Hey guys... i'm back!

Hey I'm very sorry to hear this. I was actually born/raised in Odessa, Ukraine, and I can tell you that there are a lot of decent people but also a TONS of trash hackers there who literally get turned on when they hack your account and take all your shit.

Anyways very sorry buddy, I've had expensive things stolen from me in games before and it is very hard to come back with the same enthusiasm.
"
Shovelcut wrote:
"
Demonoz wrote:

I just thought of something.. If they (GGG) can see the IP and where it was accessed from them couldn't they also possibly link it to the IP the person uses for their own account and ban the person? Since the person obviously plays the game and had to transfer all his stuff to another account.. THEIR account.. Thats basically busted right there. I wouldnt think it would be too hard to figure out the account that did this and atleast ban the person or try to get the stuff back from them or something. Seems like there would be some kind of trail. Even if they are using alt accounts the stuff has to end up on someone's actual account for its all said and done i would think.

All it would take to get around that would be a proxy or vpn really.

@KorgothBG: Sorry for your loss and thank you for the great effort you put into your guides and the build lists. ♥


Damn thats why i asked i wasnt sure. I dont know a whole hell of alot about how networking works. I figured there would be some paper trail so to speak.
There is a fine line between Consideration and Hesitation.
The former is Wisdom, the latter is Fear.
Accessing both your game account and email account smells like a keylog/trojan.

If you've been using complex passwords, then a "brute-force" attack is unlikely. As such, have you downloaded any programs from less-than-reputable websites (torrents and such, plainly-said) I would encourage you to check your system as thoroughly as possible.

If you've trouble coming up with "complex passwords", perhaps websites such as https://strongpasswordgenerator.com/ could help.

To remember them, simply write the passwords down on a piece of a paper that you keep at your desk (for workplace passwords, this is obviously not secure, but for home-use programs such as games and email, it's fine).
I did tons of malware checks with various programs and there is nothing. Although as i've stated earlier, i've been logging into my account to browse the forums from work and my guess is that's exactly the problem.

As for my passwords - they are always unique 20+ symbols long ( including numbers, letters and other symbols )
"I'm going to show you pain you never knew existed, you're going to see a whole new spectrum of pain!!!!! Like a RAINBOW!"
"
KorgothBG wrote:
As for my passwords - they are always unique 20+ symbols long ( including numbers, letters and other symbols )


I've been meaning to ask this: are your passwords truly randomly generated, or unique but variations on some rule-based scheme you came up with? In practice, the former option means using a password vault and automatically generating them with that, because the human brain isn't really fit to memorize dozens of unique, properly random strings of alphanumerics.

If it's the former, there's essentially 2(.5) options for what could have happened:

1) GGG's password database is exposed, but the contents are properly hashed, and you had the astronomical bad luck to have a hash collision with a known database leak. This is exceptionally unlikely to happen.

1.b) The database is exposed but the contents are not properly hashed. That would mean literally everyone's passwords are known, so I don't think this is likely.

2) Your system is compromised with some kind of keylogger or whatever, either at home or at work. This seems unlikely, because mass-distributed malware is typically written to filter out creditcard credentials and not the login to a niche indy game. However, it could have filtered out the email/password combo, and the person responsible knew/figured out that there's money to be gained here. Feels like a lot of effort if you were randomly targetted, but maybe the guy had a slow day.

Options (1) and (1.b) seem very unlikely. In case of option (2), your best and only course of action is to nuke both systems from orbit, and reset all your credentials everywhere.


The only realistic alternative I can see is that your password generation isn't good enough, and a breach on another account let someone figure out the password that you've been using here..
I am coming up on my own with my passwords. I'm pretty sure that option 2) is the problem ( more specifically the PC at work ). I've already changed the pass on everything, created new e-mails and linked most of my stuff to the new ones, sadly i cannot do anything about the pc at work .. so i just won't use it for accessing ... well ... anything.
"I'm going to show you pain you never knew existed, you're going to see a whole new spectrum of pain!!!!! Like a RAINBOW!"
"
brgillespie wrote:
Accessing both your game account and email account smells like a keylog/trojan.
If somebody has your email access, they don't need to know your poe password. They just request a password reset.
Guild Leader The Amazon Basin <BASIN>
Play Nice and Show Some Class www.theamazonbasin.com
Last edited by mark1030#3643 on May 26, 2016, 10:26:29 AM
"
mark1030 wrote:
"
brgillespie wrote:
Accessing both your game account and email account smells like a keylog/trojan.
If somebody has your email access, they don't need to know your poe password. They just request a password reset.

Exactly. And GGG's support advised me to check my email with https://haveibeenpwned.com/ and sadly the results were 4 breached sites.
"I'm going to show you pain you never knew existed, you're going to see a whole new spectrum of pain!!!!! Like a RAINBOW!"
"
KorgothBG wrote:
"
mark1030 wrote:
"
brgillespie wrote:
Accessing both your game account and email account smells like a keylog/trojan.
If somebody has your email access, they don't need to know your poe password. They just request a password reset.

Exactly. And GGG's support advised me to check my email with https://haveibeenpwned.com/ and sadly the results were 4 breached sites.


Sorry to hear that, that's really unfortunate :/

I feel a bit bad about lecturing you on this, but I still insist that it doesn't have to be a keylogger. This:

"
KorgothBG wrote:

I am coming up on my own with my passwords


is really, REALLY, bad operational security. Hearing that, I'm assuming your passwords are of the form

"KorgothsSuperSecretPassword_23_bankAccount"
"KorgothsSuperSecretPassword_34_pathOfExile"

or some slightly more complicated variation thereof. Instead, your passwords really should look like this:

"TEhvlInu17OxcWJ6Ojn1"
"RlXdssxHqhmGjeDSYqe2"
Well i guess my passwords could be stronger.
At the moment they look something like this ( of course totally different but the same type more or less ):

Maikavie829?37groz12837na22krava10!

which looks gibberish-y unless ... you speak my native language ( which not many people in the world actually do )

But indeed a pass can be stronger.
"I'm going to show you pain you never knew existed, you're going to see a whole new spectrum of pain!!!!! Like a RAINBOW!"
Last edited by KorgothBG#4084 on May 26, 2016, 10:46:26 AM

Report Forum Post

Report Account:

Report Type

Additional Info