Account has been hacked.

got hacked today aswell, they couldent have had more then 1 hour to do this, well tbh i havent played in a week or two but i got mail from GGG that i've logged in from a diffrent ip and account is locked, however this system is clearly not working since they HAVE gotten in and stolen my stuff that was worth anything, so GG thanks for the fish, im out

btw friend added "najomi9513" probably the bot. or the hacker etc, whatever nice security systems in this game...
i havent downloaded anything related to path of exile, like "CHEATS" or "passive tree builder" or whatever, i havent even looked at this game for 2 weeks!

oh well

And here's yet another one who has been robbed from all valuable orbs etc.

Chris wrote:
We're working hard on finding where the attackers are getting the passwords from. These are the ones we've identified so far:
a) Phishing PMs
b) Users posting config files
c) Infected hack programs
d) Users not using a unique password for PoE
e) Powerlevelling services

None of the above is a possibility so it makes you wonder if there is a "leak" anyway.
I'm extremely careful in every aspect and have never ever been hacked before... and I've been playing games since mid 80:s.

Too bad when it's a really good game, but with this security-level I don't dare to play further.

"

dr_lofstrand wrote:

And here's yet another one who has been robbed from all valuable orbs etc.

Chris wrote:
We're working hard on finding where the attackers are getting the passwords from. These are the ones we've identified so far:
a) Phishing PMs
b) Users posting config files
c) Infected hack programs
d) Users not using a unique password for PoE
e) Powerlevelling services

None of the above is a possibility so it makes you wonder if there is a "leak" anyway.
I'm extremely careful in every aspect and have never ever been hacked before... and I've been playing games since mid 80:s.

Too bad when it's a really good game, but with this security-level I don't dare to play further.

How long you've been playing games is a false equivalency. I doesn't make you a security expert. If you were phished you wouldn't know it. Infected hack programs is something you wouldn't admit, and if you do have some malware, you probably don't know it, even if it's unrelated to cheating programs.

Long story short, the only thing your comments prove is you really have no idea what you are talking about, and just want someone to blame for your problems.

"

Lask001 wrote:

How long you've been playing games is a false equivalency. I doesn't make you a security expert. If you were phished you wouldn't know it. Infected hack programs is something you wouldn't admit, and if you do have some malware, you probably don't know it, even if it's unrelated to cheating programs.

Long story short, the only thing your comments prove is you really have no idea what you are talking about, and just want someone to blame for your problems.

I've read your answers on this thread, and until we actually know what has happened you should really stop insulting people. Regarding to you everybody is complete idiots when it comes to computer security and has no control at all with their own computers. Sorry to break your illusion, but a lot of people actually has a good knowledge how to keep their computer safe. I've been working with computers/IT/security for 15 years and I know how to minimize the risks of being hacked.

As I said, GGG doesn't really know how this has happened yet. They have some facts but not all of them. Has it ever occured to you that there might be a glitch, a way in from their side as well? You know, that happens every day as well, that hackers breach companies security. There will always be users that click on a link a little bit to fast etc, but you don't think it's a little bit suspicious that that many users got hacked approximately at the same time?

Either way, it's really not fun being hacked and loose all the hard work/fun you've put in the game, so you could be a little bit more friendly instead of insulting people. We're all in the same boat here.

"

dr_lofstrand wrote:

"

Lask001 wrote:

How long you've been playing games is a false equivalency. I doesn't make you a security expert. If you were phished you wouldn't know it. Infected hack programs is something you wouldn't admit, and if you do have some malware, you probably don't know it, even if it's unrelated to cheating programs.

Long story short, the only thing your comments prove is you really have no idea what you are talking about, and just want someone to blame for your problems.

I've read your answers on this thread, and until we actually know what has happened you should really stop insulting people. Regarding to you everybody is complete idiots when it comes to computer security and has no control at all with their own computers. Sorry to break your illusion, but a lot of people actually has a good knowledge how to keep their computer safe. I've been working with computers/IT/security for 15 years and I know how to minimize the risks of being hacked.

As I said, GGG doesn't really know how this has happened yet. They have some facts but not all of them. Has it ever occured to you that there might be a glitch, a way in from their side as well? You know, that happens every day as well, that hackers breach companies security. There will always be users that click on a link a little bit to fast etc, but you don't think it's a little bit suspicious that that many users got hacked approximately at the same time?

Either way, it's really not fun being hacked and loose all the hard work/fun you've put in the game, so you could be a little bit more friendly instead of insulting people. We're all in the same boat here.

So let me see if I've got this right, you first cite how many video games you play as a source of your IT security knowledge, and then when I say that doesn't mean anything, you decided that 15 years with working on computers security and IT (wow that's pretty vague man....) would better strengthen your argument. I'm gonna say it's pretty likely that you are making your "experience" up.

So.....not to beat a dead horse but I've been inactive for months, log in to find almost all my stuff gone(they left my searing touch and some scrolls etc), including the stuff I bought from store. Not going to go into a huge rant but basically am positive my comp is clean and so is my email. Speaking of emails, the email i got was when i logged on, having it tell me my account was locked from someone logging in from another computer, only other email was my confirmation when I bought points. I've never used 3rd party anything, for any game, only play games on this computer. Password wasn't simple either. Have had no other issues anywhere, at anytime, with anything I do related to my email. GGG fault, no question.

"

CephalicKarnage wrote:

So.....not to beat a dead horse but I've been inactive for months, log in to find almost all my stuff gone(they left my searing touch and some scrolls etc), including the stuff I bought from store. Not going to go into a huge rant but basically am positive my comp is clean and so is my email. Speaking of emails, the email i got was when i logged on, having it tell me my account was locked from someone logging in from another computer, only other email was my confirmation when I bought points. I've never used 3rd party anything, for any game, only play games on this computer. Password wasn't simple either. Have had no other issues anywhere, at anytime, with anything I do related to my email. GGG fault, no question.

when was the last time you logged in, and if it was after febuary you comp is compromised because the hacker would have been locked out of the account as soon as they attempted to log in and would require the code which goes to your email.

It's that simple...you are the week link not ggg

Just doesn't add up dude. My email and game password are different. I never received any email at the time they logged in my account but I get it right when I log in? I look up hacked accounts and see numerous cases of hacks all around the same time, all with similar stories? They compromise my email only to wipe my PoE account but do nothing else? Sorry man, just can't go with it being on my end, logic and evidence point to ggg. Hey but thanks for your input pal! Oh but I will go back and say after I thought about it for a bit I went and inspected the 2 items they didn't sell, derp, my store effects were on them, apparently it was to complicated to take the effects off and sell those items, also weird they didn't touch my stash.
I seen their statement about how they weren't compromised. What obligation do they have to admit they did? None. Bad business to announce that they were compromised, it's a free to play game, you think they would hurt what little money they make? Wake up. You think they're immune to getting hacked? Fracking Sony got hacked years back and they stole my fracking info, SONY, not ggg, SONY. Some indie company is most definitely not immune. Nothing you can say will convince me otherwise.
I don't care about my items, I just want to throw out my story, that I know for a fact I don't do anything to let hacks in my comp(plus all the rest of the things I pointed out), to add to other people that know for themselves that they were not compromised other than there PoE account.

Right i'll dumb it down for you, GGG implemented the IP blocking they now have after the game went to open beta, some people got hacked, some used the same passwords on other game which had been compromised, others had shit security, others didn't bother with updates to programs, needless to say all of those had nothing to do with the security of the game and it showed in the actual amount hacked which totaled less than 1% and that was being generous.

If the database was breached(and it wasn't) they would have a list of hashed passwords and assuming they could decode them there would be hacks continuing constantly...guess what, there isn't.

Now the IP locking is very simple, someone might get you email address and attempt a log in, they can try all they like.
If they don't have your password nothing happens...they cant get in your account isn't locked

If they have your password the can get as far as the unlock box(which you had loggin in) and cant continue with out that code.

If you are saying that they managed to get in the only way they could do that is to have access to your email account to get the code from the email...if they have access to your email they can delete the email after they are don't and you would be none the wiser.

When they unlock the game with the code the IP lock is set to their IP address which is why when you logged in you had to enter the unlock code again.

If they were compromised they would tell you...they have been 100% honest about everything they have done in the game and will investigate it further for you if you want but the conclusion was form the accounts investigated at the time was pretty much 100% user fault, knowing or unwitting.

I'm not even going to say they are not immune to hacking, i know sony got hacked(went and changed mu CC just in case)

But really if they were hacked you would find that the posts would be in the tens if not hundreds of thousands not the pitiful amount there is.

I don't really expect you to grasp this, i know you are pissed that it happened but there is no point trying to blame the blameless.