had a bad habit of using the same password in different places. For no reason at all when I signed up for GW2 I used one I have never used before and so far I have not been hacked in GW2. I was just lucky this time I guess.

    Well if you have not already done so, I'd recommend following Anet's advice and changing it to a unique password. I use a highly encrypted 16 digit password courtesy of KeePass. Google it.

  • Br3akingDawnBr3akingDawn a City, CAPosts: 1,357Member Uncommon
    really? do people seriously use the same email and passwords? come on now its not hat hard to make a completely new one  from all your others. Better safe than sorry when it comes to gaming.

    image

  • cagarcagar florence, KYPosts: 98Member

    I get messages all the time via email asking to confirm an attempted login from a different location.

    i can't change my password yet unless they recently turned it back on, but unless I allow access they can't do anything anyway.

     

    70 monk eq1
    80 bruiser eq2
    43 druid wow
    Currently playing : rift

  • madnosmadnos maynard, MAPosts: 84Member
    Originally posted by jpnole
    Originally posted by madnos

    First off ,this isn't a rant ,nor am I overly upset.

    My acct. was hacked yesterday afternoon.

     Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

     My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

     I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

    Anyways, this is just a heads up to everyone :D.

    Just be careful ....

     

    Why would you need to give anyone a heads up? If players are following all of the security protocols they should be following, there shouldn't be any problem. You should not have used the same password for GW2 that you use for other sites you visit. Be it your email, another game or forum account. It's your fault. Don't try to convince us that you only visit 2 sites on the whole internet. It wasn't a key logger, it was failure to use a unique password that got you hacked.

     

     

    A. I know its my fault. I never said anything different.

    B. I said it's been the only 2 GAMING sites that I've visited.

    C. I said I assume it was a key logger.( I dont know what happened).

    D.I just wanted people to just be careful about going to sites .( trying to save some people a headache if they werent aware of it.).

    I guess I'm an asshole for trying to warn and help people.

    E. I have a seperate E-mail for this site .

    F. the other site I dont have a acct with.

     

  • MikeJezZMikeJezZ HillerødPosts: 1,197Member

    I changed my PW two days ago? Weird that other people can't.

     

    However, they need to gain acces first when loggin in and then through your E-Mail.

     

    If you have google mail, you can add some safety as I have.

     

    When you need to login to your E-Mail from another IP adress, Google send you an SMS with an activation code.

     

    Since then no one has gotten into my mail.

    Playing ATM: Elder Scrolls Online, Diablo 3
    MMO's shelted: Check my mmorpg profile
    KICKSTARTED: Camelot Unchained. (250 USD)

  • svandysvandy mount holly, NJPosts: 222Member Uncommon

    I'm going to post my story here because I think it is unfair for everyone to accuse the players themselves and not hold ArenaNet in any way accountable:

    I was at work two days ago and whenever I am at work I keep my email open all day to talk to friends. I watched an email from ANet pop up that said I changed my email (ironically enough, it says "someone -hopefully you!- " in the email). The first thing I noticed is it didn't ask me to CONFIRM my email change, so I assumed it had to be a fishing attempt. I checked out the IP and everything seemed legit, so I realized I had been hacked.

    Now, I wasn't using a unique email address, but I WAS using a unique password. Because of the nature of my job, I tend to create very secure passwords, so I find it unlikely that it was bruteforced.

    Yes, I could have used a unique email adress, but lets be realistic here - who the hell makes a brand new email address for every game they play? Are you kidding me? That is a rather childish request from ANet and *in my opinion* shows they have no faith in their security.

    Also - why was there no request for me to CONFIRM a change in my email address? If it was just an email address used with the account, whatever, but it is my USERNAME. That shouldn't just be able to be changed for seemingly no reason.

    The security measures put in place by ArenaNet are, frankly, laughable and as much as I do like the game I have to say that it is going to hurt their reputation going forward (depending on how quickly my accont gets restored, I may stop playing and recommending to my friends that they do the same). It's not a subscription based game so in THEORY they don't have to provide anything, but it is an MMORPG, not an FPS, and I still paid $60 to be able to play this game. At the very, very least they could have given me the option to add additional security functions to my account, especially after they were made aware that a massive attempt at stealing accounts had begun.

    Also for the record - since this has happened to me and I have been helping a small community of hacked players figure out what is going on, I've learned that some players who DID use a unique email address for GW2 were still hacked. ANets systems are clearly compromised and it looks like they don't want to admit it so early after launch, and it doesn't help when rabid fans refuse to believe it is happening until it happens to them.

    Please visit my youtube channel for some H1Z1/DayZ casual roleplay videos!


  • xpiherxpiher Indianapolis, INPosts: 3,311Member
    Originally posted by jpnole
    Originally posted by madnos

    First off ,this isn't a rant ,nor am I overly upset.

    My acct. was hacked yesterday afternoon.

     Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

     My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

     I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

    Anyways, this is just a heads up to everyone :D.

    Just be careful ....

     

    Why would you need to give anyone a heads up? If players are following all of the security protocols they should be following, there shouldn't be any problem. You should not have used the same password for GW2 that you use for other sites you visit. Be it your email, another game or forum account. It's your fault. Don't try to convince us that you only visit 2 sites on the whole internet. It wasn't a key logger, it was failure to use a unique password that got you hacked.

    I wouldn't be so apt to blame every player for their account being hacked. There are simply too many cases at this point. 

    Now the question is, why aren't any of these attemps being stopped by the IP tracker?

    image
    Games:
    Currently playing:Nothing
    Will play: Darkfall: Unholy Wars
    Past games:
    Guild Wars 2 - Xpiher Duminous
    Xpiher's GW2
    GW 1 - Xpiher Duminous
    Darkfall - Xpiher Duminous (NA) retired
    AoC - Xpiher (Tyranny) retired
    Warhammer - Xpiher

  • xpiherxpiher Indianapolis, INPosts: 3,311Member
    I'd like to point out something though ThR3D$ isn't a secure pw. Something like Monkeys1Eat$Bannanas3Every$Day5 is

    image
    Games:
    Currently playing:Nothing
    Will play: Darkfall: Unholy Wars
    Past games:
    Guild Wars 2 - Xpiher Duminous
    Xpiher's GW2
    GW 1 - Xpiher Duminous
    Darkfall - Xpiher Duminous (NA) retired
    AoC - Xpiher (Tyranny) retired
    Warhammer - Xpiher

  • paulocafallipaulocafalli Sampa, CAPosts: 256Member
    Originally posted by blackwyvern
    Same exact thing happened to my account. Logged in, found my account stripped of ores, money, and crafting items. Anet desperately needs to bring on the password changer online. When they told us to change our passwords a while ago, hey that's great, but you tell us to do this but you disable the only method to change the password!  Completely ridiculous. 

    I have just changed my password, I as well thought changing was disabled.

    But seriously, IMO, they need to implement security questions to login, just like SWTOR, that would help big time already.

  • Loke666Loke666 MalmöPosts: 17,962Member Uncommon
    Originally posted by madnos

    First off ,this isn't a rant ,nor am I overly upset.

    My acct. was hacked yesterday afternoon.

     Played before work yesterday morning .  Got home , logged into the game , and noticed an alt popped up as last toon played . I kind of dismissed it. I went to use teleport and it said I didnt have enough gold . Opened my inv . ,it was empty and I had no money. ( By this time, I know whats up, and I'm like you gotta be clucking kidding me).. Ran over to the bank,everything gone except acct. bound stuff .Check alts all wiped out.

     My highest toon is lvl23 . I didnt have a lot of stuff ,mostly mats, and some gear I was holding onto . So I can back to where I was pretty quickly and I'm not worried about it.

     I just dont understand how it could of happened . I dont give my pass. out to anyone . I dont go to shady sites. This site and GW2 guru are the only 2 gaming sites  I go to (and only since gw2  released have I been going to the other one). So I picked up a keylogger some where (I assume) .

    Anyways, this is just a heads up to everyone :D.

    Just be careful ....

    Change the accountname/mail as well as the password. Once the hacker knows a GW2 players mail they will continue to try to get in. And never use the new mail for anything else, you should be safe then.

  • Loke666Loke666 MalmöPosts: 17,962Member Uncommon
    Originally posted by paulocafalli

    They disable password changes because this way  hackers can not take control of your account. They can wipe out your things but you still have access. If they were able to change password ppl would kiss bye bye to their hacked accounts.

    But seriously, IMO, they need to implement security questions to login, just like SWTOR, that would help big time already.

    A character name like in GW1 would be fine enough, I cant understand why they didnt implement that.

  • paulocafallipaulocafalli Sampa, CAPosts: 256Member
    Originally posted by Loke666
    Originally posted by paulocafalli

    They disable password changes because this way  hackers can not take control of your account. They can wipe out your things but you still have access. If they were able to change password ppl would kiss bye bye to their hacked accounts.

    But seriously, IMO, they need to implement security questions to login, just like SWTOR, that would help big time already.

    A character name like in GW1 would be fine enough, I cant understand why they didnt implement that.

    Yeah me neither, simple and effective.

    Btw, I was so concerned that I just created a new e-mail and changed everything account name and pwd, and will keep this new e-mail just for this game. But it's sad to be forced to that, imagine if you had to do this to any new game.

  • dumbo11dumbo11 GuildfordPosts: 134Member
    Originally posted by xpiher
    I'd like to point out something though ThR3D$ isn't a secure pw. Something like Monkeys1Eat$Bannanas3Every$Day5 is

    In 2012 it is "secure enough" for our purposes.

    - a 6 character, lowercase, password has 308 million combinations.

    - an optimistic attacker might (optimistically) be able to run 100 login attempts per second (in all likelihood the actual number is closer to 1/second - and even then I think a login system should filter the attack anyway).

    It would take around 36 days of 24/7 querying to cover all the possible combinations of 6 letters, and afaik you can't do that anyway...

    No-one is seriously going to do that for a single MMO account.

    ---

    "Monkeys1Eat$Bannanas3Every$Day5" becomes useful if you've reused the password... an attacker will find your password hash from a separate website and look it up using rainbow tables.  A secure password will cause them problems.

    ---

    Mostly it seems that anet may have screwed up the original 'forgot password/change email' functionality.  And they also probably need a 'secret question'.

Sign In or Register to comment.