Jump to content

Hacked!


Fatherpeteus

Recommended Posts

Apparently, I've been hacked. I just noticed a volley of emails in my inbox, and it looks like someone figured out my password (keylogger?), changed it, transfered at least my tankadin to another realm (paid transfer - Yeah right), and got the account closed for using whatever crap mods they use (maybe they were botting for gold with Brightpetra, who knows.)

 

I'm sure the ~40,000g I had is gone, all my gear vendored, and all that good stuff. My account has been "closed"... I don't even know what that means, although I cling to a slim reed of hope that somehow Bliz cut off access to the account before the toons were too badly sabotaged to make playing the game fun upon recovery.

 

WTF. As you can imagine I'm pissed, as I wait for a response from Bliz account management.

 

How should I go about expunging the keylogger, in the meantime?

 

QQ

Edited by Fatherpeteus

Share this post


Link to post
Share on other sites

  • Replies 66
  • Created
  • Last Reply

Top Posters In This Topic

Thats rough man sorry to hear that. About the keylogger you can use webroot spysweaper to do it there is an option you have to check to tell it to look for keyloggers. There use to be a 30 day trial of it but i dont know if they still do that.

Share this post


Link to post
Share on other sites

Also, wtf is up with 2-hour turn-around on character realm transfer? I was logged in until ~4am last night, and Bright was apparently transferred at 6am (although the timezones could be confusing that, but it was clearly only a few hours, and overnight at that). Is there no wait time on character transfers? That would seem like a useful line of defense against hacking, even if their customer service really is that good (I thought it took a few days.)

 

Or does it mean that the thieves have been messing around with my account for a while, while I was still playing, setting the stage for their big move last night?

 

I'm not sure which is worse. Just for interest's sake, I guess.

Share this post


Link to post
Share on other sites

I cannot answer any of tour questions but this is really bad. Did you have antivirus on while playing and firewall?

 

You scare me Father I don't ever want that to happen. For most part people who were hacked in FP were sharing accounts with ''friends'' but this one seem extremely bad.

 

How do we protect ourselves against that? :(

Share this post


Link to post
Share on other sites

Aigle - I've never told anyone my password, or written it down. I do use the same password for some other systems - Only those you would expect to be secure, like mainstream on-line shopping, work accounts, etc. I don't think I use the same combination of username/password anywhere, which makes me think keylogger as opposed to some site selling my account info.

 

I run Norton AntiVirus (typically with realtime protection off for WoW performance, but it scanned on Tuesday), and Spybot Search and Destroy (running realtime, it blocks stuff from web sites all the time.) Windows firewall, and no personal router.

 

----

I wonder if hoarding all that gold made me a huge target (I wasn't running around advertising it), or if they just use whatever account info they can get. I suppose any gold farmer would love to get his claws on a geared tankadin regardless. Meh.

Edited by Fatherpeteus

Share this post


Link to post
Share on other sites

Only other level of protection is getting a blizzard authenticator, its an extra level of security where if your password is ever compromised they will not be able to edit your account or characters unless they had the 6 digit key which changes every 5 seconds.

Share this post


Link to post
Share on other sites

...And of course they charge you a premium rate for that (what is it, an additional $6 per month?) And it only protects you from having your password changed - The thief could still have stolen all my gold and vendored all my gear, and simply mailed it all to their L1 gold spammer account. I probably would have woken up to the same mess I have now - Just out the extra $6 per month.

Huh. I stand corrected... If I knew it was a $6.50 one-time fee I would have done it long ago!

Meh... Too late now, to help with this mess.

 

Just got off the phone with a billing person who was fairly helpful - She mentioned that the charge for the realm transfer "is not connected to the regular monthly account fee billing", so it's probably on the thief's credit card rather than the one I have on file (so at least they aren't billing me for being robbed.) The other interesting bit of advice was to change my email password stat, because typically the thief will have gotten access to my email first (via their keylogger) so that they can make password changes and such, that send authentication info to the email account. And of course, I need to check my bank accounts and such (actually I'm hesitant to do so from this PC right now - I may be safe from someone dipping into my real money only because I haven't logged in to my on-line banking recently!)

Edited by Fatherpeteus

Share this post


Link to post
Share on other sites

It's a one time fee of $6.50

 

It protects your account period. When you log in to wow an additional window pops that asks for your access number. Same for the account manager on the website, another screen opens before you can even get into it.

Share this post


Link to post
Share on other sites

I got one for my account it's great, the only thing that sucks is if you disconnect a lot in a short time its annoying having to enter the key in each time, but it does it's job and Blizzard has zero record of someone being hacked when they have an authenticator to their account. Just remember it does it's job if you lose it or forget it somewhere you cannot log in. You have to call support if that happens and you want to log in :)

 

 

Share this post


Link to post
Share on other sites

Just talked to a dude from my internet provider, and he said "small world, my bank got cleaned out two days ago by someone who stole my credit card number at a small gas station in Toronto!"

 

Yep... A small, and hostile world. :(

 

---

Now I'm just blogging, but wtf else is a guy to do? :P Just tried to look up my toons on Armory (actually I can't get armory to load, but looked through http://be.imba.hu/ ("Be Imba" - A cool optimization site). None of my toons can be found. I don't know if that's because the account was closed (probably), or if they were all deleted out of spite.

 

QQ

Edited by Fatherpeteus

Share this post


Link to post
Share on other sites

I too have the Authenticator. This could be the best $6.50 I have spent in my life without exaggeration. I'm sure alot of people remember that I was hacked right before BC so I know what its like. I think that being able to put iron clad protection on something I have wasted errr... put this much time into is totally worth it.

Edited by Daghostmaker

Share this post


Link to post
Share on other sites

good lord Pete ><"

 

It's so weird, last night Sauce, Fifi, Rosh, and I were up pretty late ~4am-ish (5 server) and I remember looking at the guild list and still seeing you on too and thinking 'Damn, Pete's up late!'. Keep us updated, and if there's anything you need help with, I'm sure there are quite a few of us that would be more than happy to do what we can for you! <3

Share this post


Link to post
Share on other sites

Thanks for the kind thoughts Memphis! *hugs*

 

Yeah, I logged off a little before 4am server iirc, so if someone was in the guild list at 5 it was the hacker, busily cleaning out my stuff. Too bad you didn't say hi at the time! (How's your Mandarin?)

O_o

 

----

Blog update - I've loaded a new (to me) virus/spyware scanner from my internet provider called "F-Secure", and so far it's found 8 spyware instances that Spybot missed earlier this afternoon. Who knows if any of them is the culprit - I'm not sure if I would recognize a keylogger when I see it.

 

----

Follow-up - All eight were tracking cookies, that don't look like keyloggers. So now I don't know if I'm still being logged or not!

:(

Edited by Fatherpeteus

Share this post


Link to post
Share on other sites

Father when you are back I will give you gold so you can come back to playing decently. I'm not broke so I can help. Unfortunately for the items it is another story. Well I will run you any instance you want anyway.

Share this post


Link to post
Share on other sites

When I was hacked, my gold/gear was gone and one of my toons was deleted. Asked Blizz to do a 1-time Full account restore to the hour before it was hacked. Boom, everything was back. Try to sweet talk to Blizz phonemonkey into giving you one. You can only do 1 of those restores for the life of your account, so if too many things is out of whack, go for it.

Share this post


Link to post
Share on other sites

I just went to my Doctor's and had a chip inserted into my neck. Whenever I am asked for any kind of password anywhere in the world I feel this strange burning on my neck.

 

Best decision I ever made.

 

Um are you running Firefox with NoScript and Keyscrambler out of curiousity? And Spybot is horrible for keyloggers imo..gogo authenticator..gl

Edited by Booyaah

Share this post


Link to post
Share on other sites

Try to sweet talk to Blizz phonemonkey into giving you one.

 

what?

Share this post


Link to post
Share on other sites

Damnit pete, why'd you have to go and get hacked? That totally sucks bro and when you are back I'll help you get regeared and pass some money over if you need it, but the NIGHT we are going for the undying? lol *cries*

Share this post


Link to post
Share on other sites

Sorry to hear about this. I had my account hacked back in BC, and while I got almost everything back, from what I hear this is not very common.

 

It can be frustrating dealing with Blizz in this situation but just work with them and I'm sure you can get something back.

 

Good luck

Share this post


Link to post
Share on other sites


×
×
  • Create New...
[[Template core/front/_liskoduje/liskodujeJS is throwing an error. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]]