Account has been hacked.

SOme advices:

...

There are no final security...
If you have a antivirus is not a garanty of security...
You can have been hacked 2 months ago, and the hacker keep the pass until he need it to use...

You have to have windows with the last pactch.
You souldnt use the same pass with other accounts.
You have to get antivirus with the last patch, and uninstal Java xDDD

Also some nice restrictiosn in your broweser will be nice. And if you add some blocker...That ask you to be redirectionated to other website, or if the javascript code can be executed.

The most normally issue, is that the password have been stolen, in a website or forum, maybe sold... Or our Pc is infected with some trojan, or somethink like this...

LIKE you see, some new BUGS with flash appeared...

ALWAYS download the last version of flash or java, form the oficial page. Don try to update you java or flash with the updater...
A windows ask to you? do you want to update the lastets java version?? click no, and go to the oficial website to download the las version.

Also a firewall, one antirrotkit, and a tool like ccleaner will do anice work.

I'd rather not continue this constant bickering over whether people are telling the truth about their account compromises. How about we try to find some common potential sources of the phishing?

Since it's pretty uncommon in most cases for people to have keyloggers, etc. I think it's safe to give that option the benefit of the doubt for now. I would say the 3 most likely types of passwords to be phished or cracked are:
1) Passwords that have been used in the past - even if you are no longer using them anywhere any more, they may be in a database somewhere from an off-site security breach
2) Old passwords that haven't been changed for a long time - same reason
3) Weak passwords (e.g. short, or only dictionary words)

THE FIRST THING ANYBODY SHOULD DO IF THEY ARE CONCERNED IS CHANGE THEIR PASSWORD IMMEDIATELY. That much is just a good precaution.

Beyond that, does anybody have any ideas? I saw mention of a "gem value" google doc in here, though google docs are not known to be suspicious. The only other thing I can think of is the POE Helper browser addon for Google Chrome. Can any of the hacking victims confirm/deny use of this extension?

This is about all we can do until some more official word from the staff. For now we should try to think of possible causes rather than just yelling at people.

EDIT: Had a quick look at recent updates for PoE helper. There doesn't seem to be anything suspicious in there, unless someone with more coding experience can see anything weird.

I've been hacked this night (europe)
One of my character is in default league while he was in hardcore last evening.
I suppose it's the one that take all my currencies to transfer them into the default league and make them disapear as all my uniques.

I'm a computer scientist that got a lot of security on his computer. I have never been hacked in any way. My password is very safe more than 15 caracter and lot of special caracter. I never use any maphack nor powerleveling nor gold/currency selling. I used the same password here than on my main email account and it has not been hacked what so ever even this night.

I really think that the hacker found a way to get in other players account by fooling the authentificating server.

PS: sorry for the poor english
PS2 : didnt read the 14 pages of this post. Is there anyway to get my currencies and uniques back?

I've played numerous of games, never got hacked and now of all times i get hacked. I bought my desktop last week and haven't played POE before that. The only thing installed on the desktop is POE. And nothing else. Havent been to weird websites or w/e. Ah well i guess ill just farm again..

I just got hacked, crap
only the 2th time this has ever happened to me
yet i don't get it how, because none of my chars i use have my username on them, and only the forum uses that name.

when i logged in first, everything was "fine" i noticed i lost stuff but it wasn't the end of the world. Then i did a virus scan and i changed my password.
Then i couldn't get poe to start again. it just would stay on a black screen for hours.

I might not be an IT expert but this is rather weird. my guess is that a program somehow managed to get into the poe folder, got my username and pw, and stayed there, now that my virus scanner is scanning it cant work anymore and the entire game crashes because of it.

I might be dead wrong but still, it is weird you can't denie that.

"

Dr4w wrote:

I've been hacked this night (europe)
One of my character is in default league while he was in hardcore last evening.
I suppose it's the one that take all my currencies to transfer them into the default league and make them disapear as all my uniques.

I'm a computer scientist that got a lot of security on his computer. I have never been hacked in any way. My password is very safe more than 15 caracter and lot of special caracter. I never use any maphack nor powerleveling nor gold/currency selling. I used the same password here than on my main email account and it has not been hacked what so ever even this night.

I really think that the hacker found a way to get in other players account by fooling the authentificating server.

PS: sorry for the poor english
PS2 : didnt read the 14 pages of this post. Is there anyway to get my currencies and uniques back?

This problem is not just with you. There are minimum 2 people who did not do anything that could lead to loss of password, but have been hacked.

However, some individuals here are extremely skeptical of this version, and believe that what we are idiots and ourselves allow a hacker to hack us. They think hacking the server is not possible. Things, unfortunately, did not return. Otherwise it will break economy of server. The same is unlikely to recover deleted characters.

But this is unlikely breaking the server. Looks more like to intercept a traffic to the server. This is supported by the fact that in addition to stealing 07.02.2013 also many people had visible desync client and server, which indicates a problem with the channel.

Also sorry for my bad English.

I see people saying "I haven't been to strange\shady\weird websites". The thing is a good phishing website will look almost mirror like to official PoE one.

How i think many passwords got stolen is the config file in my documents. that one stores your email and hashed password. If that gets stolen (by having windows sharing enabled for example and the documents folder shared (i believe it its shared by default)) some one can login to your account and freely steal your stuff.

If there a breach on GGG's servers I'm sure they will let us know and i'm gonna eat my words about it being the user's fault almost every time :)

Constructively tho we should try and figure out where and how and when it all happened. So lets be civil and carry on discussions :)

"

Dr4w wrote:

I used the same password here than on my main email account and it has not been hacked what so ever even this night.

And how do you know your Email isn't compromised? If I were a hacker and had access to your Email account I wouldn't do a thing to it and instead hope that you do exactly what you did - use the same password on another website/game. Now I have access to that as well.

If people would stop being stupid and use unique passwords on every website/game then 90% of the "my account has been hacked" posts would go away.

Is it possible that GGGs servers get hacked? Of course. It happened to other companies and it can happen here too. But if that is the case here, why isn't the problem more widespread? Why aren't the top (and therefore wealthy) players the ones getting their stuff stolen?
If you have 100k accounts and a few hundred are hacked, what is more likely: That the company database is compromised or that the account info got stolen on an individual level out of control of the company?

Ive done 2 full system scans and it came up with nothing after that ive changed my pass. I know for sure my email hasnt been accessed cuz it would come up in the ip logs. the only outside poe thing ive used is Poe helper for the orb recipes. I dont use custom inis either. I dont expect my orbs and scrolls back i can get that back in a couple of weeks. However i do hope the problem get found to prevent others being a victim of it who have less time to farm and play and it would make a larger impact for them perhaps even quiting the game cuz they lost all their things they worked on for months.

"

thalbr wrote:

"

Dr4w wrote:

I used the same password here than on my main email account and it has not been hacked what so ever even this night.

And how do you know your Email isn't compromised? If I were a hacker and had access to your Email account I wouldn't do a thing to it and instead hope that you do exactly what you did - use the same password on another website/game. Now I have access to that as well.

If people would stop being stupid and use unique passwords on every website/game then 90% of the "my account has been hacked" posts would go away.

Is it possible that GGGs servers get hacked? Of course. It happened to other companies and it can happen here too. But if that is the case here, why isn't the problem more widespread? Why aren't the top (and therefore wealthy) players the ones getting their stuff stolen?
If you have 100k accounts and a few hundred are hacked, what is more likely: That the company database is compromised or that the account info got stolen on an individual level out of control of the company?

I've got an ip checker on my email account smartass. Maybe that's why i know i haven't been hacked.
From what i see you think you're very smart and others are pretty dumb.
Every time I play a new game, I change my main password (the one which is very complicated to find even with brute force) and i change my email password too.
But hey, who cares about your damn advice or thinking. I was just pointing out that i'm a pretty safe user and that I have never been hacked before and I just suppose that in my opinion the authentificating server could be fool like it was before.