It is currently Mon Dec 23, 2024 2:45 am

HACKED!!

For game and non-game related chatter, links, and other goodies, go here.

HACKED!!

Postby Damorte » Sun May 30, 2010 11:33 pm

I am fairly positive my account just got hacked! I got booted from the server, and when I tried to get back in it asked me for the Authenticator code... I don't HAVE an authenticator!! /cry

Edit: I have changed my password on the website and posted in the thread in the forums where requests for authenticator removals are processed. It may be a while though and I will probably be missing a TON of shit.... grrrrrr....

Edit2: I made a temp account and tried to talk to Feignlife, who ignored me. >=( If you see Damortes on, please add to your friends list so I can whisper you.

Edit 3: All fixed! Blizz jumped right on that, I received and email this morning that my password has been reset. YAY! Happy times! BTW to answer any curious questioners, NO I do not submit my information to anywhere other than Blizzard's website and Battle.net and I am so not stupid enough to fall for emails. =)
"All me got to be able to do is spell 'kill.' K-Y-Y-Y-L...."

Cause of accident: Lack of adhesive ducks.

Damiya - Sith Marauder
Damelle - Sith Sorcerer
Damienne - Mercenary
Devie - Sniper
User avatar
Damorte
Hired Goon
 
Posts: 237
Joined: Thu Apr 09, 2009 9:33 am
Location: Mesa, Arizona
Gender: Female

Postby Highgrade » Tue Jun 01, 2010 11:17 am

sounds like it is time to get an authenticator =) glad you got it fixed chica
Image
User avatar
Highgrade
Officer
 
Posts: 507
Joined: Sat Jan 12, 2008 5:47 pm
Gender: Not specified

Postby Zancarius » Tue Jun 01, 2010 11:41 am

Damorte wrote:Edit2: I made a temp account and tried to talk to Feignlife, who ignored me.>=(


I believe Feignlife is a youngling, so it's not unexpected that he wouldn't respond since he probably isn't allowed to. That, and he probably has no idea who you are as he's a really new recruit.

Anyway, if you haven't already, I'd suggest verifying that there's nothing unwanted on your system remotely with housecall if possible. Make sure to update Adobe Flash as well. If your account details were taken, it's likely from a keylogger on a machine you've recently logged into the game from.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male

Postby Damorte » Tue Jun 01, 2010 5:02 pm

Yes, I scanned with Malwarebytes, Housecall, AdAware, SpyBot, and my antivirus (Avast). Obviously not at the same time. And yes, I'm paranoid. Every single scan came out clean as a whistle. I'm not sure how they got it but I did notice several dozen other people in the forums claiming the exact same issue at the exact same time as me, including one gentleman who was an IT guy etc etc and his computer also scanned clean. I haven't the faintest clue what I did or how they got it, but I ordered me an authenticator because if its good enough to lock me out of my own account, its good enough to keep the creepies out.

Oh, and thank you all very very much for helping me protect the guild stuff by making me thwack! :D
"All me got to be able to do is spell 'kill.' K-Y-Y-Y-L...."

Cause of accident: Lack of adhesive ducks.

Damiya - Sith Marauder
Damelle - Sith Sorcerer
Damienne - Mercenary
Devie - Sniper
User avatar
Damorte
Hired Goon
 
Posts: 237
Joined: Thu Apr 09, 2009 9:33 am
Location: Mesa, Arizona
Gender: Female

Postby Zancarius » Tue Jun 01, 2010 5:58 pm

I'm a perpetual skeptic, even for those who claim to have various IT certifications (mostly meaningless; I've known plenty of MCSEs that are complete idiots), because there really are only a few ways to get your account details: keyloggers, phishing sites, or compromised sites (which usually install keyloggers). It's also possible to use certain combinations of XSS and CSRF attacks to obtain data from users without them really knowing, although those attacks are usually much more sophisticated.

Having said that, Tirian posted some interesting information some months back related to lax security policies in Blizzard's accounting department. It's possible you got zinged by one of these, too, particularly if an authenticator were bound to your account without you authorizing it. But, they'd likely have to have gleaned your e-mail address from somewhere, which leads me to suspect other informational leaks.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male


Return to General Chat

Who is online

Users browsing this forum: No registered users and 2 guests