Diablo 3 Accounts Being Hacked

[Saddamsdevil]

Good thing I use the authenticator, still, that won't do me much good when the damn thing is OFFLINE. *sigh*

 

[AceWarhead]

I know that people are trying to shit on this game in any way possible, there was no "stealing" Id's in a public game, it was all normal hacks from un-secure people.

I don't care what you think of me, my point is still correct.

Prove it. Do you have proof that it is not possible?

And no, don't shove statements made by Blizzard into anyone's faces - of course they're not going to tell the public they screwed up, it's always the End-User's fault.

Unless you have solid evidence that each and every case was a simple matter of keyloggers and troyans on the computers of victims, you can just as well shush now and wait for more information just like everybody else. You don't have a point - you're just being pushy with your argument without anything to prove its legitimacy whatsoever other than some statement made by a Blizzard employee on a forum. This is hardly proof of anything - the accounts are hacked en-masse, how is it hard to understand is beyond me.

EDIT: And no, we're not here to bash Diablo 3. Diablo is a damn awesome franchise and this is a genuienly great game, but it may have a glaring weakness in its online structure and concern is only natural.

DO YOU have any proof of what you're saying?

DO YOU?
None of us have proof. Foxi and others are just theorizing.
While YOU, sir, are stating things as if it were facts.

Yes, I do have facts, Facts that are based off other blizzard games I've played for the past 7 years, I've proved that it was normal hacking methods, and blizzard has said so themselves.


SO yes, I did prove it.

So you are just gonna take everything a company shoves down your throat and call it facts? A company that over and over again, LIED?
That... is blind fanboyism...

 

[Rasas]

brandonspikes regardless of if they are telling the truth or not it you shouldn't trust a company that lies time and time again. My previous post had some examples but there are dozen more. I understand that it is possible it was done through the more common methods but can you not agree it is possible Blizzard left a exploit in their system and are lying about it.

 

[Kioku]

Well this is... Saddening. I mean, I was gonna buy this tomorrow.. I don't want my account getting hacked not even a day after buying it... No..

 

[Rydian]

"Theorizing about how a hack took place when there's a lack of information" != "shitting on good games".

 

[Rasas]

snip

So despite all that you won't even consider a possibility that they are lying about it despite past instances of them lying. I'm not trying to say either side is right but there is no solid proof that it is one thing or another.

 

[alphamule]

I'll probably ROFL if any of the following turns out to be true:
A) Flaw in file distribution network. Everything from apache-httpd to BitTorrent to SSL has bugs or weaknesses.
B) Spyware created to prevent cheating got pwnd.
C) People all running some popular application (not necessarily a bot) with a previously unknown backdoor. See #1 but not Blizzard's clients/protocols. (Even Windows Media Player has had this sort of problem)

Whatever - I don't have an account so it doesn't affect me. Sorry if your virtual stuff got stolen. Mine got zapped because the server died so I know how much that sucks!

 

[NetShira]

Hmm oddly enough after perusing this today thinking "Hmm that sucks"... I logged on to D3 a few minutes ago to see how much farther my son (who plays all day) got farther from me since we played last night in D3 (I feel slightly competitive because I can't keep up with his progress when he played 3x more than I hehe)... and Guess what.. all characters have their gear, but no inventory, no money and no items in the first page of the stash (second page does have items ... and my chars have their "worn" inventory..). So I must add myself to those who appearantly got hacked (between 22 hrs ago and now). Last night I had a stash and 3 "temp" characters full of gold items for when the US AH opens. For those who care I run a pretty tight ship at home lan-wise because of what I do for a living hehe so this is pretty unexpected and dare I say it.. pretty improbable that the intrusion occurred at my side of things Just my opinion, maybe I'm "hacked" but nothing else I run is so we'll see. TLA.

 

[doyama]

Session ID theorizing is somewhat moot. It means that you would need ot initiate a MITM attack which isn't possible unless you have access to a core router somewhere. It's simply not possible to actually do this from China, or whatever. The theories behind this simply do not make any technical sense, and are generally simply repeated by individuals that don't actually understand the technical possibilities. And again if you could do this WHY use it on D3? Much more profitable to use it on Paypal or some other infrastructure.

This is also highly contradicted by the fact that many users get hacked without being in a game (they find out items are simply gone) to the recent trend of somehow accessing the AH is causing the hack.

Note that the majority of users are playing public games, and therefore users are going to make a fairly incorrect correlation that public games cause the problem. And those will indeed appear to make up the perponderance of the claims made on the forums simply from a statistical standpoint.

I think what coudl be happening is similar to the xbox issue.

http://xbox.about.co...k-Explained.htm

 

[DeMoN]

Keep in mind that Blizzard has made a shitload of money from Diablo 3 sales already, and regardless of whether they're right or wrong on this issue, they're still filthy rich.

Very foolish PR move for them to continue to deny this, but I guess ever since the merger it's all been about the profits.

 

[Rydian]

Session ID theorizing is somewhat moot. It means that you would need ot initiate a MITM attack which isn't possible unless you have access to a core router somewhere. It's simply not possible to actually do this from China, or whatever. The theories behind this simply do not make any technical sense, and are generally simply repeated by individuals that don't actually understand the technical possibilities.

As stated if all they actually needed was the ID it wouldn't be hard to brute-force until they found some active IDs with good loot.

But yeah a lot of the info seems odd, but people were talking about what little info was available at the start.

And again if you could do this WHY use it on D3? Much more profitable to use it on Paypal or some other infrastructure.

Tell that to the entire chinese MMO gold farming/stealing industry.

 

[hatredg0d]

if you choose to listen to that crap on their forum go for it.

My D3 account had an (mobile) Authenticator attached to it before loosing my items/gold. After three days of my ticket getting ignored i called, no one accessed my account according to them, but they rolled my account back anyways. something happened whether the server was having problems and deleted my stuff or the hacking everyone speaks of.
One of my friends had his char simply vanish unable to use the undo char delete button. he also required a roll back, honestly i think both me and him experienced some sort of glitch.

 

[alphamule]

Well that gets me thinking... supply and demand thing.

If there ARE D3 items getting transferred to gold seller's accounts, then you'd see a huge increase in the supply of items and gold. If not, the accounts might not be hacked at all but something is flagging the items as dupes or something silly like that. A lot of games use unique hidden serial numbers to prevent duplicated items, for those that don't get what I mean by 'dupes flagging'.

 

[Densetsu]

Can we please all just agree to disagree? It baffles me what people argue over sometimes

None of your posts have been permanently removed, just hidden for now. I apologize to those of you whose non-flamey posts got caught up in the net, but we'll go over them and restore them if they didn't contribute to the flame war.

 

[alphamule]

Can we please all just agree to disagree? It baffles me what people argue over sometimes

None of your posts have been permanently removed, just hidden for now. I apologize to those of you whose non-flamey posts got caught up in the net, but we'll go over them and restore them if they didn't contribute to the flame war.

Oh, I see what you did there... A flamewar... with a Diablo game.

 

[Rydian]

Maybe-on-topic; I've seen a lot of diablo porn showing up lately. Not the franchise, but the character.

 

[ZAFDeltaForce]

Good thing I use the authenticator, still, that won't do me much good when the damn thing is OFFLINE. *sigh*

Actually some of the hacked victims were authenticator users.

Still better than nothing though.

I downloaded the authenticator app right after I heard news of the hacking wave. Still good so far

 

[Deleted User]

Good thing I use the authenticator, still, that won't do me much good when the damn thing is OFFLINE. *sigh*

Actually some of the hacked victims were authenticator users.

Still better than nothing though.

I downloaded the authenticator app right after I heard news of the hacking wave. Still good so far

No they weren't, they had dial up authenticators that don't work for D3..

 

[alphamule]

Maybe-on-topic; I've seen a lot of diablo porn showing up lately. Not the franchise, but the character.

Well, someone'll be damned! LOL

 

[ZAFDeltaForce]

No they weren't, they had dial up authenticators that don't work for D3..

You mean the authenticator app?