Hacked

Columc

So I logged on today, to find that i got hacked. So anyone know how blizzard handles stuff now, regarding getting gold/items and characters back that has been deleted?

Are they quick with their responses? been such a bitch, I don't get why the hacked delete your chars. like ok take my gold raid the bank etc etc, but why be a dick and get rid of stuff that is no use to you.

So anyone been hacked recently? What have you done? Once I found out I sent a in-game message, then sent a web form message to the support forum, and thinking about ringing them now.

2 Espressi

Sorry to hear that man, I'd be on the phoen straight away to get it sorted if I were you.

http://eu.blizzard.com/support/article.xml?locale=en_GB&articleId=23210

Columc

Aye rang them up, they said they have escalated my account to the head GMs and will be investigating it.

Should be fixed in 1-4 days

DevilsBreath

Hey

You should be fine. happened to me about 1 month ago.

I got all my gold and stuff back including characters.

Also got all the gold they generated on my account .

Took them 2 days to get everything sorted.

Anti

Happened to me about 2/3 months ago, same thing as you. they even deleted lvl <10 toons on other realms that had nothing. I got a friend to send a ticket ingame from my account (as i was in work when i found out, strange they never changed my password) Also rang them. By about 7pm that evening i had almost all my toons back, and then 24/48 hours later i got all my gear back. One of the GM's i talked to was Irish, really sound guy who got me all my gems, stuff in my bank and guild bank, and about a extra 10k gold, which is what im guessing the hackers made while in control.

To be on the safe side, change all the passwords to your email account. And change your battle.net password too. Oh, and run a av/malware scan on your pc incase anything nasty is lurking around.

Dcully

Ive never been hacked but my Aion account got hacked a while back even though the account was inactive.

This has got me concerned however while i look at my wow account on battlenet.
It is saying the account is frozen, i thought it normally says inactive when one is inactive?

My wow subs canceled about 5-6 months now but as i say seeing this "Frozen" in red text has got me concerned considering my Aion account got hacked while i wasnt subbed.

Can anyone recall if it says "inactive" or "frozen" in the accoutn status when your unsubbed?

PS: sorry to butt in on OPs thread.

Anti

Thats normal now Dcully. My second account was saying the same thing, but as soon as i added game time it was back to normal.

Dcully

Cheers for that Anti.

Overheal

Recent attacks may have been cause by a vulnerability in Flash and your web browsers.

Firefox has been patched about half a dozen times in the last 2 weeks and I've had to patch Flash on as many machines. Blizz's site last week spoke about a vulnerability that could target WoW users iirc.

Columc

cheers overheal will have a look to see if they are all upto date.

Got the deleted chars back(still really annoying, why do they delete them) but items are still missing, guess they need to through some logs to see whats mine etc.

Flojo

Aww that sucks! Sorry to hear that dude, good luck in getting everything back.

Columc

Cheers flojo,

Well got a email saying they have confirmed my account was hacked, and they are in progress mailing me back all my items and gold in which i have lost(Martin furry anyone :P)

They were very quick, I'm very impressed with them, I heard a lot of bad things with this, and the usual horror story of 4 weeks later noting is done, but got my 4 level 80s back within an hour, with my main having all his gear, but the other chars being naked And then also got my level 60-70s alts back in 2 hours after that.

Flojo

Thats great news! Keep pestering them about the other gear though. I might be able to ask a friend if you still have trouble.

elexes

3 people in my guild have been hacked recently. each of them had all there stuff back and the gbank stuff less then 2 hrs after they found out.

Magaa

dont worry that much you will get to keep the stuff the farmers farmed last time i got hacked i made like 4k gold off it

degrassinoel

dont use your battlenet mail address when you apply to guilds! lol i learned that the hard way.

Columc

I'm 90% sure its due to the flash exploit at this stage, I am quite safe with emails and passwords, not using the same ones for diffrent things.

Got everything back last night, after rining customer support again, apeprtly i should of got everything bac kwhen my chars were returned, but there was a problem with the mail and it was never sent.

+! for blizzards customer support

Cuddlesworth

Its definitely server side that's being hacked, nothing to do with exploits.

Nehaxak

Cuddlesworth wrote: »

Its definitely server side that's being hacked, nothing to do with exploits.

I don't think that's true, there'd be an awful lot more being hacked if that were so. Not saying it's not beyond the realms of possibility but in all fairness, most hacks committed are down to the person that was hacked being at fault (most times without them even being aware they ever did anything wrong in the first place to give the hackers a chance at their account).

Overheal

Well I mean boards was hacked; and its not a big a target as a realm server for example. And the IP's of those servers aren't exactly secrets.

Its at least plausible that the realms regularly get hacked and that through whatever means hackers are able to decrypt stored login credentials.

Drakar

Most "hacks" either come from social engineering ("Hi this is WoWGM, we need to do a security check .... / Hi this is your guildmate <blah> can I try your character <blah") or from people selecting insecure passwords (dictionary attack), oh or trojans operating on someone's machine ofc.

WoW is a little different to boards.ie. It has your financial details, and each account is worth a decent amount of money.

Overheal

Exactly. It makes sense its been the subject of a high volume of hacks.

jabberwock

Overheal wrote: »

Well I mean boards was hacked; and its not a big a target as a realm server for example. And the IP's of those servers aren't exactly secrets.

Its at least plausible that the realms regularly get hacked and that through whatever means hackers are able to decrypt stored login credentials.

I actually LOL'd.

To say there is a difference between boards and WoW is a bit of a understatement.

Columc

Drakar wrote: »

Most "hacks" either come from social engineering ("Hi this is WoWGM, we need to do a security check .... / Hi this is your guildmate <blah> can I try your character <blah") or from people selecting insecure passwords (dictionary attack), oh or trojans operating on someone's machine ofc.

WoW is a little different to boards.ie. It has your financial details, and each account is worth a decent amount of money.

Computer 100% clean I'm positive about that, my password is a variation of capitals,numbers and various other keys. and i don't fall for any of that **** with pms or trust anyone with my account nor fall for any email scams.

Flojo

Columc wrote: »

Computer 100% clean I'm positive about that, my password is a variation of capitals,numbers and various other keys. and i don't fall for any of that **** with pms or trust anyone with my account nor fall for any email scams.

Come say hai in group! I promise you can have my Mudkip for a lil while

Overheal

jabberwock wrote: »

I actually LOL'd.

To say there is a difference between boards and WoW is a bit of a understatement.

Im nothing if not modest!

But remember each realm is its own entity, and theres hundreds. Each would be sizable in population to boards.ie i'd wager. im not sure if they attacked a central billing server now am i?

Cuddlesworth

Nehaxak wrote: »

I don't think that's true, there'd be an awful lot more being hacked if that were so. Not saying it's not beyond the realms of possibility but in all fairness, most hacks committed are down to the person that was hacked being at fault (most times without them even being aware they ever did anything wrong in the first place to give the hackers a chance at their account).

I'm sure social engineering accounts for a portion of it, but the fact remains that I know people with 100% secure systems who haven't logged or used their accounts in months get hacked. They don't visit any odd sites, or popular targeted wow sites/forums and the explanations for their loss of details can only be described as odd.

Nehaxak

Cuddlesworth wrote: »

I'm sure social engineering accounts for a portion of it, but the fact remains that I know people with 100% secure systems who haven't logged or used their accounts in months get hacked. They don't visit any odd sites, or popular targeted wow sites/forums and the explanations for their loss of details can only be described as odd.

Still don't believe it dude sorry. I was one of those people. When I was hacked, I was hacked via Chinese pissheads hacking my email account hosting. Nowt wrong with my PC, no viruses, no malware, etc.,
I had at the time, email hosting via Google, which was via GoDaddy and the password I had in use at the time on my email accounts would've been easy enough to brute force.

They just logged into my email account hosting, requested a new password from blizzard, clicked the link Blizzard sends you in an email to confirm, then deleted the offending email.

So, what's to say they don't do the same thing to others ? How safe is your email account/hosting and how good is the password you use on that ?

The Blizzard Authenticators are a massive help as even if the hacker did get your email account details now, they can do feck all without the authenticator.

It's a wild conspiracy theory to suggest blizzard themselves are/were hacked and that peoples details are or have been available to hackers.
I'm not saying that it's not possible, just that unless there's hard factual evidence to the contrary, then I'll still be of the opinion that WoW account hacks are the persons own fault one way or the other.

It's still bloody shítty no matter what that people have to worry and put so much thought into protecting a feckin' game they play

Gummy Panda

Flojo wrote: »

Come say hai in group! I promise you can have my Mudkip for a lil while

Durrty! :P

jabberwock

Overheal wrote: »

Im nothing if not modest!

But remember each realm is its own entity, and theres hundreds. Each would be sizable in population to boards.ie i'd wager. im not sure if they attacked a central billing server now am i?

hmm, I would think that a small precentage of the millions Blizzard make every month would go towards keep the servers secure.

If you get hacked it's your fault. Plain and simple. Not matter how secure you think you details are. They got them from you.

jabberwock

Cuddlesworth wrote: »

but the fact remains that I know people with 100% secure systems who haven't logged or used their accounts in months get hacked.

How secure are their mates systems that have their log in details. :P

Cuddlesworth

Nehaxak wrote: »

Still don't believe it dude sorry. I was one of those people. When I was hacked, I was hacked via Chinese pissheads hacking my email account hosting. Nowt wrong with my PC, no viruses, no malware, etc.,
I had at the time, email hosting via Google, which was via GoDaddy and the password I had in use at the time on my email accounts would've been easy enough to brute force.

They just logged into my email account hosting, requested a new password from blizzard, clicked the link Blizzard sends you in an email to confirm, then deleted the offending email.

So, what's to say they don't do the same thing to others ? How safe is your email account/hosting and how good is the password you use on that ?

The Blizzard Authenticators are a massive help as even if the hacker did get your email account details now, they can do feck all without the authenticator.

It's a wild conspiracy theory to suggest blizzard themselves are/were hacked and that peoples details are or have been available to hackers.
I'm not saying that it's not possible, just that unless there's hard factual evidence to the contrary, then I'll still be of the opinion that WoW account hacks are the persons own fault one way or the other.

It's still bloody shítty no matter what that people have to worry and put so much thought into protecting a feckin' game they play

Lad in work. Work email, sixteen digit password on Wow Account, runs scriptblocker on Browser, locked down firewall. On the day of his account being inactive and him not renewing, his account was "hacked", renewed with a game card and used to gold farm.

Flatmate got hit with something similar and has been anal about these things since his steam account was hit over a year ago. Both times the hack and use of their accounts coincided with them both not using them causing a much higher chance of them not noticing.

Overheal

jabberwock wrote: »

hmm, I would think that a small precentage of the millions Blizzard make every month would go towards keep the servers secure.

If you get hacked it's your fault. Plain and simple. Not matter how secure you think you details are. They got them from you.

No security is bullet-proof.

While obviously Blizzard probably invests a huge sum of money into serverside security measures, to say its failproof would be farcical. And it's a very target rich environment, as well as a highly lucrative target for hackers.

Even the Power Rangers got attacked at home every couple seasons.

Nehaxak

Cuddlesworth wrote: »

Lad in work. Work email, sixteen digit password on Wow Account, runs scriptblocker on Browser, locked down firewall. On the day of his account being inactive and him not renewing, his account was "hacked", renewed with a game card and used to gold farm.

Flatmate got hit with something similar and has been anal about these things since his steam account was hit over a year ago. Both times the hack and use of their accounts coincided with them both not using them causing a much higher chance of them not noticing.

Still an awful lot of options available to put forward as possible hacks and how they could've happened, at the fault of the user (whether they know it or not) rather than even beginning to think it's Blizzards server security at fault, you're also only going on what your mates told you (or didn't).

I just can't begin to believe that a multi-billion dollar (?) gaming company who are plagued by hackers, gold spammers and other such crap - would not do their absolute utmost to protect their servers and especially their customers accounts and data with the highest possible security. So I don't believe it, until someone shows me different.

Cuddlesworth

Nehaxak wrote: »

Still an awful lot of options available to put forward as possible hacks and how they could've happened, at the fault of the user (whether they know it or not) rather than even beginning to think it's Blizzards server security at fault, you're also only going on what your mates told you (or didn't).

I just can't begin to believe that a multi-billion dollar (?) gaming company who are plagued by hackers, gold spammers and other such crap - would not do their absolute utmost to protect their servers and especially their customers accounts and data with the highest possible security. So I don't believe it, until someone shows me different.

The Chinese have been spending the last few years working in teams on 24/7 shifts hacking various corporate entities and ISP's. Wow is a huge commercial target outside of industrial espionage. Google are the first large company who have come out and said this is happening. It also played a small part in them pulling out of China. Various other western security experts over the years have insinuated or plainly come out and said that there is a huge issue with this. Blizzard may be aware of this but not aware of how they are currently doing it. Or they might simply be fighting a losing battle. Hacking the actual credit card details would be a another step beyond wow because of how the transaction systems are designed and set up.

DevilsBreath

Just a quick add in here. When I got hacked they enabled an authenticator onto my account, which made it interesting to get my account back.

nix

I have yet to be hacked and have pretty much zero security and i see all you guys getting hacked and it makes me a saaaaaad panda..

Srsly, what am i doing right?

Cuddlesworth

nix wrote: »

I have yet to be hacked and have pretty much zero security and i see all you guys getting hacked and it makes me a saaaaaad panda..

Srsly, what am i doing right?

I wasn't aware you did anything right nix. The Nogs was the first step in a long line of failures.

nix

Failure to what exactly?

I succeeded in having fun

Cuddlesworth

nix wrote: »

Failure to what exactly?

I succeeded in having fun

Getting your ass kicked. By me. Andy too I suppose.

nix

You wish!

Mthor5

DevilsBreath wrote: »

Just a quick add in here. When I got hacked they enabled an authenticator onto my account, which made it interesting to get my account back.

Can i ask how you got on?

I just got an email off blizzard saying my account was suspended.I tried to log in
but it now requires an authenticator code which i never used,also my account has been frozen/inactive since May.

Same story with Starcraft 2, that requires an authenticator code too.

Filled out the blizzard webform details etc,never been hacked before!:eek:

Cuddlesworth

Took about a day to get his stuff back. He was also left with 30k on his account from the two weeks the goldseller had access.

Mthor5

I havent played starcraft 2 in a few weeks either so im not sure how long they have had my account, but i had a few lvl 80's with about 120,000 in gold and a lot of mats...guess the git sold a lot of it and got caught or something,not expecting a gold surplus :pac:

Mr. CooL ICE

nix wrote: »

I have yet to be hacked and have pretty much zero security and i see all you guys getting hacked and it makes me a saaaaaad panda..

Srsly, what am i doing right?

You seem to be more careful than others when looking for pr0n :pac:

Mthor5

Mthor5 wrote: »

Can i ask how you got on?

I just got an email off blizzard saying my account was suspended.I tried to log in
but it now requires an authenticator code which i never used,also my account has been frozen/inactive since May.

Same story with Starcraft 2, that requires an authenticator code too.

Filled out the blizzard webform details etc,never been hacked before!:eek:

just an update.....all sorted through the webform,fairly quick too

Got all items back,took an hour or so going through the blizzard in game mails, + got about 40/50k in profit from his/her ah dealing to date(seemed to have a titanium/saronite/adders tongue addiction) and still about 100 transactions still on ah.
Oh, and free play time until the 29th:cool: (not that i'll use it):pac:

nix

I finally got hacked, ****!

I'm unsure as to when they got my account details, do they attack the account itself? is it just my wow details that would be compromised?

Should i be worrying about credit card details also?

I got a virus last week and got a fresh reinstall at the start of the week and used a character transfer with my ma's credit card, should i ask her to check her visa transactions?

Just done a avg scan and it found nothing so im pretty sure it all happened prior to my reformat, or is there another scan i should do with other software?

****!

Nehaxak

Yeah get rid of that AVG crap for a start
Personally I use Comodo AV and it's grand but there's a few other free choices out there besides that AVG.

If you were keylogged, which would be likely, then yeah, worth keeping an eye on your mothers visa transactions.

Change your email password(s) also but just make sure before you do that there are no traces of any keylogger still on your system, otherwise it's pointless changing passwords if you can still be keylogged.

Get a copy of Secunia PSI installed via http://secunia.com/blog/123 and run a full scan, updating software when required so your system is as secure as is possible (most browers are usually insecure in one way or another but at least get the latest versions of them). Opera and Chrome seem the most secure these days.

Nehaxak

Did you get everything sorted out Nix?