just got hacked 45 seconds ago.

  • 69 results
  • 1
  • 2
#1 Posted by TheWan (68 posts) -

awesome... all gold is gone and my best gems too from my stash. Also 4 legendary items from my stash. so much for my witch doctor character.

#2 Posted by BD_Mr_Bubbles (1700 posts) -

have an authenticator?

#3 Edited by TentPole (1858 posts) -

I don't believe in using an authenticator.

#4 Posted by dr_mantas (1834 posts) -

Quick I'll write a GUI interface in Visual Basic to trace his IP!

#5 Posted by BD_Mr_Bubbles (1700 posts) -

@TentPole said:

I don't believe in using an authenticator.

O kay then your begging to be hacked

#6 Posted by TentPole (1858 posts) -

@BD_Mr_Bubbles said:

@TentPole said:

I don't believe in using an authenticator.

O kay then your begging to be hacked

I like the danger. It gets me hot.

#7 Posted by l4wd0g (1935 posts) -

@TentPole said:

@BD_Mr_Bubbles said:

@TentPole said:

I don't believe in using an authenticator.

O kay then your begging to be hacked

I like the danger. It gets me hot.

lmfao *not the band*

#8 Posted by TheWan (68 posts) -

@BD_Mr_Bubbles: paying $6.50 to "help prevent" hacking seems kind of dumb, also I can't really ban this MightyMouse (alex) guy at all. The worst I can do is report him for inappropriate tag. goodbye Diablo 3, welcome back Mass Effect 3 I guess. Crap ...

#9 Posted by doobie (605 posts) -

@TheWan said:

@BD_Mr_Bubbles: paying $6.50 to "help prevent" hacking seems kind of dumb, also I can't really ban this MightyMouse (alex) guy at all. The worst I can do is report him for inappropriate tag. goodbye Diablo 3, welcome back Mass Effect 3 I guess. Crap ...

seems like a bit of an overreaction. shit happens.

#10 Posted by RIDEBIRD (1232 posts) -

"Hacking" is you visiting shitty sites and getting a keylogger on your computer, or following a link in a phising email. To avoid this, use an authenticator. It's impossible to be "hacked" with one.

#11 Edited by Lone_f (281 posts) -

@TheWan: First and foremost, contact Blizzard support to rollback your character. You'll lose some progress, but that's better than losing everything, right?

Next, get the authenticator. You can get one for free for your smartphone. If that's not an option, there's one for Windows, called WinAuth. I bet you can get it to run on other systems as well.

#12 Posted by TheWan (68 posts) -

I just downloaded the iphone authenticator. It seems to work at least. (here's hoping from now on). I didn't lose all of my equipped gear. I give the hacker/gold farmer props on just taking my money and a few gems.

#13 Posted by TheHT (11145 posts) -

@dr_mantas said:

Quick I'll write a GUI interface in Visual Basic to trace his IP!

@TentPole said:

@BD_Mr_Bubbles said:

@TentPole said:

I don't believe in using an authenticator.

O kay then your begging to be hacked

I like the danger. It gets me hot.

This thread is already far more exciting than any other D3 hack thread.

@TheWan said:

@BD_Mr_Bubbles: paying $6.50 to "help prevent" hacking seems kind of dumb, also I can't really ban this MightyMouse (alex) guy at all. The worst I can do is report him for inappropriate tag. goodbye Diablo 3, welcome back Mass Effect 3 I guess. Crap ...

Ah, so no authenticator. I hear ya, but it's not so much for preventing hacking as much as it's for keeping others out of your account when you've most likely already been "hacked" (read: virus/phished). Essentially it's a safety net.

Still waiting for the day I hear of someone with an autheticator get "hacked". Then I'll activate panic and freak out mode.

Online
#14 Posted by valrog (3671 posts) -

Can someone please explain this "you click a link and you're instantly hacked" logic? Last time I checked, you had to put in your information into a phishing site willingly.

#15 Posted by Jack268 (3387 posts) -

I got hacked but it was fixed and rollbacked in literally 2 hours.

It was very stupid of me not to use an authenticator to be honest, since they are free for phones anyway.

#16 Posted by nohthink (1223 posts) -

@valrog: BECAUSE THE INTERNET IS EEEEEEEEEVIL!!!!!!!!!!!!!

#17 Posted by JeanLuc (3579 posts) -

I'm getting seriously paranoid that I'll be next. I don't even have anything good I swear.

#18 Posted by Renahzor (991 posts) -

@valrog: I've seen some VERY convincing phishing emails that would have fooled about 50% of people regarding my b.net account. To the point that the only tip-off it wasn't legit was it came to an email not associated with my account. There are many ways "hackers" get your login info though, it doesn't have to be you blindly entering your password on a direct phishing scam. Keyloggers are still very common, and some may be "in the wild" for a few days before AV software picks them up, and you might get one of these from something as innocuous as downloading a mod for wow, clicking on an email with a poorly secured email client etc.

More importantly, people are pretty much idiots when it comes to password security. Using the same login info across multiple sites, forums, and accounts is very very common, though almost no one wants to admit to it. If you use the same login info on a random D3 forum, they know you have D3, and if that forum has mediocre security (lets face it, these places aren't paying a ton for securing their free BBS), its only a matter of time before someone gets their hands on your info. Password guessing schemes are much more efficient at weeding out shitty passwords than most people think. There are very complex algorithms and very sophisticated methods of generating a probable list of passwords that is much much smaller than guessing every random ascii possibility in a given range. Building strong passwords without references to real names, places, or even any real words helps keep you more secure, but no password is invincible.

The real thing to remember is there is real, nearly untraceable money being made off this scheme. No one is going to sue for lost D3 shit(value of maybe 15 bucks per account?), and if they did finding who to go after is basically impossible. Bank passwords, credit account info etc is all trackable and leaves a money trail and eventually they get busted, and even that can take a very very long time. With video game gold, they get in, steal the stuff, sell the gold, and get out. By the time anything is done they've sold your gold to a third party (thank the gold buyers for making this lucrative) and have their money, blizz shuts down the account, they make a tidy profit. *If* blizzard decides to take away the purchased gold from the third party they can file a credit card dispute, which may or may not work, that's the only risk in the whole plan. Any time there's real money involved in something, someone somewhere is going to find a way to get the most profit in the least time, and that includes password theft and stealing virtual items. There's plenty of money in that industry to make the time spent finding the passwords weeelllll worth it for many people around the world.

All this can be avoided with a physical authenticator (which has been confirmed blizzard is selling those items *at cost*, manufacturer says they should be about 30 bucks retail) for 7 bucks. Alternatively like this guy, smart phone authenticator is 100% free, and works very well, and either one will stop virtually ALL compromised password type "hacks".

#19 Posted by SomeJerk (3216 posts) -

An authenticator won't project you from this hijacking that only coin-lock can prevent and re-written code can track the culprits of, but it's still a very good idea to have one because smaller more specific ad providers still haven't got their shit together when it comes to singling out providers with bad security that can get trojans or whatev snuck into rotation.

#20 Posted by Ravenlight (8040 posts) -

So you got hacked and the first thing you did was post about it on Giant Bomb? If you were on fire, would you also tweet about it first?

#21 Posted by gamefreak9 (2358 posts) -

I love my password... its just... so impossible to break. random 12 Letters and 4 random numbers with randomly allocated caps!

#22 Posted by AlisterCat (5532 posts) -

@TheWan: Contact blizzard support on the battlenet site. They can roll back your account and give you everything back.

#23 Posted by mandude (2669 posts) -

This thread title is becoming increasingly inaccurate. I with TentPole on this one. As with unprotected sex, I love the thrill it adds to the adventuring life.

#24 Posted by Breadfan (6589 posts) -
@gamefreak9

I love my password... its just... so impossible to break. random 12 Letters and 4 random numbers with randomly allocated caps!

ABCdefghijkl1234
---

But seriously, buy an authenticator. Shit works.
#25 Posted by WinterSnowblind (7615 posts) -

@gamefreak9 said:

I love my password... its just... so impossible to break. random 12 Letters and 4 random numbers with randomly allocated caps!

#26 Posted by ObiKwiet (129 posts) -

@gamefreak9: I don't believe that battle.net passwords are case sensitive. Still a random password cant hurt.

#27 Posted by Addfwyn (1921 posts) -

@Ravenlight:

"Man this fire is hot. Burning to death really hurts. Can anyone send some help? #fire #hothot #911plz"

#28 Posted by gamefreak9 (2358 posts) -

@ObiKwiet: i'm pretty sure they are case sensitive.

#29 Posted by Tennmuerti (8073 posts) -

@WinterSnowblind:

That comic is extremely misleading btw. It is compeltely incorrect on the math involved. No one should be using it to make a point ever.

It wouldn't matter if the math was just a tad shitty, but it's shitty enough to produce a completely reverse conclusion of the security of those 2 types of passwords.

#30 Posted by Sdoots (205 posts) -

@Ravenlight said:

So you got hacked and the first thing you did was post about it on Giant Bomb? If you were on fire, would you also tweet about it first?

You would get retweeted a whole fucking lot, to be fair.

#31 Posted by groin (846 posts) -

@gamefreak9 said:

@ObiKwiet: i'm pretty sure they are case sensitive.

That is incorrect. Battle.net passwords are not case sensitive. Try it yourself.

#32 Posted by Sooty (8082 posts) -

@BD_Mr_Bubbles said:

@TentPole said:

I don't believe in using an authenticator.

O kay then your begging to be hacked

Strong password + aversion to clicking BritneySpearsNaked.avi.exe links and you'll be fine.

#33 Posted by TheWan (68 posts) -

@Ravenlight: first I'd call 911, then send out a tweet, maybe a facebook status update as well.

#34 Posted by LordCmdrStryker (346 posts) -

@WinterSnowblind said:

@gamefreak9 said:

I love my password... its just... so impossible to break. random 12 Letters and 4 random numbers with randomly allocated caps!

XKCD is great, but if you want to know how stuff works you should check out https://www.grc.com/haystack.htm and listen to the audio like halfway down the page. Then you'll think that maybe using four dictionary words isn't such a great idea.

#35 Posted by murisan (1119 posts) -

@TheWan said:

I just downloaded the iphone authenticator. It seems to work at least. (here's hoping from now on). I didn't lose all of my equipped gear. I give the hacker/gold farmer props on just taking my money and a few gems.

/facepalm

you had a smartphone and didn't get the authenticator? well, at least you can get a rollback. call Blizzard, you'll get a rollback within an hour, then use the authenticator. no more hacking.

#36 Posted by Fattony12000 (7301 posts) -

@Sooty: What's with this new .avi thing? I'm stuck using .rm here.

#37 Posted by MacEG (253 posts) -

@Addfwyn said:

@Ravenlight:

"Man this fire is hot. Burning to death really hurts. Can anyone send some help? #fire #hothot #911plz"

Wouldn't it be "Got lit on fire 45 seconds ago. Traveling up pants. Scared for my junk. #fire #hothot #911plz #burninginpants "

#38 Posted by TooWalrus (13167 posts) -

@TheWan: A) recovery is a pretty standard, quick simple process. get on it and get your stuff back.

B) don't want to get hacked? use an authenticator.

#39 Posted by Tennmuerti (8073 posts) -

@Sooty said:

@BD_Mr_Bubbles said:

@TentPole said:

I don't believe in using an authenticator.

O kay then your begging to be hacked

Strong password + aversion to clicking BritneySpearsNaked.avi.exe links and you'll be fine.

If you are using a unique password, and then the e-mail that your account is tied to is also using a unique strong password, and that e-mail service also has great security, then yes maybe you're secure.

If your strong Bnet password is used in other places online (same for associated email password), security goes out the window. No phishing or clicking on shady links necessary.

It's far easier to simply get a strong password from some other weak security system (and then store it for when it's best to use it like for example a D3 release) then actually trying to break a strong password.

#40 Edited by Sooty (8082 posts) -

@Tennmuerti said:

@Sooty said:

@BD_Mr_Bubbles said:

@TentPole said:

I don't believe in using an authenticator.

O kay then your begging to be hacked

Strong password + aversion to clicking BritneySpearsNaked.avi.exe links and you'll be fine.

If you are using a unique password, and then the e-mail that your account is tied to is also using a unique strong password, and that e-mail service also has great security, then yes maybe you're secure.

If your strong Bnet password is used in other places online (same for associated email password), security goes out the window. No phishing or clicking on shady links necessary.

It's far easier to simply get a strong password from some other weak security system (and then store it for when it's best to use it like for example a D3 release) then actually trying to break a strong password.

I use strong individual passwords for important/valuable things to me, like Steam, Battle.net, Email and then strong but not as strong passwords for everything else. (so stuff like Reddit and random forums usually use the same password)

#41 Posted by Tennmuerti (8073 posts) -

@Sooty said:

I use strong individual passwords for important/valuable things to me, like Steam, Battle.net, Email and then strong but not as strong passwords for everything else. (so stuff like Reddit and random forums usually use the same password)

Well done. /nod

Most poeple don't.

#42 Posted by Subjugation (4720 posts) -

I've had online game accounts with Blizzard for six years and I've never had any account security problems. I attribute it to a) Safe browsing habits b) Decent passwords c) Common sense. Don't share your info with anyone for any reason. Ever. d) I got an authenticator as soon as they were selling them. $6.50 to protect my time, and money, investments across multiple games for many years is easily worth it.

Also, did you know you can setup your battle.net account to text you if someone starts dicking around on it? I didn't for the longest time, but as soon as I found out you could I enabled it for yet another layer of security.

#43 Posted by Sooty (8082 posts) -

@Tennmuerti said:

@Sooty said:

I use strong individual passwords for important/valuable things to me, like Steam, Battle.net, Email and then strong but not as strong passwords for everything else. (so stuff like Reddit and random forums usually use the same password)

Well done. /nod

Most poeple don't.

I didn't either really, I kinda did, I never had stupidly simple passwords but only in the last year did I start using individual ones and numbers with mixes of lower and upper case.

I did use authenticators before but the Google method is kinda clumsy and when my phone died I had to go through a bit of hassle with Blizzard and to a lesser extent Google.

My parents on the other hand...it's like teaching an elephant to weigh only 10lbs.

#44 Posted by Cataphract1014 (1313 posts) -
@Ravenlight said:

So you got hacked and the first thing you did was post about it on Giant Bomb? If you were on fire, would you also tweet about it first?

Reddit, my house is on fire.  Should I call the fire department?
#45 Posted by TheSouthernDandy (3855 posts) -

Dude that sucks. Hackers are trash.

#46 Posted by TheDudeOfGaming (6078 posts) -

@JeanLuc said:

I'm getting seriously paranoid that I'll be next. I don't even have anything good I swear.

Let me be the judge of that.

#47 Posted by Phatmac (5725 posts) -

Glad I missed out on Diablo 3. This hacking stuff is getting crazier each day.

#48 Posted by Tryptophan (162 posts) -

I think this is what we get for assigning value to non-valuables. Very strange when I think about it.

D3 started out nice for me, but boy around the end of ActII, the story, of all things, is actively getting in the way of an item hunt with no decent items.

I think the game is too tied to the AH, but we really should have seen that coming.

#49 Posted by Lukeweizer (2654 posts) -

Get the mobile app authenticator, it's free.

#50 Posted by SargeGulp (239 posts) -

@Tennmuerti said:

@Sooty said:

I use strong individual passwords for important/valuable things to me, like Steam, Battle.net, Email and then strong but not as strong passwords for everything else. (so stuff like Reddit and random forums usually use the same password)

Well done. /nod

Most poeple don't.

This. Definitely.

for forums etc my passwords are simpler, I just want to log on. For steam, battle.net etc they're strange hieroglyphic type things I usually change every few months.

Plus I watch porn on a separate computer. My dirty computer.

This edit will also create new pages on Giant Bomb for:

Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.

Comment and Save

Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.