Just got hacked

Just bumping this to add one disgruntled customer to the list.

lask reminds me of a guy that got dox'd on jsp a few years ago

he should stop while he's ahead

I still want to add so that everyone is aware

that the hackers did not need our passwords to log in to our accounts.

So it is time to open your eyes.

This procedure is known on the net, just search.

SO stop saying that this is the fault of the users

That was my last word Jean-pierre!


GOOD DAY !!!

NOT HAPPY BE HAPPY !!

"

HS0 wrote:

I still want to add so that everyone is aware

that the hackers did not need our passwords to log in to our accounts.

So it is time to open your eyes.

This procedure is known on the net, just search.

SO stop saying that this is the fault of the users

That was my last word Jean-pierre!


GOOD DAY !!!

NOT HAPPY BE HAPPY !!

If you know a PoE-related exploit that can still be used to log in to accounts without correct credentials, POST IT HERE ON THE PUBLIC FORUMS.

Publicizing it will force GGG to react.

"

HS0 wrote:

I still want to add so that everyone is aware

that the hackers did not need our passwords to log in to our accounts.

So it is time to open your eyes.

This procedure is known on the net, just search.

SO stop saying that this is the fault of the users

That was my last word Jean-pierre!


GOOD DAY !!!

NOT HAPPY BE HAPPY !!

Now you state this as fact, but where is the actual evidence that they haven't stolen passwords/passwords hashes?

While there was a bug earlier in Beta where you could accidentally be logged in to another users account, you still couldn't:

a) Control which account
b) Was closed/fixed right after, so this is not the case here.
c) if you are talking about Session Spoofing (The D3 scare), that was proven to be impossible, and there is no reason to believe that PoE works on a similar system anyways.

I think no matter what sooner we all get "banned" tag no matter if someone actually use some crap or not, than GGG will admit theyre hacked.
Anyway im done with posting there. Its pointless. Game already deleted from hdd and im not even hoping someone actually help rest till server will be totally empty which im pretty sure will be the case in that tempo of account hacking/day

"

geniusbean wrote:

it's inherently obvious that GGG has been compromised at this point. anybody that thinks otherwise is a blind fanboy. just wait til you're on the receiving end and get all your items stolen. just imagine going to your stash and seeing nothing... completely empty. how would you feel?

I would be far more concerned about the implications *outside* the game if someone had gotten access to my PoE account. A bunch of in-game stuff, I can just play the game some more and recover for myself. I'm willing to mostly trust GGG's claim that their database has not been compromised here, especially with only somewhat random targets being hit, which means that likely my password had been compromised in some other way. There is the possibility of some bug which allows session hijacking but that seems less likely given that the protocol is supposed to be encrypted now.

I would start by disconnecting my computer from the network and start checking by hand for keyloggers or any out of the ordinary processes running on my machine. Granted, I'm on Linux, and it's a good bit less likely that an attack targeted at PoE users would work on my machine at all, and I keep a closer eye on what my computer is doing at any moment than perhaps most people do, but given that this had happened, my first inclination would be that something had slipped past me.

If that turned up nothing, I'd boot off of a USB key and check the hard drive again, probably starting with checking the MD5 sums of my kernel and various basic tools to make sure they matched the standard binaries from my distribution. Rootkits can hide themselves very effectively by replacing or inserting code in system software which lists files and processes. Even if I didn't find anything, I'd strongly consider wiping the system and reinstalling just in case. These things are complicated, and despite working as a programmer and having a fair amount of technical knowledge, I don't completely trust my own ability to track them down.

I'd then set about changing my passwords in all the places I visit regularly, probably from another computer. Regardless of whether I had a rootkit, there is a strong likelihood that something sketchy had taken place. Unless you successfully locate the problem, it's very hard to know for sure when something like this happens.

It would actually be interesting to know if any Linux or Mac users have been affected in all this. (They're running the game under Wine, and one would expect most things which aim to compromise PoE user accounts would also be Windows-specific, though there are also some web-based attacks going on from the sounds of it.) It would also be interesting to know how many of the affected play PoE from public or wireless networks.

I just logged on today and all of my orbs are gone no gear etc but all my gcp/regrets/chaos etc a ton of orbs worth alot wtf happened!!!