Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
are blizzard behind hacked accounts???
This discussion has been closed.
It looks like you're new here. If you want to get involved, click one of these buttons!
Comments
i got the same mail and it was genuine, i had it frozen sincearound release day of burning crusade and suddenly half a year ago or something it told me it was banned for goldselling or something, manually put in wow europe adress and checked my account, and yes it was banned.
Like the mail said it didn't matter if i got hacked because the account itself was used for something so i had no say in the matter, now who would bother hacking an account then pay subscription.
I didn't care all that much since i don't play it anymore, but it made me feel a bit angry.
It seems highly unlikely that Blizzard as a company would go around cheating players off their goods, virtual properties that are in principle all already owned by Blizzard.
I don't think it's unlikely - not saying that it's the case here - that some Blizzard employees are doing some sidejobbing gathering players' information and using or selling it. It's pretty easy to do such things when you're on the inside and know the workings of things. Blizzard is a large company, and fraud happens in small or large ways all the time in large companies.
Sometimes people are caught quickly, and sometimes they can get away with things for a very, very long time.
The ACTUAL size of MMORPG worlds: a comparison list between MMO's
The ease with which predictions are made on these forums:
Fratman: "I'm saying Spring 2012 at the earliest [for TOR release]. Anyone still clinging to 2011 is deluding themself at this point."
Someone did get into mine even though I had not played in years (I do have an idea how though). Somehow they managed to guess the answer to my security question (which I change for every site and use the true answer and a pattern system so they are all different).
They DID activate my account and sold everything on my two main characters and got rid of the gold.
I wondered why they would activate it as well. . why spend the $15 right? The only thing I can think of is either they hope to make more. . or they use stolen, new credit card information. They are already stealing right?
Wa min God! Se æx on min heafod is!
Somebody just hacked me bad, screwed up my computer and it was to get to my wow account. Blizzard where actualy very very cool and profesional about it and helped me out a lot and returned everything that was lost. To bad they won't buy me a new comp ah?:) Anyway, using a mates computer at the mo to type this. Will update my blog when my new comp gets here. My keylogger came from the online streaming site TV Shack. Which gave me a trojan horse downloader and exploite kit (acording to my mate who is having a look at my infected hardrive) . Stay away from that place if you use it or don't know how to protect your computer like me.:) Will def be taking computer security more seriously from now on. I was retarded and generaly did not think it would happen to me..
As an EX erm...... "Computer Security Consultant" ( lol ) - I will give you an example scenario, one that I know to be factual and to have taken place more than once, and it might just give you an idea of what goes into an attack like this.
I should note, this example was a specifically targeted event, the hacker went out of his way to get a specific person, but in your case it was probably a blanket snatch and grab, which I have another scenario for also factual one of them might trigger a thought and give you an idea of what went wrong.
Scenario 1 : Bob!, applies to join a wow guild, he visits their website checks it out, fills out their application and then talks to them on the server, during this process it comes out that he's a UK player, on a US server, the US guild takes offence to this and start slandering BOB both on their forums, and on the server (BOB played US with family who stopped playing so he went looking for another guild) , BOB got really wound up by this after all he did nothing wrong, other than being British.
What the guild didn't know was that BOB was a hacker, he started by looking at their site, he gathered every guild members e-mail address, all their user names, and all their in game character names, and started to build a small database of information on his now hostile target.
He sent out a voly of fake e-mails trying to trick some members into clicking a triggered link which lead to a fake version of their own site, which he ripped and setup on a private server, three users fell for it and filled in their website details, BOB then used these to read the guild only section of the forums, this then gave him new information to work from, the guild website was using some third party PHP applications that were not linked from the main site, which he now added to his collection of information.
At this point BOB had collected a fair amount of information and was ready to start his attack, the next thing he did was look at every aspect of the visible public site, and then everything he got from the forum, he found that the site was using a third party gallery, third party forum and a third party DKP application.
BOB then setup a local server and installed the three main applications locally, with access to the back end code for their forum, dkp and their gallery which were all open source, he was able to search through every line of code, and find possible entry points.
Eventually BOB had identified vulnerabilites in all three applications to varying degree's, the gallery allowed him to upload none image files, but limited their file extension and hid their location useful but not what he was looking for, the forum allowed him to embed javascript, also useful but still not what he was looking for, in the end it was eqDKP that gave him the chance he needed, by exploiting the bad code of the application, BOB was able to root the website and execute his own code.
He was also then able to gain access to the websites database, all without the owner or guild knowing he was there, he was then able to download the database in full, which he did, he then went through the data, reading forum posts, reading PM's , reading posts that normally would have been private and password protected, in the end BOB found 6 world of warcraft account details all sent in PM's from one user to another, one of which was the guilds BANK character where all their resources were kept, which as also an officers account.
Bob then logged in to the officers account, kicked all members from the guild bellow him, and sold all of the items off of all six characters, as well as all items in the bank, he moved all the money to a single character via mail, and then deleted the character.
All in all, he wrecked the guild in game, and the guild had no clue why it was done or who did it, bob could have taken down their site, and deleted all their web content, but that would have given himself away, so he didn't.
Something as easy as sending your details to a friend or family member over a forum PM or MSN or E-Mail etc can ruin your day, and you lose your wow account without actually ever being hacked yourself.
Scenario 2 : this time the event was a little different, and more appropriate to your situation, a hacker we will call DAVE, got the idea of selling un-used wow accounts.
The basic idea was that he would hunt for, gather and collect as many wow accounts as he possibly could, he would then check for accounts that were no longer active, when he found one he would drop some money into it, change all its details, and then sell it onto a wow account seller, or another person directly.
The first step in his planned attack was to gather and create a list of as many guild websites as possible, which was easily done via the wow forums, and their server forum progress lists, it took him a few weeks but in the end he had compiled a list of almost all key guilds on all EU and US servers, it was a big list.
He then used the same techniques and skills as set out in scenario 1, he went through each website one at a time, slowly gathering as much information as he could, he not only looked for actual wow accounts, but he also took note of every single users website account, and password, and linked it to their known wow character names.
In the end, and near on two months down the line, he started to test accounts, he had gathered hundreds of wow accounts, and potentially hundreds more if people used the same username and password for wow that they did for their forum and site access to their guilds.
All in all he worked his way through checking user names and passwords, tons of the account were still active so he did this at night, off peek, checking logins, and taking note of the accounts that were out of game time.
In the end Dave had a large list of "Out of game time" accounts, which he then started to sell off, dropping some game time into the first account on his list, he paid out about 30$, and sold the account to a wowaccount selling website who then took it over and paid him for it on its sale.
He paid out 30$ for the first account and got back 200$, which he then dumped into the next few accounts, and he did this until he had sold off every last account.
Hundreds of people lost their accounts, but since they were not actively playing the game, very few of them even had any idea it had been done, some of them I guess to this day, have still not found out, and wont find out until they try and go back to wow.
The point I am trying to make here, is that scenario 2, is far more common than scenario 1, 9 times out of 10 when you get hacked, its not been something personally targeted at you, but rather a big blanket hunt for data in which your details were found, so many computer literate people are all to eager to send private information in a forum PM to a well trusted friend or family member, not realizing that other people can and often do read these PM's without the authors knowledge.
I hope this helps.
This (keylogger) is the most likely scenario. Back when I played WoW, a good friend of mine got hacked. Turned out he was in the first wave of the Java null pointer vulnerability that was exploited in 2008 to unload keyloggers (specifically to capture WoW accounts). He was smart enough not to click on e-mail links and didn't visit questionable sites, but some site with Flash advertising had the rogue code in it (people need a reality check, most websites are not going to spend the time to validate advertising has issues...most web sites don't have the security know how to check anyways). He had a keylogger installed without his knowledge and lost everything on his account.
Basically, **** happens. Call Blizzard tech support...although the game has gone severely down hill, Blizzard support is pretty good and isn't nearly as unforgiving and heavy-handed as NCSoft.
No no no nobody DESERVES to get hacked. I really hate this attitude, oh lol you got hacked noob you don't know nothing about computers lolz. So a mmorpg should be only for those with some computer skills? What about older people coming into the who have very little knowledge about computers? Or a young one for that matter? Not everyone knows as much as you about computers, is that really a reason? *sigh*
If my dad for some reason would want to start playing wow, he would most likely answer that mail, he knows enough to read an e-mail, but would probably fall for the trick. Doesn't he deserve to play? If you are not very known on the interwebz, chances are you are going to be tricked once.
What a stupid idea.
Why would Blizzard be behind hacking your account? That costs them money to pay the customer support people as well as the "investigators" who actually do the research into your hack case. The bad publicity of all this hacking certainly isn't helping their sales either.
I think your second scenario is spot on and a threat most ppl are not aware or most of the time decide to ignore, which is sharing passwords and scattered information accross the web, 9 times out of 10 someone will be able to put together sensitive information about individuals within the same target group just by parsing through readily available information. Facebook, community forums, guild forums ( specially templated ones ).
@ OP
Someone with enough time and patient will put enough information together to login into an account, also ppl who do this wont use your information straight away it may take months before you even notice your account has been hacked or compromised it is in the interest of the ppl doing this not to flag the systems they use to harvest information so ppl stop using it. So you can have used some website to register an account for whatever reason 8 months ago ( this is very likely since most websites nowadays require logins to interact with ), forgot about it and never used it again and your data was collected and then used.
Authenticators provide a reasonable amount of account safety if you are not vulnerable to the man-in-the-middle which can be avoided by keeping your pc up to date and be aware of what you click and download, having several layers of passwords also helps. On this day an age however its hard with so much social activity on the web not to have some information snatched.
The same thing JUST happened to me. Oddly enough it was just after I asked a real life friend to send me a buddy pass to get back into the game.
I never clicked on a link, never went to a site off of an email that i did not know, and constantly run anti virus and spyware programs. I checked the email headers, and they were correct. In the end i changed my email, downloaded an authenitcator, and ensured my billing information was empty.
Bliz was actualy very helpful though, they got my stuff back, and even left the game time the hacker set up for me. What makes things even better is the hacker used my char to mine, so i ended up with more resources and gold then when i left hehe.
oh and my PW for WoW is completley different then any other PW, and only my WoW account has had an issue.
the missing link in a chain of destruction.
All spelling and typographical errors are based soely on the fact that i just dont care. If you must point out my lack of atention to detail, please do it with a smile.
Why would a game company skim off your items when they could just create right in their own database? In game items are just 1's and 0's. There is ABSOLUTELY no reason this would be the case.
Why would a game company skim off your items when they could just create right in their own database? In game items are just 1's and 0's. There is ABSOLUTELY no reason this would be the case.
Why? well if i was stupid enough to resub to wow, then i would need to pay for a new key, new addon packs, and start from level 1 thus having to spend $$$ grinding back to level 80.. then buy an authentiator and so forth..
TBH im actually finding this funny, but blizzard will never get another penny from my family or friends in the future
Blizzard probably isn't doing that hacking... but chances are, just like most large corportations these days, are selling "marketing" information about their customers to "marketing" companies, which would include their e-mail addresses, to make a few extra bucks on the side.
Coupled with e-mail addresses now being everyone's battle.net username, "hilarity" ensues in the form of mass phising e-mails and many hacked accounts.
Oh yes, and then there's the Battle.net authentication system security hole...
It isn't blizzard.
Read the mail id again: Message-ID: <9F531DA147B64D64A522E371331C90D1@eu.blizzard.net>
If you have clicked this and entered your details they have your account details.
In the future if you get an e-mail like these just go to the correct website and do not click any links in the mail.
All statements I make is from my point of view unless stated otherwise.
No Blizzard is not behind the account hacking. I doubt they would have restored my character twice already if they were.
Yeah i got one of those too. I logged into battle.net and yep it is banned. Ah well it's a shit game i haven't played since the first month anyway. So there goes those 2 level 60's. It might bother me if i liked the game. They should do the mmo community a favor and ban everyone.
Make a difference!
And here comes the anti-fanbois reponses to 'fanboi' repsonses.. He's saying it's very unlikely that blizzard would risk a multi BILLION dollar lawsuit over fraud attempts JUST to get you back into wow. He tells you that you could have been hacked and not known it...To which you reply "Well prove I was!" How very Trollish of you.
As for the money you call 'ripped' from players. Did you know they didnt actually consider name changing (unless the name broke the Eula) until enough people said "You know I would pay REAL MONEY to change my name!" Now, you would have to be a COMPLETE business reject not to say "Hey! Lets open up a service and let those people who want name changes (or whatever) get them. More money for us!" Blizzard after all is about making MONEY. Sure for the most part they care about their player base but they still worry about the $$$$$ies. Blizzard doesnt force you to change your name, or buy the prettty "Starlight pony" it's your choice....But I degress back to the 'hacking'
95% of all 'account hacks' are not true hacks. They are someone being well stupid. Clicking bad links, bad addons, bad websites, sharing passwords with family/friends who do any of the above. VERY little of it is actually 'hacking'. As for inactive accounts over years, yes you could have been 'careless' and given some info up and as your account is that old wouldnt notice till after they had finished and were long gone that you had 'been hacked'
Simple solution, email blizzard or call and say "How can I use such software on my account when I have not used it in years?" They can easily trace the ip traffic for those times and learn what happened..
So either you were stupid somehow or Blizzard is risking what? hundreds of billions of dollars in lawsuits? I wonder which it is...
They're smart about it, too. They fooled me a week or two ago, two of my email accounts were used to spam WoW players, and I really thought the security issue was on Battlenet's end. But when I went over the logs, I learned I had a keylogger and other nasty junk on my system for months.
These thieves surely had every scrap of information about all my email addresses, but they only used the two that were tied to my Battlenet account when they started spamming other WoW users with fake Blizzard emails. So I thought it was on Battlenet/Blizzard's end. But it wasn't. And I bet that's just what they wanted me to think.
I am convinced there is only one way to eliminate these grave evils, namely through the establishment of a socialist economy, accompanied by an educational system which would be oriented toward social goals.
~Albert Einstein
This thread is a bit ridiculous. The amount of drain / expense hacking puts on a company /= the benefits they get from spamming.
This is really getting old now...
No, Blizzard is not responsible. They have no control over whether or not someone chooses to utilize their common sense, it's just easier to lay the blame at someone elses doorstep rather than admitting that you might have fallen prey to a phishing scheme on the internet.
Misplaced pride seems to be responsible for more account hacking than any other source.
You can send an email with fake headers. There's no security cop out there on the Internet that stops you from doing this.
Havent logged in for months because no threads have been deemed worthy, but I'll have to come out of hibernation for this one.
No
Retard
As I am sure someone has already posted.
A.) Your account was hacked.
B.) They used your account to do naughty, dirty, filthy, raunchy, sloppy things with. Same thing hapenned to me.
C.) Blizzard cancelled your account. All you have to do is call, if you can handle being on hold for an hour or 2, and not be a douchebag to customer service, they are actually extremely helpful.
D.) Why would blizzard need your shitty account? Do you actually think they are powerless to create level 80s instantly? (or whatever level you were in 2006. Of course, maybe they wanted ALLLLLLLLLLL your gold to sell, just to blame on those pesky korean gold farmers, because you know, they have ZERO control in the ability to creating their own gold by pushing a button.
I think it's likely that of all the employees working for Blizzard on WoW, at least one or two of them has thought of selling inactive account information to gold selling services to make a few extra dollars. Everyone just assumes they hacked the account and nobody looks further into it, meaning very little chance of getting caught.
I've played MMOs for over 13 years, I went to college for computer programming and tech support and could make a keylogger in my sleep if I wanted to. I know how it all works and how to keep my PC safe, and I know how to keep my MMO account details separate and private. Yet I have had two different WoW accounts hacked over the years, both after being inactive for over 6 months. Neither time could I think of any way for the account to have been compromised on my end. I went through my PC with a fine toothed comb and found nothing, I double checked my password list (on paper in a locked drawer in my bedroom) and made sure the account info was unique and not something I had used anywhere else. I'm not naive enough to fall for a spoof site or email. There was just nothing, so I shrugged and moved on. Take from that what you will, but I didn't make any mistakes, and while I can't prove somebody with Blizzard was responsible, it's what I believe is probably the case.