Sounds like a same I want to play...
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Diablo 3 Account Hacked
- Thread starter Fahim
- Start date
Sounds like a same I want to play...
wiseoracle
2[H]4U
- Joined
- Aug 22, 2002
- Messages
- 2,305
It does something though. A few times that I have logged on to battle.net, it has asked for my authentication code to login.
It's at least a layer of security.
The problem is, how are these hackers getting in w/o having to login? There hasn't been much solid proof on this, other than speculation of joining public games is prone to attack.
Now I saw a video someone had on youtube of the items disappearing in game. But I'm more interested in seeing how it's actually done. Are they using tools to do this? That's what I want to know.
I know Blizzard won't admit to being hacked ever.
collegeboy69us
Supreme [H]ardness
- Joined
- Jul 27, 2003
- Messages
- 5,255
While I see your point -- following even HALF of what you said means to play D3 "safer" I would have to take an extra 5 or so minutes to jump through all these little hoops. Of gearing up and down after each session. Not to mention having "fake" characters to cover your tracks.
Not being able to play with friends? Not being able to join any or all games? At that point you need to turn off the computer and force a refund on the game.
I'm still debating whether to request a refund, I have about what? 1 or 2 more weeks for that 30 day period? I know blizzard would say "no" but hooray for credit card charge back. As I said, still debating.
DarkSaturn
Limp Gawd
- Joined
- May 27, 2010
- Messages
- 288
Was thinking about this last night. Pretty sure the RMAH is going to kill itself.
Imagine a couple scenarios:
6 months from now, you're all setup with an authenticator to protect you're high level character loaded up with some good end game gear (that has value on the RMAH), but want to make an extra buck. So you let your account sit for a couple days (so the restore point has all your current gear), call up a friend who lives some distance away and give them your credentials (including your authenticator #). Have them 'hack' you. Request roll-back. Sell second set of gear from a new account. Could even have them 'hack you' while you're online playing, giving some credence to the 'session spoofing' theory.
Now imagine a criminal organization, they could run this same scam, but more effectively. First they absolutely load up a powerleveled level 60 character with across the board best available gear from the RMAH (hard to say what the cost of that would be, might be $200, might be $2500). Have it 'hacked' by another member, request rollback. Now they've got two sets of that awesome gear. Move items over to other characters/accounts, repeat the process. Now they've got four sets and so on. Release it back onto the RMAH from various accounts once they have more gear than they can realistically cycle this way. 12 items on the character, plus full inventory and full stash. Could be 100's of items duplicated each time.
The only solution is have unique item ID's and to actually flag 'hacked' items, and 'rollback' items and shutdown the users who are trading in them exclusively. But then they'll just move them about in the gold auction house or in game trading to effectively launder the source of the items.
Will probably only really stop once the flood of 'rollback' cloned items depresses the value of max stat items on the RMAH below the point that running a rollback scam makes money.
Imagine a couple scenarios:
6 months from now, you're all setup with an authenticator to protect you're high level character loaded up with some good end game gear (that has value on the RMAH), but want to make an extra buck. So you let your account sit for a couple days (so the restore point has all your current gear), call up a friend who lives some distance away and give them your credentials (including your authenticator #). Have them 'hack' you. Request roll-back. Sell second set of gear from a new account. Could even have them 'hack you' while you're online playing, giving some credence to the 'session spoofing' theory.
Now imagine a criminal organization, they could run this same scam, but more effectively. First they absolutely load up a powerleveled level 60 character with across the board best available gear from the RMAH (hard to say what the cost of that would be, might be $200, might be $2500). Have it 'hacked' by another member, request rollback. Now they've got two sets of that awesome gear. Move items over to other characters/accounts, repeat the process. Now they've got four sets and so on. Release it back onto the RMAH from various accounts once they have more gear than they can realistically cycle this way. 12 items on the character, plus full inventory and full stash. Could be 100's of items duplicated each time.
The only solution is have unique item ID's and to actually flag 'hacked' items, and 'rollback' items and shutdown the users who are trading in them exclusively. But then they'll just move them about in the gold auction house or in game trading to effectively launder the source of the items.
Will probably only really stop once the flood of 'rollback' cloned items depresses the value of max stat items on the RMAH below the point that running a rollback scam makes money.
chockomonkey
[H]F Junkie
- Joined
- Oct 11, 2003
- Messages
- 8,328
^^ good thoughts.
So it appears that Blizzard trying to stop duping results in Blizzard becoming the duper.
So it appears that Blizzard trying to stop duping results in Blizzard becoming the duper.
TheMadHatterXxX
2[H]4U
- Joined
- Sep 7, 2004
- Messages
- 3,021
OH CMON THAT'S REALLY STRETCHING IT, As MUCH AS I INSULT BLIZZARD, SURELY SURELY SURELY THEY CANNOT HAVE BEEN THAT INCOMPETENT TO NOT HAVE PLANNED FOR THIS TYPE OF SCENARIO.
But then again, who's to say that Blizzard could not be behind this type of scheme and flooding the RMAH with high level high priced items to sell which they've artificially created and sold on Blizzard owned accounts for profits...
/puts tinfoil had on and head asplodes.
DarkSaturn
Limp Gawd
- Joined
- May 27, 2010
- Messages
- 288
OH CMON THAT'S REALLY STRETCHING IT, As MUCH AS I INSULT BLIZZARD, SURELY SURELY SURELY THEY CANNOT HAVE BEEN THAT INCOMPETENT TO NOT HAVE PLANNED FOR THIS TYPE OF SCENARIO.
But then again, who's to say that Blizzard could not be behind this type of scheme and flooding the RMAH with high level high priced items to sell which they've artificially created and sold on Blizzard owned accounts for profits...
/puts tinfoil had on and head asplodes.
Now imagine how they could do this effectively. They would have to hide the 'user' who is selling any particular item, could always spoof a fake user but someone might try and contact them. Oh wait, they've done that.
In order to make it really work, what they could do is say a max + to vitality an item can have is +250, so they set the formulas to allow for a small percentage of blue items and yellow items with fewer than 4 properties or less than max sockets to drop with +250 Vitality. But rare(yellow) items with 6 properties and full sockets can only ever drop with +220 Vitality or less. Then trickle a tiny amount of said impossible items onto the RMAH. The b.net forums will be full of Blizzard white knights to claim they are legit, afterall they have themselves found blue or crappy yellows with + Vitality above 220 so they are possible to find :O
I can see them requiring every account to have an authenticator very soon.
DarkSaturn
Limp Gawd
- Joined
- May 27, 2010
- Messages
- 288
That's my big frustration. It's inevitable that will be the outcome, but right now they are essentially blaming the users for poor security, which may or may not be the case.
What we do know however, is that Blizzard isn't exactly going out of the way to prevent this on their end, or if they are they aren't communicating it.
Case sensitive passwords: nope
Options to shutdown account until email confirmation if connection from a new IP detected: nope
Banning IP's of users that are repeatedly connecting to account after account, accounts registered all over the place: ie: hackers: Certainly doesn't look like they are doing this.
Shutdown of accounts after a # of failed password attempts: nope
Authenticator shouldn't be the only option here. Maybe I'm just bitter since I use a non-supported phone OS, and am unimpressed that they want $14 to ship a tiny plastic authenticator because I live all the way in Alberta.
FighterAce124
Supreme [H]ardness
- Joined
- Mar 5, 2006
- Messages
- 5,933
I dont know a single person who has been hacked with an authenticator on their account.
Generally a "hacked" account isnt a personal attack - someone/something is going through hudreds of accounts to pilfer everything from them all, it's not going to put effort into getting in any single account.
Moral of the story? Get an auth. It's free on mobile phones, not even the stupid $1 fee it used to be.
If you managed to piss the wrong person off enough, your account is fucked, auth or not. But you'll lower the chance of getting your shit taken by probably 98% (I would say 100, but anything is possible). If you dont have an auth, nobody feels bad for you. Learn your lesson, and get an auth so it doesnt happen again.
I'd also call shens on only two rollbacks. Raise enough of a shit fit and you can probably get more lol
Generally a "hacked" account isnt a personal attack - someone/something is going through hudreds of accounts to pilfer everything from them all, it's not going to put effort into getting in any single account.
Moral of the story? Get an auth. It's free on mobile phones, not even the stupid $1 fee it used to be.
If you managed to piss the wrong person off enough, your account is fucked, auth or not. But you'll lower the chance of getting your shit taken by probably 98% (I would say 100, but anything is possible). If you dont have an auth, nobody feels bad for you. Learn your lesson, and get an auth so it doesnt happen again.
I'd also call shens on only two rollbacks. Raise enough of a shit fit and you can probably get more lol
DarkSaturn
Limp Gawd
- Joined
- May 27, 2010
- Messages
- 288
Pack of guest passes printed on cardstock to ensnare your friends: in the box
Random diablo themed notepad to plan skill tre... er for something: in the box
Authenticator, for which if you play without you're more than like going to be hacked: not in the box
While on the subject:
DVD style case to keep your copy in nice shape like pretty much every other major PC release in years: not in the box
Cardboard sleeve like you expect from a Hobosoft release: IN THE BOX
(yes I'm aware that digital distribution exists... just object to paying the same and getting less).
Random diablo themed notepad to plan skill tre... er for something: in the box
Authenticator, for which if you play without you're more than like going to be hacked: not in the box
While on the subject:
DVD style case to keep your copy in nice shape like pretty much every other major PC release in years: not in the box
Cardboard sleeve like you expect from a Hobosoft release: IN THE BOX
(yes I'm aware that digital distribution exists... just object to paying the same and getting less).
collegeboy69us
Supreme [H]ardness
- Joined
- Jul 27, 2003
- Messages
- 5,255
just submitted a ticket to start the refund process on my account - I explained in a detailed professional manner why I require my money back. And that if the request can't be handled smoothly I would have to escalate the issue with my bank.
Maybe in 6 months or a year they will have these issues fixed, nobody really knows for the time being I refuse to pay money for something this broken. It's like buying a sports car that's fun but you can't enjoy it because everyone has a set of keys to it.
I explained to them that when trying to call their support line, a 2 hour wait is unacceptable and that I refuse to blow $20 worth of my minutes on the small chance a person might answer the phone after 2 hours and "maybe" help me.
Maybe in 6 months or a year they will have these issues fixed, nobody really knows for the time being I refuse to pay money for something this broken. It's like buying a sports car that's fun but you can't enjoy it because everyone has a set of keys to it.
I explained to them that when trying to call their support line, a 2 hour wait is unacceptable and that I refuse to blow $20 worth of my minutes on the small chance a person might answer the phone after 2 hours and "maybe" help me.
If the problem truly is on the user's side, then someone explain to me why we hear about cases of account hacking (WoW, in this case) where a dormant account that hasn't been used in months ends up getting hacked?
At the very best, there are some serious security deficiencies in the way Blizzard handles log-ins (see DarkSaturn's post above.) Blizzard should implement something like RIFT's system - detect unfamiliar IP address, and you get coin-locked - can't do anything related to sending money/items/auction house stuff until you've verified your account through your email address.
At the very best, there are some serious security deficiencies in the way Blizzard handles log-ins (see DarkSaturn's post above.) Blizzard should implement something like RIFT's system - detect unfamiliar IP address, and you get coin-locked - can't do anything related to sending money/items/auction house stuff until you've verified your account through your email address.
boredreflux
Limp Gawd
- Joined
- Aug 31, 2007
- Messages
- 140
It's simple, just because an account was hacked today doesn't mean they got the info yesterday, or last week, or last month. The user could also be using the same info at different places. Happened to an old guildie of mine, his account was offline for around 6 months. He got kind of lucky because he was used as a bot, wasn't stripped. He only knew because he got emailed when they changed his password and got to come back free of charge, the hacker added time, to bags full of ore/gems, not to mention a shit ton more gold than what he quit with.
Anyone still out there without an autheticator for whatever reason can check this out https://code.google.com/p/winauth/. I came across it the other night. It isn't endorsed or supported by Blizz but seems like it should/could be a decent stop gap until you can get yourself the real thing, so I guess use it at your own risk.
Polarhound
I suck at [H]F
- Joined
- Feb 11, 2003
- Messages
- 1,305
Blizzard says you are a liar.
Every single time someone has said they were compromised despite having any authenticator, their research always came up showing the authenticator was added AFTER being compromised, combined with the majority of systems being so full of malware it would make Anonymous cry.
Polarhound
I suck at [H]F
- Joined
- Feb 11, 2003
- Messages
- 1,305
will you send me your Iphone if I give you my adress? Whats that? I can't have it for free?
I've bolded the part that makes this stupid to use.
There's no way to verify the security of a non-official authenticator, and you'll probably be hosed if the authenticator stops working/syncing for some reason and you're left unable to get into your account.
Dan
Supreme [H]ardness
- Joined
- May 23, 2012
- Messages
- 8,025
damn, i think ill get a authenticator now
Breath_of_the_Dying
[H]ard|Gawd
- Joined
- Jan 8, 2007
- Messages
- 1,454
Edit, wrong thread.
RobustDude
Limp Gawd
- Joined
- Jul 9, 2002
- Messages
- 247
This one was a great surprise for me today... I barely even play
Really? If that's your excuse then you don't deserve to be a member of this forum.
It's free for android and windows phone as well.
Also:
http://us.battle.net/d3/en/forum/topic/5596251096
and as just posted:
https://code.google.com/p/winauth/
SilverSliver
[H]F Junkie
- Joined
- Feb 23, 2004
- Messages
- 12,572
Has anyone identified the piece of malware that is jacking D3 accounts but leaving other game accounts, bank accounts, mail accounts, etc alone yet? With so many people getting hacked, I'm curious what the culprit is considering it is so widespread and obviously pretty specific in target.
MrGoodKat44
Limp Gawd
- Joined
- Mar 21, 2011
- Messages
- 232
Well, I got hacked this morning. The asshole took all my gold and equipment and jewels. I guess it is mine own fault for not changing my password regularly and not setting up the authenticator. Authenticator was set up this morning and password changed to a rediculously long password this am.
How long does it generally take them to restore your account?
How long does it generally take them to restore your account?
SilverSliver
[H]F Junkie
- Joined
- Feb 23, 2004
- Messages
- 12,572
Run Malwarebytes and figure out what got your password.
wiseoracle
2[H]4U
- Joined
- Aug 22, 2002
- Messages
- 2,305
I think we have all heard that, but have yet to see anyone prove it otherwise.
Is it possible? Hell yes
Have we seen it? Nope... Not to my knowledge.
I had the authenticator after a week of playing this game and hearing about the rampant hacking.
timtheenchantor
Gawd
- Joined
- Jun 17, 2005
- Messages
- 962
It probably isn't malware. Here's a youtube link from a person (born in the US) who runs a virtual currency broker service and is being interviewed. The person interviewing is markeedragon, an owner of a website that allows you to buy accounts and other virtual goods:
http://www.youtube.com/watch?v=PWvHcoqru7I&t=25m28s
Here he describes "account cleaning" and eventually, around (32:02: http://www.youtube.com/watch?v=PWvHcoqru7I&t=32m4s) he comments on where the "account cleaners" get their user id and passwords.
This would explain why people's bank accounts haven't been messed with, as the user id's they are mining aren't bank information at all. It's simply hackers logging into popular communities sites, breaching the databases, and mining the information.
Edit: i just remembered the second reply in this thread:
Last edited:
SilverSliver
[H]F Junkie
- Joined
- Feb 23, 2004
- Messages
- 12,572
Thanks for the video.
chockomonkey
[H]F Junkie
- Joined
- Oct 11, 2003
- Messages
- 8,328
Nice share, mr enchanter.
Great video, definitely explains probably why my WoW account got hacked. I used my spam/forum email account to setup my WoW account and so I bet those credentials got mined from a site. Now it uses its own unique password as well as the email account it connects to has its own password as well.
bigdogchris
Fully [H]
- Joined
- Feb 19, 2008
- Messages
- 18,739
So basically what to take away from this is make sure your Diablo 3 username and at least password are totally unique to that service.
... but the "account cleaners" do not explain getting around authenticators do they? Or can they just add another authenticator to their own device, use it once, then remove it from the account?
... but the "account cleaners" do not explain getting around authenticators do they? Or can they just add another authenticator to their own device, use it once, then remove it from the account?
There is a ridiculously large number of accounts with authenticators on them for this to be the end all cure.
Ocellaris
Fully [H]
- Joined
- Jan 1, 2008
- Messages
- 19,077
Before the last expansion came out, there was some speculation the authenticator would be included in retail box copies and mailed to people buying digital downloads. Unfortunately that turned out to not happen, and hacking was still rampant.
The problem got really bad in the guild I was helping to run. And every single time people would get hacked, it was the same story "Omgosh I don't use that password anywhere, I don't log into shady sites, Blizzard servers got hacked, it DEFINITELY isn't my fault" blah blah blah... After this was affecting guild activities so much we had trouble doing raids (people were waiting for restores or getting hacked during raid encounters), we finally made it a required item. Pissed off some people, but they got over it. Then the problems with people being hacked magically went away, and everyone was like "Huh, oh I see these actually DO work"
For all the people blaming Blizzard for some huge security problem, there are hundreds of thousands of authenticator-using people happily playing battle.net games without a problem. The hack rate for people using authenticators appears to be pretty damn close to 0, while there is a very vocal group of people that get their shit hacked because they have bad security practices then choose to point fingers.
Last edited:
Just have your account text message you when something weird happens, such as login from a foreign location or maybe they should do it how steam does it. They require you to enter a code when the location is questionable from the normal locations you log in from.
timtheenchantor
Gawd
- Joined
- Jun 17, 2005
- Messages
- 962
People need to get sense of what they are doing. Hell, the Chinese farmers themselves call those people out in the video. Those who risk it, are not too keen on security and don't care. IMO, those people have no one to blame but themselves if they use the same information across services. Basic security here folks and I find it hard to take someone who has been compromised in this fashion seriously when they deny it, and troll the community like what is happening ("it just has to be a breach it can be no other way!" *sigh*)
In my opinion, Blizzard does what they can as a business. They shouldn't be acting as peoples Internet security advisor or monitoring accounts for authenticators. It's the users responsibility and it should stay that way.
In terms of using location and authenticators, they use a method like that. If I log on somewhere that is not my home, it requires an authenticator.
Last edited: