Diablo 3 Accounts Being Hacked

Discussion in 'User Submitted News' started by IBNobody, May 21, 2012.

May 21, 2012

Diablo 3 Accounts Being Hacked by IBNobody at 6:56 PM (15,933 Views / 0 Likes) 124 replies

  1. IBNobody
    OP

    Member IBNobody I try to keep myself amused.

    Joined:
    Nov 16, 2006
    Messages:
    1,127
    Location:
    Texas, Hang 'Em High
    Country:
    United States
    UPDATE 2:

    Blizzard

    From Bashiok:


    http://us.battle.net/d3/en/forum/topic/5149619846?page=29#571

    ----------------------------------

    Apparently, there is a wave of account hacks going around for Diablo 3. Thieves are taking control of characters, looting all equipment, and stealing all their gold. Account stealing is old news with WoW, but it appears that there is more going on than just stolen passwords. Some are saying that it may be a session ID hack or a server-side hack.

    Hacked users log in to find their items looted and mysterious entries on their recently played list.
    Warning: Spoilers inside!

    Here are a few examples of game reporters getting hacked.

    http://www.eurogamer...nd-items-stolen
    http://www.examiner....diablo-3-hacked

    Here's a link to a massive thread on Blizzard's website:
    http://us.battle.net...49008518?page=1

    People are reporting that they've been hacked even though they have an authenticator and a secure password.
    People are reporting that they were hacked even though they only played single-player.

    Here's some theorycraft on Session ID Theft.

    http://us.battle.net...8518?page=8#156

    NOTE: I'm not a security expert. I have not had my account hacked.
     
  2. Seaking
    This message by Seaking has been removed from public view by a moderator, Dec 11, 2016.
    May 21, 2012


  3. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    I don't understand how this is funny. While the current goals seem to be chinese gold farming and not actual money, it's still account security for something people paid for (and is going into the gold farming business).

    EDIT: Grammar fix.
     
  4. purplesludge

    Member purplesludge anyone have any ideas for this space

    Joined:
    Mar 2, 2009
    Messages:
    1,047
    Location:
    wv
    Country:
    United States
    All the stolen stuff doesn't even need to be sold by a third party. Why didn't Blizzard anticipate this when they decided to have the real money auction house?
     
  5. Rasas

    Banned Rasas Banned

    Joined:
    Apr 7, 2010
    Messages:
    643
    Country:
    United States
    It isn't that funny but with all the stuff they did to Starcraft 2 and Diablo 3 they had it coming.
    They shouldn't charge for a authenticator that offers little to no defense but Blizzard has been going on a downward spiral every since merging with Activision. The DRM preventing single player was a bad idea decreasing sales. We all know hackers will hack it eventually so why hinder your own sales. Also blaming the consumer when you send a ticket when your WoW and Diablo 3 account gets hacked when it probably is a problem with their security is complete BS. Ya, some computers aren't fairly secure but just like MS and Sony they pretty much shift all the blame to you when it might be a security hole on their side when your computer is secure.


    They probably didn't think the numbers would be to high. I'm pretty sure every online service company takes in to mind some accounts being hacked.
     
  6. ferofax

    Member ferofax End of the World

    Joined:
    Jan 26, 2009
    Messages:
    2,564
    Location:
    Philippines
    Country:
    Philippines
    but then again there is such a thing as "acceptable losses". chances are, these players will just have to start over and forget about all those hacked items. i mean, really, relying on session IDs alone?

    even I who's not well versed on hacking have a faint idea on how to go about doing it, and I might even succeed with the attempt. I didn't expect things to be this lousy, just because it's a DRM.
     
  7. IBNobody
    OP

    Member IBNobody I try to keep myself amused.

    Joined:
    Nov 16, 2006
    Messages:
    1,127
    Location:
    Texas, Hang 'Em High
    Country:
    United States
    They did... But in a poor way.

    Basically, if you get hacked, you get punished.
     
  8. Sora de Eclaune

    Member Sora de Eclaune Baby squirrel, you's a sexy motherfucker.

    Joined:
    Feb 15, 2011
    Messages:
    2,785
    Location:
    123 Fake Street
    Country:
    United States
    This is why I'm going to wait until there's an exploit to make it possible to play the game offline. I didn't play the first two online, and I didn't have to be constantly connected to the internet to play, so why does this game have to be the odd one out?
     
  9. Satangel

    Member Satangel BEAST

    Joined:
    Nov 27, 2006
    Messages:
    10,255
    Location:
    Bruges, Belgium
    Country:
    Belgium
    Let's hope this is fixed by the time I purchase this baby. Saw it for a few hours today for the first time, impressive.
     
  10. emmanu888

    Member emmanu888 6 years and still going strong

    Joined:
    Jan 25, 2009
    Messages:
    1,221
    Location:
    Victoriaville,Québec
    Country:
    Canada
    wow that was really fast seems blizzard has some work to do on the security side of the server
     
  11. Satangel

    Member Satangel BEAST

    Joined:
    Nov 27, 2006
    Messages:
    10,255
    Location:
    Bruges, Belgium
    Country:
    Belgium
    DRM + cloud syncing + other things. Cloud syncing is really something useful IMHO, DRM is just BS.
     
    1 person likes this.
  12. Seaking

    Member Seaking GBAtemp Advanced Fan

    Joined:
    Nov 26, 2010
    Messages:
    857
    Country:
    United States
    this is funny because

    1. it seems saves are NOT on your local machine, correct? so that would mean its in the Blizzard "cloud" on D3 servers

    2. what IBNobody pointed out
    its been less then a month and hackers have already found a hole in the security.

    being Blizzard, i was hoping this would not happen.
     
  13. GreatZimkogway

    Member GreatZimkogway Touhou Fanatic

    Joined:
    Jul 21, 2009
    Messages:
    2,140
    Location:
    Imoriata
    Country:
    United States
    There won't be an "exploit". You'll have to wait until custom servers can get made, if that's ever possible. Everything, right now, is stored serverside, nothing on clientside.
     
  14. IBNobody
    OP

    Member IBNobody I try to keep myself amused.

    Joined:
    Nov 16, 2006
    Messages:
    1,127
    Location:
    Texas, Hang 'Em High
    Country:
    United States
    This is true. You can get lag spikes, even on single player. My ping is ~300-500 at times, and I see rubber-banding. There will need to be custom servers set up.


    ------------------------------------

    EDIT: I just updated the OP to indicate Blizzard's initial response.
     
  15. xdmario1

    Newcomer xdmario1 Member

    Joined:
    Aug 2, 2010
    Messages:
    43
    Country:
    United States
    I fail to see why Blizzard isn't getting hell for this. I may not play Diablo III, but I do know that if this were to happen with any console, Nintendo/Microsoft/Sony would be taking it up the ass for this. Why should a computer be any different?
     
  16. SpaceJump

    Member SpaceJump Where's my new 2D-Metroid?

    Joined:
    Aug 18, 2005
    Messages:
    3,648
    Location:
    Zebes
    Country:
    Germany
    Just checked my account and everything seems fine :ninja:
    Hopefully Blizzard will sort this out quickly!
     
  17. Covarr

    Member Covarr Sentient Cash Register

    Joined:
    Oct 21, 2005
    Messages:
    872
    Location:
    Far East of Eden
    Country:
    United States
    Because Blizzard is the second coming of Christ or something. People will put up with the excessive and intrusive DRM, the horribly broken launch that prevents paying customers from playing, and the accounts being hacked en masse less than a week after release, because in the eyes of the average Blizzard customer, they can do no wrong.

    Seriously though, why is it that if EA sneezes the wrong way people throw a hissyfit, but if Blizzard has a whole week of problems nobody minds? I simply don't get it.
     
    1 person likes this.
  18. TwinRetro

    Global Moderator TwinRetro Don't start nothin', Won't be nothin'

    Joined:
    Aug 29, 2008
    Messages:
    6,181
    Location:
    Las Vegas, NV
    Country:
    United States
    Have you been living under a rock for the last week and a half? Nobody minds? Error 37 is now a meme. Thousands if not MILLIONS of people have been bitching and complaining (rightfully so) about the abysmal launch that Diablo III had. Why don't you check the archive of any gaming news site and you'll see how "nobody minds".

    Nobody has been making a big deal on here because, frankly, Diablo III isn't targeting the average 'Temper.
     
    5 people like this.
  19. Wabsta

    Member Wabsta you fight like a dairy farmer

    Joined:
    Apr 25, 2008
    Messages:
    2,485
    Location:
    SCUMM Bar
    Country:
    Netherlands
    A friend of a friend got hacked, sucked.
    The whole forum and subreddit of diablo are full of people complaining about it.. I've seen people reporting websites (diablowiki apperently had a virus warning, and people who went on there have been hacked, for example)..
    I've not been hacked myself yet. Not that I would REALLY mind, I'm not that far into the game yet.
     
  20. DiscostewSM

    Member DiscostewSM GBAtemp Psycho!

    Joined:
    Feb 10, 2009
    Messages:
    4,802
    Location:
    Sacramento, California
    Country:
    United States
    [yt]I43GUnZN_s4[/yt]
     
  21. brandonspikes

    Member brandonspikes King Erazer

    Joined:
    May 30, 2010
    Messages:
    1,509
    Location:
    New York
    Country:
    United States
    Okay, So before people in this thread spout bullshit they don't know.


    ITS NOT BLIZZARDS FAULT.


    People getting hacked is their own fault, They clicked on suspicious emails and got a keylogger or trojan virus installed on their computer.

    The only way to hack an account with an authenticator is to have a trojan interceptor that blocks the user from connecting and sends the auth code to the hacker, letting them on the account.

    For people getting hacked without one, well its their own damn fault for not spending 4 dollars, or getting a free phone app.

    Lastly, I haven't had connection issues with Diablo since day one, and the game is amazing IMO, so don't try and start things you know nothing about.


    Lastly, once you use an auth code on your account, you don't need to enter it for about a month, as long as you access the account from the same static computer+location.


    TL;DR Dumb people are DUMB
     

Share This Page