Please stop this.. another friend got hacked..

Hello guys, yes, i´m mad you don´t need to tell me.
This is again when one my friend got hacked not for the first time, not for the second time it was already couple times when some my friends got hacked since OB and I have enought of this. Yesterday my friend http://www.pathofexile.com/account/view-profile/Kujar3 got hacked, all characters deleted, everything valuable stolen like atziri gloves, few 6 links etc.. he´s so nice guy, enjoyed game alot. he supported game, made video for begginers https://www.youtube.com/watch?v=vB7cvzZUwGA (CZ) and he does not deserve this. It´s not long time ago, when my friend Iro lvl 100 got hacked too, all chars even lvl 100 one was deleted, all mirrored/valuable stolen aswell. I don´t want watch how another friends or me gonna get hacked again in future.. If security doesn´t improve I don´t think I will keep playing. Watching how friends I play with getting hacked, it really confuses me and makes me so sad.. There is many options how to pervent this. If you don´t know any (I don´t believe... but.. nvm) I can give example of some. Perventing before characters deleted: If you delete character it´s not insant(at least on higher chars 80 or 85+) you have to wait let´s say 48 hours before character get deleted and you CAN always cancel it. Stealing items: in stash easy, you can set own ingame password for stash. You don´t need to if you don´t want, but there should be an option like that. (I don´t think it would be fair for some people but even if there would be mtx for example for 100 points I´d buy password on my stash..) For items on character: 2 options if stash would have been locked we could put it in stash always when we log off, it´s 30 sec if you don´t carry full invetory of 20/20 gems with you to swap, or 2nd option You can put on item something and it will make item cannot be traded/sold/destroyed etc... for some time, you could possible even choose 24h/48h/1week/2weeks/1month etc.. (again if there would be even mtx let´s say 1-3 points, I´d buy it for few items...)
Btw1. For those who think their security wasn´t enought, one of them had mail on gmail, with verifying tho mobile phone, he did not get message that means hacker got on his account WITHOUT using security code while loging from other IP than usual. He also had different password ingame and on gmail, generated - no "password123"... random symbols.
Btw2. Sorry for my english, my english isn´t the best.. I know.

"

zeekidc2 wrote:

idk how they can get hacked, you need to provide a code when logging in from another ip, they might have disabled that like i did since my IP changes alot.

seems like not in all cases or not everytime..

"

AkamuCZ wrote:

"

zeekidc2 wrote:

idk how they can get hacked, you need to provide a code when logging in from another ip, they might have disabled that like i did since my IP changes alot.

seems like not in all cases or not everytime..

Then it is far more likely that your friends have a keylogger on their PC to capture and send both their email passwords and their account passwords to another location, or even worse had a remote desktop style trojan actually log in on his computer to manually take what they wanted as they controlled his desktop themselves remotely (even teamviewer can have this done to it). And I really hope they weren't logging in on a public pc ever, such as at internet cafes or libraries.

"

Jiero wrote:

"

AkamuCZ wrote:

"

zeekidc2 wrote:

idk how they can get hacked, you need to provide a code when logging in from another ip, they might have disabled that like i did since my IP changes alot.

seems like not in all cases or not everytime..

Then it is far more likely that your friends have a keylogger on their PC to capture and send both their email passwords and their account passwords to another location, or even worse had a remote desktop style trojan actually log in on his computer to manually take what they wanted as they controlled his desktop themselves remotely (even teamviewer can have this done to it). And I really hope they weren't logging in on a public pc ever, such as at internet cafes or libraries.

I´d be surpriced since I see him reinstall windows and clear pc really offten.

Btw. how would he log on his mail without veryfing tho phone anyway?

"

AkamuCZ wrote:

I´d be surpriced since I see him reinstall windows and clear pc really offten.

Btw. how would he log on his mail without veryfing tho phone anyway?

Lets pretend that their pc is clean and their account was remotely accessed without a keylogger or remote desktop or by using either a public hotspot or public computer.



Did they use the same passwords here or on their email that they use for other services? Did they use the same email for other services? Does his mail have a website or service listed as a authorized client that is allowed to bypass those security measures (some android apps in particular demand that)?

The breach doesn't have to originate from here if they play another game and used the same user name and password, and posted a video of themselves playing this and that other game under the same user name.


* and yes, gmail allows you to setup access to your mail to apps or sites that will bypass security measures and it's known that some android apps are suspected to be doing just that to steal info from people's accounts

also... this

https://www.duosecurity.com/blog/bypassing-googles-two-factor-authentication

"

Jiero wrote:

"

AkamuCZ wrote:

I´d be surpriced since I see him reinstall windows and clear pc really offten.

Btw. how would he log on his mail without veryfing tho phone anyway?

Lets pretend that their pc is clean and their account was remotely accessed without a keylogger or remote desktop or by using either a public hotspot or public computer.



Did they use the same passwords here or on their email that they use for other services? Did they use the same email for other services? Does his mail have a website or service listed as a authorized client that is allowed to bypass those security measures (some android apps in particular demand that)?

The breach doesn't have to originate from here if they play another game and used the same user name and password, and posted a video of themselves playing this and that other game under the same user name.

As I wrote, he generate passwords, so he do not use same somwehere else and He uses gmail. Not sure about authorized client etc.. I use just email myself. Don´t use gmail. But I think it should be.

=/ I've seen the guy hes really nice on the forum but yeah in most cases.

It's likely a very very hidden Keylogger.

Your friends probably visited and attempted to use some shady POE based site, more than likely a fake RMT site that wants to phish information.

You dont simply get hacked or keylogged, its very unlikely either was the case.

"

I_NO wrote:

=/ I've seen the guy hes really nice on the forum but yeah in most cases.

It's likely a very very hidden Keylogger.

Hmm, this happend to more of my friends not just one. Anyway even if very very hidden keylogger would be the case, it still does not explain how did they log in his account without verifying email. That´s first thing and 2nd this could happen to anyone who just click on some link and examples I wrote on how to pervert this, would help everyone..

"

Tin_Foil_Hat wrote:

Your friends probably visited and attempted to use some shady POE based site, more than likely a fake RMT site that wants to phish information.

You dont simply get hacked or keylogged, its very unlikely either was the case.

Zero day trojan install using buffer overflow techniques through a inline frame using an ad banner running either adobe flash or java on even a normally respectable site (if not injected into the site using one of the numerous ways to add that code) that just happened to use the wrong ad banner program says otherwise.

"

AkamuCZ wrote:

"

I_NO wrote:

=/ I've seen the guy hes really nice on the forum but yeah in most cases.

It's likely a very very hidden Keylogger.

Hmm, this happend to more of my friends not just one. Anyway even if very very hidden keylogger would be the case, it still does not explain how did they log in his account without verifying email. That´s first thing and 2nd this could happen to anyone who just click on some link and examples I wrote on how to pervert this, would help everyone..

https://www.duosecurity.com/blog/bypassing-googles-two-factor-authentication


Email can be bypassed, and some android apps were created just to do so by people wanting to break into their email. These are often 'hacked' pirated versions of popular paid applications that ask for permissions that the original never did and request access to your email account