Hacked Accounts

"
TehHammer wrote:
"
VideoGeemer wrote:
Hackers will likely take WHATEVER they can get. What if their system doesn't let them target just rich players? Besides, if all they did was target those individuals, it would be more obvious that this was the work of a hacking group and not just some users that didn't know what they were doing.

Then ask yourself why they can't target the rich players but it's so easy for them to target noob accounts... answer is pretty obvious.


Don't you see? They seem to be getting a little of everything.
Invited to Beta 2012-03-18 / Supporter since 2012-04-08
Here is a easy suggestion that I have been doing for years to protect my accounts after a d2 account breach.

Grab a old hard drive, can even be a 10gb you will not need alot of space. Encrypt the secondary drive and put a password with multiple character and numbers, best passwords look kinda like Thi1s2is3a1exa2mpl3. These passowrds are alot harder to guess and chance.

Never use your drive password on anything or any site. Simply right it down and secure it under your bed.

Put your passwords all unique like above into a text file in a folder, Lock and password your folder and than lock and password the hard drive. Since no operating system is needed on the 2nd HD you can pretty much ghost it. If malware/keylogger etc is implemented on 1st Hard drive it will not compromise the 2nd hard drive.

This has saved my accounts for many years and I hope continues to do the trick.

Also maybe create a second hard drive OS that is only used to look at websites, Therefore if your hard drive becomes infected you do not need to worry about your entire system, just the crappy hard drive

Hope this will help you guys.
"
Invalesco wrote:
it could very well be that that 5% may have been punished for simply being human, that is, being careless. Do you recall clicking on any pathofexile link that you've received via pms or what not and then being led to the poe site or poe skilltree and having to log in again even though you're pretty sure you've logged in before?

would be nice if you could check your browser history and see if you've visited any sites that looked suspiciously like POE but were not the actual POE url. Would be helpful if you managed to uncover something like that.


Look, I've spent a lot of my time during the last two days researching this issue. I've done far more than merely checking my browser history. I know the anatomy of phishing scams well enough to recognize them. I'm done reviewing my firewall & file access logs. I haven't found my POE password in any pw hash databases. However, I haven't even found any leaked POE login lists yet - I'm not an expert on topics like that. Right now I'm mostly looking for any obscure exploits I might've missed.


I am getting a little bit paranoid about my own security, since GGG is adamant that their security has no problems and I can't find anything either.
"
VideoGeemer wrote:
"
TehHammer wrote:
"
VideoGeemer wrote:
Hackers will likely take WHATEVER they can get. What if their system doesn't let them target just rich players? Besides, if all they did was target those individuals, it would be more obvious that this was the work of a hacking group and not just some users that didn't know what they were doing.

Then ask yourself why they can't target the rich players but it's so easy for them to target noob accounts... answer is pretty obvious.


Don't you see? They seem to be getting a little of everything.
I like Chris' quote, when he said why aren't they targeting people at the top of the ladders with ten thousand times the currency. They simply can't because the people at the top aren't doing stupid things getting their accounts hacked.
How Fusings Work: http://www.pathofexile.com/forum/view-thread/38585/page/3#p1451934

IGN: TheHammer
"
VideoGeemer wrote:
"
crazypyro wrote:
"
darkro90 wrote:

I've also tried this for not only 10 times, 20 times, with reasonable delay in each password input since if you're entered it repeatedly, you will get warning message of "trying to login too much in a short time period". And guess what, when I tried my own password after the 20 tries, it still get me logged in.


This is exactly how you counter brute force attacks you moron.



Is it possible that hackers would program their little bots to deliberately wait a certain period of time before trying another password?

Probably...

You seem to be active in this discussion, but you have no absolutely expertise on the topic you're commenting on.

You would need to try millions of passwords per second to bruteforce a weak password within weeks. I'm sure you can figure out how long it'll take if you're limited to less than one try per second.
"
TehHammer wrote:
"
VideoGeemer wrote:
Hackers will likely take WHATEVER they can get. What if their system doesn't let them target just rich players? Besides, if all they did was target those individuals, it would be more obvious that this was the work of a hacking group and not just some users that didn't know what they were doing.

Then ask yourself why they can't target the rich players but it's so easy for them to target noob accounts... answer is pretty obvious.


It really is quite obvious. There is quite a big difference between the number of regular players and the number of big streamers. Assuming the hackers can only target accounts at random, its easy to see why streamers hasn't been hit. Its simply statistics.
"
TehHammer wrote:
"
VideoGeemer wrote:
Hackers will likely take WHATEVER they can get. What if their system doesn't let them target just rich players? Besides, if all they did was target those individuals, it would be more obvious that this was the work of a hacking group and not just some users that didn't know what they were doing.

Then ask yourself why they can't target the rich players but it's so easy for them to target noob accounts... answer is pretty obvious.

They have also targeted rich players with characters on the first page of ladder. Of course, statistically there will be less of these cases, since only a tiny minority of players are in the top 100.

But I don't see what this has to do with anything - the time someone spends playing has absolutely no correlation with their security expertise.
Hey, I logged in and I noticed my chest is gone , ALL OF MY ORBS ARE GONE!

I have virus protection, I aint on strange webpages. The password I have is uniqe, I have diffrent pass for all games, and I have dem write down on a pieice of paper irl.

this is first time I write anything on dis game, and I havent been on any other buy stuff to poe or anything, I wonder is there anything to get my orbs and my chest back? srsly ive spent so much time and so much fun into this game, I dont want it to stop but dis, I dunno why me.
I am a nice person irl, I work, I pay taxes, I never bullied anyone, I am a good person to the soul so I wonder why stuff like this happends to me? Ive been hacked before on one other game and its wow but its long long time ago. But offtopic bad things happends to me irl too. not only bad ofc but I feel more down than happy right now.

Help?

xxx Ken - Zaju
"
altaccount wrote:
They have also targeted rich players with characters on the first page of ladder. Of course, statistically there will be less of these cases, since only a tiny minority of players are in the top 100.

But I don't see what this has to do with anything - the time someone spends playing has absolutely no correlation with their security expertise.
The correlation is people don't use their primary accounts to use shady map hacks. So the types of accounts that usually get hacked are low level accounts with little investment, aka exactly what we're seeing get hacked. Those that claim GGG is at fault are guilty of something, whether it be reusing email & password from 3rd party/shady sites (or just sites that got hacked, like in Chris' example) or using map hax (and the like) or just falling for a clever phishing scheme (which the whole point of is so that you don't freaking notice it). Until GGG comes out and says they're at fault, I can't choose but to believe those that get hacked have it coming (with one exception that I've heard, which would be the only front page player you could list as getting hacked).
How Fusings Work: http://www.pathofexile.com/forum/view-thread/38585/page/3#p1451934

IGN: TheHammer
"
TehHammer wrote:
"
altaccount wrote:
They have also targeted rich players with characters on the first page of ladder. Of course, statistically there will be less of these cases, since only a tiny minority of players are in the top 100.

But I don't see what this has to do with anything - the time someone spends playing has absolutely no correlation with their security expertise.
The correlation is people don't use their primary accounts to use shady map hacks. So the types of accounts that usually get hacked are low level accounts with little investment, aka exactly what we're seeing get hacked. Those that claim GGG is at fault are guilty of something, whether it be reusing email & password from 3rd party/shady sites (or just sites that got hacked, like in Chris' example) or using map hax (and the like) or just falling for a clever phishing scheme (which the whole point of is so that you don't freaking notice it). Until GGG comes out and says they're at fault, I can't choose but to believe those that get hacked have it coming (with one exception that I've heard, which would be the only front page player you could list as getting hacked).

There is no such correlation - People have lost their primary accounts, people who are security-conscious, people who are closed beta players, people who have bought microtransactions. And like you said it yourself, there are exceptions to the "average stupid player".

Report Forum Post

Report Account:

Report Type

Additional Info