Compromised PoE Accounts: Stolen Items and Hacked Accounts - Discussion and Leads

"

Crainus#7059 wrote:

aside from that i can garantee that i didnt install anything aside from Overwolf PoE companion for PoE2 still doubt its that xD and no of course no phishing im not 12 xD

Internet rule #334 One should never install Overwolf, it's a known to be used as spyware and leak any user info they could LOL.

Without jokes, overwolf requesting kernel level permissions to run so it's a big NONO.

"

Feel_Fried#1014 wrote:

"

Crainus#7059 wrote:

aside from that i can garantee that i didnt install anything aside from Overwolf PoE companion for PoE2 still doubt its that xD and no of course no phishing im not 12 xD

Internet rule #334 One should never install Overwolf, it's a known to be used as spyware and leak any user info they could LOL.

Without jokes, overwolf requesting kernel level permissions to run so it's a big NONO.

kernel lvl permissions to run ?? i doubt that but i'll check it later xD read the post and replies man your late for the party xD still doesnt explain bypassing 2fa xD

"

Crainus#7059 wrote:

still doesnt explain bypassing 2fa xD

if you have steam authorisation file from steam folder you don't need 2fa and to login at all, so no, Overwolf on your PC explains everything.
https://gaming.stackexchange.com/questions/240073/where-is-the-steam-authorization-file

"

Feel_Fried#1014 wrote:

"

Crainus#7059 wrote:

still doesnt explain bypassing 2fa xD

if you have steam authorisation file from steam folder you don't need 2fa and to login at all, so no, Overwolf on your PC explains everything.
https://gaming.stackexchange.com/questions/240073/where-is-the-steam-authorization-file

I think there's a misunderstanding here. Even if you have access to the Steam authorization file, it doesn't bypass the need for 2FA when logging in from a new device or after a session expires. The authorization file helps maintain an already authenticated session, but it doesn't remove the 2FA requirement for new logins.

As for Overwolf or similar programs being a cause, correlation doesn't equal causation. Thousands of people use Overwolf without issues.

"

Crainus#7059 wrote:

correlation doesn't equal causation. Thousands of people use Overwolf without issues.

Thousands of people playing PoE 2 and only 66 accounts hijacked so...
Main problem here that PoE admin account wouldn't grant access to steam it's literally impossible, but software that have full access to the system - will it can stole session files as well as authentication requests from your PC. And as you said in original post - someone loged into your Steam from different IPs over the world.

"

Feel_Fried#1014 wrote:

"

Crainus#7059 wrote:

correlation doesn't equal causation. Thousands of people use Overwolf without issues.

Thousands of people playing PoE 2 and only 66 accounts hijacked so...
Main problem here that PoE admin account wouldn't grant access to steam it's literally impossible, but software that have full access to the system - will it can stole session files as well as authentication requests from your PC. And as you said in original post - someone loged into your Steam from different IPs over the world.

What’s your point here? Even though only 66 accounts had notes deleted, that doesn’t reflect the full extent of the damage that could have been done. Perhaps some accounts were compromised where they didn’t bother deleting notes, which is something GGG is currently investigating.

Thousands of people play PoE2, and thousands use Overwolf for this or other games—are they all compromised? xD

I’m not defending Overwolf because I like it, I’m just pointing out that it’s highly unlikely it was the cause, especially since it can’t bypass 2FA even by stealing files. As I mentioned earlier, with a quick Google search, you’ll find that even with stolen session files, 2FA remains intact.

Take a moment to review the post and replies—there’s enough information here to help you understand what’s going on! xD

Also, how do you know how their account systems work? For example, I got kicked out of Steam for 2 hours, then was able to log in just fine to both PoE and Steam. Perhaps logging into my PoE through SteamID temporarily locks my Steam account because I can’t be logged in from two places at once. Or maybe they check my Steam session ID, which essentially acts as my password and email for PoE.

"

Crainus#7059 wrote:

What’s your point here?

My point here is same as 5 my messages before, PoE admin account WOULD NEVER grant anyone access to your Steam account and your case is not related to GGGs fuckup.
Second part of my point for everyone else - never ever ever install kernel level software on your PC if it's not opensourced or from TRUSTED publisher, and Overwolf is definetly not the one.

"

Feel_Fried#1014 wrote:

"

Crainus#7059 wrote:

What’s your point here?

My point here is same as 5 my messages before, PoE admin account WOULD NEVER grant anyone access to your Steam account and your case is not related to GGGs fuckup.
Second part of my point for everyone else - never ever ever install kernel level software on your PC if it's not opensourced or from TRUSTED publisher, and Overwolf is definetly not the one.

especially since it can’t bypass 2FA even by stealing files. As I mentioned earlier, with a quick Google search, you’ll find that even with stolen session files, 2FA remains intact.


Also, how do you know how their account systems work? For example, I got kicked out of Steam for 2 hours, then was able to log in just fine to both PoE and Steam. Perhaps logging into my PoE through SteamID temporarily locks my Steam account because I can’t be logged in from two places at once. Or maybe they check my Steam session ID, which essentially acts as my password and email for PoE.

"

Crainus#7059 wrote:

Also, how do you know how their account systems work? For example, I got kicked out of Steam for 2 hours, then was able to log in just fine to both PoE and Steam. Perhaps logging into my PoE through SteamID temporarily locks my Steam account because I can’t be logged in from two places at once. Or maybe they check my Steam session ID, which essentially acts as my password and email for PoE.

you can be logged into Steam from any amount of devices at the same time and you will see in Steam that someone is playing games on it as well.
"how do you know how their account systems work" their who? Steam? Steam is not granting access to game publishers to Steam accounts system LOL as I said before it's same if cashier in store get access to your bank account after you payed with card it's same level of impossibility and it's not how it works xD
steam games are using SteamAPI to check licenses, but you can't get any Steam login info back from it.

"

Feel_Fried#1014 wrote:

"

Crainus#7059 wrote:

Also, how do you know how their account systems work? For example, I got kicked out of Steam for 2 hours, then was able to log in just fine to both PoE and Steam. Perhaps logging into my PoE through SteamID temporarily locks my Steam account because I can’t be logged in from two places at once. Or maybe they check my Steam session ID, which essentially acts as my password and email for PoE.

you can be logged into Steam from any amount of devices at the same time and you will see in Steam that someone is playing games on it as well.
"how do you know how their account systems work" their who? Steam? Steam is not granting access to game publishers to Steam accounts system LOL as I said before it's same if cashier in store get access to your bank account after you payed with card it's same level of impossibility and it's not how it works xD
steam games are using SteamAPI to check licenses, but you can't get any Steam login info back from it.

PoE's account system xD