General Discussion - Hacked Accounts - Forum

I can't believe how many people blame the game. If GGG was hacked, you wouldn't see it happening to a few -> maybe 100 players a day, you'd see thousands upon thousands hit within minutes, and slowly using the built up passwords/logins for a few hours. You hack GGG, you get everything. Even Sony admitted when they were hacked, as does every other main company/site. They announce it ASAP to minimize damage right after they found out and fix it. As a tech for many many years, I can promise you most of these cases is the users mistake. They might not realize how or why, or maybe they do have an idea why, but choose to blame the devs anyway, either way there is no way for a hacker to get your account if you did everything correctly. I also don't mean correctly since PoE came out, I mean correctly since you've had your computer / reformatted it completely. I bet if I start talking computer stuff that is general knowledge to me, 90% of you wouldn't even be close to being able to follow me, and the other 10% just made 1 silly mistake once in the past few years. You ever google a question about PoE? You could be logged. You ever visit any website that asks for an e-mail address in the past few months/years, you could be compromised. You ever use the same password more than once for anything at all ever? You could be compromised. You ever download a torrent? You could be logged/botted. Do you know how to scan your computer for viruses, malware, bots, loggers, etc manually? If you need a scanning program to do it, you're likely compromised. IGN = Dellusions_Duelist Last edited by Dellusions on Apr 30, 2013, 4:27:22 AM	Posted by Dellusions on Apr 30, 2013, 4:25:38 AM Quote this Post
" Dellusions wrote: I bet if I start talking computer stuff that is general knowledge to me, 90% of you wouldn't even be close to being able to follow me... How does your head fit through the door mate?? Maybe take your hand off it and stop being a wanker? SATOR AREPO TENET OPERA ROTAS	Posted by AnimalChin on Apr 30, 2013, 7:06:13 AM Quote this Post
The only thing worse than waking up and finding your account hacked is finding out that said account won't be restored. I'm not blaming anybody but myself for being hacked. Still, I'm through with this game.	Posted by soupanddestroy on Apr 30, 2013, 7:26:45 AM Quote this Post
" diveblk wrote: Yep I just got hacked as well, lost an amazing orange summoning ammy and all my orbs. Have played just about every other mmo out there without ever having a problem so I'm done. Note: I'm a Cs major with a background in networking, I am running the newest version of Mountain Lion, have not done any of the stupid stuff like buying items on 3rd party sites, have java disabled and constantly run virus scans. I also monitor both incoming and outgoing connections, and keep an updated anti-virus. I have checked with my mail service and no entries from an unknown ip or any activity on it. Have also used https://pwnedlist.com/ and it stating the account is good. With this I can only come to think that its one of two things, I have been using wine to run the game and there could be an exploit in the executable or its due to GGG security. I'm leaning to the latter after reading a good amount of pages from others how have had similar experiences. I liked the game however due to this I will not be returning, I just feel bad for everyone that there who put a lot more into it then I did, as well as for the future people this will effect before it is corrected. Good luck all. Same here, never had problems before and I'm fully aware of "acceptable" password complexity and various other issues with computing thanks to finishing my CS degree this year. Logged in to find lots of items gone and reading their theft policy makes me laugh. " Chris wrote: ... and we can see from our logs that these end up on accounts (generally accessed by Chinese IPs) that are used to supply RMT item sites. from Chris in http://www.pathofexile.com/forum/view-thread/115464/page/1 If they can track where items are then why can't they be moved back? Small team? Get enough employees to run decent customer support rather than choosing the "no effort" restore policy. This thread is insane, the amount of people on a daily basis saying they've been hacked and that their stuff is gone is ridiculous. The funniest ones are when people are using a unique email and password and have logs showing their email account was never accessed by anyone else yet it is still apparently the user's fault. I'm sorry but PoE isn't the biggest game in the world by a long shot so the number of times this is happening per day seems very high for accounts to be compromised purely because of user lack of security.	Posted by dazidane on Apr 30, 2013, 8:08:30 AM Quote this Post
" thonexxx wrote: I've been hacked. They got all my chaos orbs and my 5L chest. The hacker was using my client. I noticed that Path of Exile was up but I never ran it. Then I saw the mouse moving, taking the regrets and that's when it stopped. Damn, I am now quitting this game. Maybe it's also a wake up call that this is not worth my time. If someone is remoting into your computer you've got bigger problems than losing a 5L chest... You should get on top of that...quick	Posted by wonko33 on Apr 30, 2013, 10:55:21 AM Quote this Post
" AnimalChin wrote: " Dellusions wrote: I bet if I start talking computer stuff that is general knowledge to me, 90% of you wouldn't even be close to being able to follow me... How does your head fit through the door mate?? Maybe take your hand off it and stop being a wanker? Everyone has things that they know more about then most people. I wasn't meant that way, and it wasn't about boasting. IGN = Dellusions_Duelist	Posted by Dellusions on Apr 30, 2013, 2:20:58 PM Quote this Post
I haven't been on in months, infact, I only came on to laugh at this post as I see they're still doing nothing. Now, before I start picking on poor Dillusions over there (his name fits too well) I would like to state that I was hacked a couple days after starting this game. They targeted the lower end first and moved up the scale slowly but surely. Why do this? Because it nullifies the accusations that GGG is the one hacked. The lower end was thrown aside and told they had no idea because they were the lower end. That's it. Apparently the higher end players knew more about computers and security than the lower end, even if someone had just started 2 days ago and has a MS in CS (Masters of Science in Computer Science), they apparently didn't know more than the 12 yr old that has played this since the start. This also throws people off of it being a database hack. How? Well GGG already answered that. If it was a database hack, it would've targeted the top end players first (false) and worked down. No, the Chinese are alot smarter than that. You work from the ground up. If you start at the top, an immediate flag is thrown, and you only get 5-10 top end accounts. If you work your way from the bottom up, you get exactly what we have going on now, and in the process you get thousands of low end accounts that add up to more than the 5-10 top end ever thought of being. It's also the same thing as to why to hack 0.5% of the accounts a day (mentioned later about Blizzard being hacked). If you hacked 10,000/100,000 accounts in a day, a major flag is thrown and the entire operation is out the window. It's all about making it look like user error so you can keep it going for as long as possible. Now reading through recent posts, it seems to have moved up to the higher tiers. This stinks to the high heavens. My guess? Well, someone had it correct, the shops are making bank off of the lost items. All of you that have your items stripped from top end characters are now at an impass; do you buy new items, or restart your character? My guess, and a very far-fetched guess, but one that makes sense looking at the bigger picture, is that GGG is working with the hackers, letting them do it, and then taking a cut of the profit from the items the top end players will have to buy back from these hackers, only to be hacked again, and the items resold. GGG comes out and blames all of us, has the community that didn't get hacked back them up, and everything looks like it was the player's fault. This would also coincide with why they won't return the items (no profit if you return them for free). Now, this all being said, time to pick on poor Dillusions over there... Let me break this down for you, and back up why you're so wrong in so many ways. " I can't believe how many people blame the game. If GGG was hacked, you wouldn't see it happening to a few -> maybe 100 players a day, you'd see thousands upon thousands hit within minutes, and slowly using the built up passwords/logins for a few hours. You hack GGG, you get everything. Well, let's see here, back in Burning Crusade, before Blizzard had their 13 million players, Blizzard was sitting at roughly 4-5 million (their major jump was when Wrath of the Lich King came out), and they were hacked. I was one of the unlucky few that was the victim of this, and kept up with it very well. During the time they were hacked, in about 1-2 days they had just over 100,000 accounts compromised. This is 2% of the population was hacked in about 1-2 days. TWO PERCENT. Blizzard admitted to it being THEIR side, and refunded everything. This game probably hasn't even come close to the 4 million slot, infact I'd be surprised if it's even broken 1 million.. I'd give it probably around 500-750k (correct me if I'm wrong GGG), and I'm willing to bet the amount of players hacked per day goes well above 100, it's just the amount reporting it sits roughly 100 (not all players report on forums, infact the majority will PM the admins for a PRIVATE discussion on how to get their stuff resolved so they don't have to deal with the idiots/trolls on forums). I would not be surprised if we're seeing a 2% hack rate within 3-4 days. " Even Sony admitted when they were hacked, as does every other main company/site. They announce it ASAP to minimize damage right after they found out and fix it. Yes, Sony admitted when they were hacked. This is because they had a full blown-out database breach that caused many, many credit cards to be leaked. GGG isn't under that risk. The accounts get lost, so what? What exactly do you lose from an account here? In-game time. That's it. It doesn't affect you at all IRL (except you're sitting there crying that you lost days of your life.) " As a tech for many many years, I can promise you most of these cases is the users mistake. They might not realize how or why, or maybe they do have an idea why, but choose to blame the devs anyway, either way there is no way for a hacker to get your account if you did everything correctly. I also don't mean correctly since PoE came out, I mean correctly since you've had your computer / reformatted it completely. This is simply arrogance. As a tech? PLEASE. I knew a tech IRL, who sadly passed away 5 years ago, but he was one of the best tech's I've ever seen.. He knew his way around anything, even enough to hack a site like this without sending any virus's across (it's actually really easy, but not worth my time). If you knew as much as you say, you'd also know government computers are hacked frequently, and their security is top notch. They have people day in and day out working to secure their computers and it STILL happens. Security on the internet, no matter how well done it is, no matter how well taken care of it is, is NOT flawless. And for you, and GGG to say it is, is arrogance at its highest level. Hell, even I was bragging to my friend the other day about how secure my computer is, I reformat it once every month (windows activation timer is my timer for a reformat), and I still managed to get a virus that destroyed my windows files from going to wikipedia of all places. I opened a picture, my protectors caught it, but it had already corrupted files within seconds (long enough to tell my protectors to get rid of it, which is a click away). No matter the precautions you take, as soon as you open internet explore/firefox/google chrome/whatever you use, you have already opened yourself to risk (infact, just by starting your computer you've taken a risk. I know someone that had to reformat their computer back to back because a MANDATORY WINDOWS update had a trojan in it, this is when the virus protections started to come onto the machine before even windows got to update in my house.) Does this make it the users fault? NO. Not in the slightest. The user was just doing what the user was suppose to do. This puts it in the company's lap because it's a virus on THEIR site. Infact most of the gaming companies that do surveys for credits for their games come back and say that these sites may have virus's and to go to them at your own risk to nullify it from being their side, and to put it in your lap. " You ever google a question about PoE? You could be logged. You ever visit any website that asks for an e-mail address in the past few months/years, you could be compromised. You ever use the same password more than once for anything at all ever? You could be compromised. You ever download a torrent? You could be logged/botted. Do you know how to scan your computer for viruses, malware, bots, loggers, etc manually? If you need a scanning program to do it, you're likely compromised. Yes yes, all of this could be logged, infact all of it IS. They're called cookies. But obviously that's not what we're talking about. This is all so true, but yet, it's all something that, in reality, mean nothing. I used the same e-mail/password for roughly 6 years before I was finally compromised (and it was my fault.. very very definitely my fault, and I'll own up to it.).. however, all it took was a simple password change, and everything's been fine. Now for another 5 years of using the same email/password (of course it's the new password) I have yet to be compromised. Back when Aion first released, I used my old password and was compromised within a few days, and learned quickly not to use that old password any more. Infact it's non-existant except on 1 email, and it's a trash email for filling out surveys. Then, suddenly, I come here, using the same information I use on everything else, and WALLAH! I've been compromised. How is it, with everything I do, every MMO I play, everything I've dealt with, and come to prepare myself for, that in 5 years, this is the only one I've been compromised on (and trust me, I have ALOT more worthwhile accounts to hack)? Sorry for the wall of text, however, if you bothered to read this, thank you, and hopefully it shows alittle bit more about GGG and its security, or lack there of.	Posted by Rarsheala on Apr 30, 2013, 9:43:21 PM Quote this Post
Lol the hell, i was playing yesterday and it was fine, today everything was gone and password was changed.. Not cool. Last edited by 434955 on May 1, 2013, 12:06:45 AM	Posted by 434955 on May 1, 2013, 12:06:24 AM Quote this Post
" We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt: Wednesday, May 1, 2013 5:14:36 AM UTC IP Address: 124.78.200.162 Location: Shanghai, China " Event Description Application or device sign-in attempt: Prevented China 163data.com.cn, IP Address: 124.78.200.162 May 1, 2013 7:14:36 AM from my gmail Going need to move everything off that email now , blah that's going be some work i don't feel like doing atm Last edited by Kitary on May 1, 2013, 3:39:40 AM	Posted by Kitary on May 1, 2013, 3:03:23 AM Quote this Post
@ Rarsheala This is a very severe indictment. But I admit, that you are not the only one who got this idea in his head, but you are the only one who dares to talk openly about it. Let me put it like that: If GGG would act like that, they would not work with hackers, but would have their own RMT shop. Makes things a lot more easy and profitable. I think one of the reasons why the atmosphere in this game changed so much from joy to more and more critics is the hacker-problem. Users who haven´t been hacked yet are afraid that they could be naked the next minute, and therefore want more feedback about security meassures taken, that GGG can not deliver without torpeding said measures. In fact it wouldn´t be the first time, that a company works with this kind of methods, for example a german company ( producing massively P2W games)is said to do "business" with people who sell bots. But that is a company that works in such a way, you can expect all kind of swinishness from them. Thats why I don´t believe GGG would be acting like that. Let me say it very clearly: Yes, I´ve thought about your suspicion longtime before you posted it, and I came to the conclusion that GGG does not act like that. They may be not saints, but sth. like this is absolutely not their style . And as long as I don´t have a rock-solid proof I trust my feelings and intuition more than vague ideas or unsane anterior experiences with another company. Up to now GGG has always been acting in a very honorouble way, their handling with the community was always honest and upright, miles away from the behaviour of certain other big companies, who treat their users just like cashcows. So I would propose - until you have none else but what you wrote in your upper posting - that you keep your mouth shut and don´t hurt a honest company. They don´t deserve these kind of harrassment, absolutely not.	Posted by Moonlight33 on May 1, 2013, 3:35:21 AM Quote this Post