I have not been hacked (yet :p), but I read through this thread and would like to point out the following observation (even though I lack any relevant IT related knowledge regarding account compromisation):
"
mabllo wrote:
How i think many passwords got stolen is the config file in my documents. that one stores your email and hashed password. If that gets stolen (by having windows sharing enabled for example and the documents folder shared (i believe it its shared by default)) some one can login to your account and freely steal your stuff.
(1) Up to page 17 there have been two users stating to use the "Remember Me" feature in the game's login screen/forums.
sirspikey
"
sirspikey wrote:
Those who think they are computerwiz's lol-ing etc at the ppl that got hacked; shut the f up, you are not helping.
If you truly had some deep knowledge about computers you would know that there are million of ways to hack some passwords and I will totally laugh my ass off the day that these smartasses gets hacked...
anyway, so the only links I can recall clicking that could have anything to do with this is some skilltree-links, and forum search results.
and regarding keyloggers; I've only typed my password ones the first time I registered to the site and the first time I logged in to the game. Then I used the 'remember me' -thingy, if the problem can have something to do with that?
I don't use any hack software.
I am on linux => i don't have any keylogers or botnets.
I have NoScript and AdBlock in my browser. I don't enter my passwords anywhere. I eneter it twice - when sing up (and use "remember me") and when first login in game (and use "remember password"). Anywhere I never did not enter my password.
I don't use router.
I don't share my client or config folders.
I don't use anywhere my email login.
I'm not doing anything that could lead to steal the password. But it was stolen and character was deleted. How and Why???
(2) If indeed one's password is locally saved in said config file like mabllo suggests, that may very well (?) be the hackers source (by whichever means one is able to attain these files may be another issue).
-> So, how about the other users, that got hacked? Did you save your email/password or do you reenter it every time you log in?
Extremely possible, though how they got access to files on the users pc is very concerning. I haven't tried it myself.
To Xareas, it's good to see we are finally making some leeway with you, saying it's possible you got phished. I wish I could tell you exactly what happened, but I think it's more than likely you will never know for sure.
To Xareas, it's good to see we are finally making some leeway with you
I never said it wasn't possible. You are just so pretentious and arrogant to see anything or accept anything anyone else writes. You haven't shown any knowledge, insight, or assistance in this issue and makes me wonder why you are even spending any time in this thread.
To Xareas, it's good to see we are finally making some leeway with you
I never said it wasn't possible. You are just so pretentious and arrogant to see anything or accept anything anyone else writes. You haven't shown any knowledge, insight, or assistance in this issue and makes me wonder why you are even spending any time in this thread.
Maybe I have you confused with other people, but most of what I have seen is "THIS CAN'T BE MY FAULT, GGG SHUT DOWN THE SERVERS, I'M RUNNING LINUX AND WINE SHIT BLAH BLAH BLAH"... so I put you in that bucket of people as far as I'm concerned.
What do you want me to say? I'm here simply because I've seen some really stupid comments and I like to tell people they are wrong. I don't care about explaining why they are wrong, or even if I change your mind, it's pretty obvious you aren't here to listen. I do like to hope that someone lurking might see that most of the people crying about getting hacked in this thread are full of shit.
There are only 3 groups that can tell you why you were hacked, and really that's dropped to one, yourself. GGG can confirm if it was on their end, which they have outright said it is not. The hacker could volunteer this information, but that's obviously not likely. All that's left is you, the victim. If you aren't technical, good luck (You aren't). There simply is not enough information for a random person over the internet to figure out what's causing you to lose your account, and honestly, even with access to your computer, I'm not sure that I or anyone could.
Maybe I have you confused with other people, but most of what I have seen is "THIS CAN'T BE MY FAULT, GGG SHUT DOWN THE SERVERS, I'M RUNNING LINUX AND WINE SHIT BLAH BLAH BLAH"... so I put you in that bucket of people as far as I'm concerned.
What do you want me to say? I'm here simply because I've seen some really stupid comments and I like to tell people they are wrong. I don't care about explaining why they are wrong, or even if I change your mind, it's pretty obvious you aren't here to listen. I do like to hope that someone lurking might see that most of the people crying about getting hacked in this thread are full of shit.
There are only 3 groups that can tell you why you were hacked, and really that's dropped to one, yourself. GGG can confirm if it was on their end, which they have outright said it is not. The hacker could volunteer this information, but that's obviously not likely. All that's left is you, the victim. If you aren't technical, good luck (You aren't). There simply is not enough information for a random person over the internet to figure out what's causing you to lose your account, and honestly, even with access to your computer, I'm not sure that I or anyone could.
That's exactly the kind of post I referenced. You don't know what you are talking about Technical or otherwise. Maybe learn a thing or two about computers before you come in here and tell everyone how amazing you are.
Maybe I have you confused with other people, but most of what I have seen is "THIS CAN'T BE MY FAULT, GGG SHUT DOWN THE SERVERS, I'M RUNNING LINUX AND WINE SHIT BLAH BLAH BLAH"... so I put you in that bucket of people as far as I'm concerned.
What do you want me to say? I'm here simply because I've seen some really stupid comments and I like to tell people they are wrong. I don't care about explaining why they are wrong, or even if I change your mind, it's pretty obvious you aren't here to listen. I do like to hope that someone lurking might see that most of the people crying about getting hacked in this thread are full of shit.
There are only 3 groups that can tell you why you were hacked, and really that's dropped to one, yourself. GGG can confirm if it was on their end, which they have outright said it is not. The hacker could volunteer this information, but that's obviously not likely. All that's left is you, the victim. If you aren't technical, good luck (You aren't). There simply is not enough information for a random person over the internet to figure out what's causing you to lose your account, and honestly, even with access to your computer, I'm not sure that I or anyone could.
That's exactly the kind of post I referenced. You don't know what you are talking about Technical or otherwise. Maybe learn a thing or two about computers before you come in here and tell everyone how amazing you are.
Hmmm, ok Mr DBA.
"
Xareas wrote:
Anyways the main issue here still seems to stem from an information security issue database to server to client side rather than lying with a users inability to protect their information.
Last edited by Lask001#4507 on Feb 9, 2013, 10:37:38 PM
Can't wait till more people get hacked.
Lose their items and characters, won't ever get restored because GGG doesn't do stuff like that.
Not GGG's fault.
People in the forums mocking you.
No account security whatsoever.
Promising.
I expressed so simple and common phrases because my knowledge of English is extremely small. And online translators - just awful. By this, I can not clearly, accurately and detail present my thought.
I could give a very lengthy discourse on what viruses on Linux there is, but the number of it very very very small, they are quite old (and mostly not working) and made for very specific tasks. Linux users around 1% in the world. Plays in PoE good if 5% of the initial 1%. Of these 5% more than half - have a dual boot with Windows. And seriously consider the possibility that for the final 0.0025% of Linux users, that playing PoE on Linux, will be written a virus that can be installed and run on different Linux distributions, with different kernels and different batch systems, as well as some different system catalogs tree - is at least silly.
However, as I wrote in the beginning, even given my line already struggling to understand as my knowledge of the language is extremely small.
Last edited by getsby86#7407 on Feb 10, 2013, 3:54:36 AM
I expressed so simple and common phrases because my knowledge of English is extremely small. And online translators - just awful. By this, I can not clearly, accurately and detail present my thought.
I could give a very lengthy discourse on what viruses on Linux there is, but the number of it very very very small, they are quite old (and mostly not working) and made for very specific tasks. Linux users around 1% in the world. Plays in PoE good if 5% of the initial 1%. Of these 5% more than half - have a dual boot with Windows. And seriously consider the possibility that for the final 0.0025% of Linux users, that playing PoE on Linux, will be written a virus that can be installed and run on different Linux distributions, with different kernels and different batch systems, as well as some different system catalogs tree - is at least silly.
However, as I wrote in the beginning, even given my line already struggling to understand as my knowledge of the language is extremely small.
I wasn't talking about you specifically - but every time there is surge of "hacks" going around, these users pop up talking about how great their home security systems are - running linux to play PoE, have a $10k firewall and all other kinds of stupid shit. I'm not saying you are a liar, and I wasn't really trying to say running linux is bad. My point is, why do we see this common theme of people claiming to be "unhackable" and "their security is flawless" blaming the company every time. You may be telling the truth, but the commonality makes it impossible for me to take anyone serious who claims to use linux after getting hacked.
I personally believe every single person who lost their account got phished and is too embarrassed to admit it. With a game like this, the way currency works, it makes by far the most sense - low level characters have access to all the currencies, and as such mass phishing attempts is the way to go.
