hacked for the third time
|
I said flaw, nobody said accounts could be targeted. Truth is nobody knows why this is happening (or how) but it's happening at an alarming rate. enough to make me not want to play as the hours I invest will fill someone else pockets.
-even so, if THEY DID hack krip, surely PoE would revise it's systems and put and end to the exploitation of this "flaw" and they'd make MUCH more from scamming the masses than one. it's CETAINLY not malware as i have a custom built pc. all thats installed is seriously league and poe and steam. i haven't used steam since i built the damn thing. point being - NO downloads. not even music. can't be fishing because I use a total of 5 websites, all reputable. Unless someone walked into my room with a flash drive, or sat outside my house injecting packets for hours then there is no way I could be the victim of malware. okay and for the record i'm not complaining about what I lost. I'm complaining that from my experience clearly a flaw is being exploited (the config file was one to date) to gain access to peoples accounts. This is happening A LOT, and it's almost always just the orb page. Do some research, hell it's happened so much they have like 3 stickes on the board about it. Shows how much people have posted about it. Clearly too much to be malware, phishing etc. this IS an indie game (regardless how good it is) it's certainly possible that a dev flaw discovered by some basement dweller is being exploited. THAT IS ALL. |
|
|
I just want to make something completely clear here.
Hackers CANNOT gain access to your account without either 1 of 2 things. 1) Access to your email to get the unlock code 2) Access to your PC to bypass the need for an unlock code Those are the only ways that a hacker can get into an account now. So if you were hacked, you must have malware on your PC that is allowing the hackers into your email, or you have worse malware on your PC allowing them to use you as a proxy. I seriously suggest getting yourself an email address that allows 2-factor authentication to be enabled (like gmail or hotmail) or if you are already using one of these services for your Path of Exile email address, then go in and ENABLE the setting. 2-factor authentication will keep everyone except you out of your email. With your email protected, even if they knew your password, they cannot get in to get your unlock code. The hack is most certainly somewhere on your end. Either you re-used passwords, or you are running outdated software and fell victim to a 0-day exploit and it allowed the hackers to compromise your PC. Either way, you need to take actions to remedy the problem. I'd start with a complete format and re-image of your PC. Then I'd go in and change all passwords to something that you've NEVER used before, and make sure each password is not only different from what it is now, but different from each other. That way if they manage to get the password for one thing, they can't necessarily use that to compromise ALL your accounts. I'd change the passwords only from a KNOWN GOOD PC or something like a tablet or smartphone browser. Something you KNOW cannot be compromised (and your PC no matter how much you might claim it is NOT clean). If you have any questions, ask. Good luck. |
|
|
Nobody said or even confirmed it was a hack. I believe there is some exploiting going on that could be fixed.
I can be certain because; Brand new custom built pc with; (aside from windows and included) Firefox League of Legends Path of Exile Steam (never even used only downloaded) Ventrilo THAT IS ALL THAT IS ON HERE. THE COMPLETE DOWNLOAD HISTORY, NOTHING MORE NOTHING LESS. So unless one of those applications usually contain malware.. No. As far as websites go; 2 reputable forum sites. League of Legends forums. PoE forums. Yahoo mail, Youtube. so unless any of those are the culprit ~ i've come to the conclusion (like MANY others who are certain it isn't malware or phishing with the SAME problem) that there is simply a dev flaw. people let the fact that they made a good game blind them - the developers themselves described themselves as "not game dev veterans" and said they have had and will continue to have a plethora of problems and will work their hardest to fix them. Assuming that it isn't the system but the user for a game like this, in this state, is just fucking ignorant. Especially when you have SOOO many reported cases. Read the damn other threads about this. It's not malware nor phishing. |
|
|
First off, I think your story might have been already disproven through the image posted where you are on the d2jsp site... which IIRC is a RMT type of site.
Secondly, there is no exploit that allows people into your account without access. If there were then the problem would be a LOT more wide-spread than just you, and they would go after higher profile targets if they could. Third, you've had your account cleared out now... three times. I've had my account accessed zero times, let alone cleaned out. I'm not letting anything blind me. I'm using my many years of experience to tell me that in 99.99999% of all cases, the user is at fault (either directly or indirectly). I'm not saying you downloaded illegal software, or got yourself hacked directly (although it is possible). I even gave you the benefit of the doubt and said you might have been the victim of a zero-day exploit. Those can compromise a system without you doing anything other than visiting a site with unpatched versions of flash/java/etc. If you change your password and they still get in, they got your password from somewhere. Also, one thing you can check (and it doesn't always work) is the trash can for your path of exile email. Are there any deleted Unlock Codes from places like China or otherwise that you yourself didn't use or delete? If so, then you know someone else has been in your email. Usually the hackers delete the message, but they don't delete it from the trash (although sometimes they do). So check it out. See if there are any unlock emails in your trash that you didn't put there. If so, you'll have 100% proof that someone else has access to your email. Last edited by Drakier#1520 on Aug 8, 2013, 11:32:06 PM
|
|
|
Honestly, the access to the e-mail could have been going on for years and on a totally different PC.
The biggest false assumption is that at the time of attack is when your information was stolen. If World of Warcraft has proven anything, these hackers are cunning, and will lie in wait until the perfect time. Even if the passwords have changed, is it possible you've used a similar version of it elsewhere? The best way to prevent any hacking is simply using a 2-step authentication e-mail account. There can then be no way they have access to it. |
|
