Gameplay Help and Discussion - 14th ranked streaming HC player Prozon hacked just minutes ago.Pictures included. - Forum

Ok it seems the first high ranked player got hacked at last the first one on my friendlist. Prozon lives in Norway and it's close to 2am now there. I was doing merveil runs in cruel when a suspicious action took place: It seemed suspicious since he was in Terraces(Not on screen usually he answers and he isn't doing in Terraces) Prozon and ProzonII were the only characters he used the others characters were leftovers from Closed Beta and those logged in and out(he never used them) From what I know Prozon used PoEstatistics and PoEHelper looking at his stream he had PW stored all the time and his Browser isn't well protected. Since he streamed it's really not possible he had any 3rd tools running. The most likely outcome would be either the compiled PoEHelper contained a backdoor function at some point(not hard to pull off via autoupdate read out mail and PWHash upload it) or he got hit by a javascript on PoEstatistics. Another possibility would be a suspicious link from a stream follower. Another interesting thing to know which would solidfy the theory about it, would be to know if he created the mail only for PoE(same for other victims) Update: It seems to be an automated script. I created a Defaultcharacter invited him and he accepted. It logged into ProzonII accepted the invite too. There was another Mara level 8 in his instance named MisterHot. Hopefully the invites prevented further damage. Last edited by C4r1b0u on Feb 20, 2013, 11:01:08 PM	Posted by Hilbert on Feb 20, 2013, 8:13:38 PM Quote this Post
Ouch... however the speculation at the end of your post may be uncalled for.	Posted by Xoraisse on Feb 20, 2013, 8:25:24 PM Quote this Post
" Prozon lives in Norway and it's close to 2am now there. you they are just warming up...	Posted by Kortak on Feb 20, 2013, 8:40:08 PM Quote this Post
More screens: Spoiler The bot walked to both vendors and then to stash. The bot didn't accept any trade requests same with the character in the instance. I don't know if the stash already has been emptied or the bot communicates with some kind of command but it would be nice if the bot is written without any safetychecks so friends can reduce the damage. " Ouch... however the speculation at the end of your post may be uncalled for. The speculation is justified because if you do some research on other hacker claims, some of them use the same nick on a botterboard so it's likely that they used some 3rd party tools. Others were really new members so it's likely they tried to scam. Prozon didn't even know what the botterboard is, till December. His twitch stream is prozon90 you can check the last days to find suspicious action/messages. If you know that somebody is playing only 1 character and another one was only used for Gems but then see other characters logging in and out quiet fast is suspicious. Sadly nobody of those "I got hacked users" is willing to mention what sites he visited or if he used PoEHelper. Also you can't compare PoE with WoW or D3. If some players compromised many D3/WoW accounts they must run big lists=many invalid logins = Ipban. This seems to be targeted towards PoE. The bot is still messing around with his account.	Posted by Hilbert on Feb 20, 2013, 8:52:29 PM Quote this Post
Sucks for him. Somehow he did something to risk compromising his account. Speculation is speculation. Just be safe with your own account and don't visit fishy sites.	Posted by jartipper on Feb 20, 2013, 9:00:40 PM Quote this Post
not new. just look at the technical help section and you'll see tons of users posting "GOT HACKED" And still GGG ignores it. sigh Last edited by D3c4y on Feb 20, 2013, 9:03:38 PM	Posted by D3c4y on Feb 20, 2013, 9:03:23 PM Quote this Post
To me it looks like this account has been sold from one player to another. That's based on a very quick examination and we'll be following up soon. To change the email account like this, you need access to his email. He either sold it or lost his entire email account (which we physically can't do anything about). " D3c4y wrote: not new. just look at the technical help section and you'll see tons of users posting "GOT HACKED" And still GGG ignores it. sigh We haven't ignored it - we've posted many threads about the situation (the most recent being http://www.pathofexile.com/forum/view-thread/172532). We're working around the clock to add new security measures. EDIT: This account appears to not have been sold and hence did not violate our RMT rules. Its email was changed to a third party. Still investigating. Lead Developer. Follow us on: Twitter \| YouTube \| Facebook \| Contact Support if you need help! Last edited by Chris on Feb 20, 2013, 9:26:31 PM	Posted by Chris on Feb 20, 2013, 9:12:10 PM Grinding Gear Games Quote this Post
" Chris wrote: To me it looks like this account has been sold from one player to another. So it begins. popcorn GGG banning all political discussion shortly after getting acquired by China is a weird coincidence.	Posted by Xavderion on Feb 20, 2013, 9:16:10 PM Quote this Post
" Chris wrote: To me it looks like this account has been sold from one player to another. That's based on a very quick examination and we'll be following up soon. To change the email account like this, you need access to his email. He either sold it or lost his entire email account (which we physically can't do anything about). " D3c4y wrote: not new. just look at the technical help section and you'll see tons of users posting "GOT HACKED" And still GGG ignores it. sigh We haven't ignored it - we've posted many threads about the situation (the most recent being http://www.pathofexile.com/forum/view-thread/172532). We're working around the clock to add new security measures. thanks. hope your team can sort it up asap.	Posted by D3c4y on Feb 20, 2013, 9:16:26 PM Quote this Post
Two second search on google I find the person who hacked him......	Posted by nefarious on Feb 20, 2013, 9:25:36 PM Quote this Post