Diablo 3 Forum Filling with Hacking Complaints; Stolen Items

Page 3 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
Status
Not open for further replies.
I have a friend who had his wow account hacked 5 times, i took his machine in my shop zeroed the hard drive installed windows xp, then wow had him change his password to uppercase,lowercase,numbers and secret questions his account was hacked that same day again.
Having been in the computer security field for over 20 years i know for a fact even using a server that inspects packets and ports that he had no keyloggers or trojans or viruses logged every incoming and outgoing connections.
Sure some could be users fault trojans,keyloggers,phishing but how do they explain what has happened to my friend?, funny thing is they gave him a free month now if it was his fault they would have not given him the free month.
 
Many MMORPG games where real money can be made, have always had a history of sidejacking attacks, and diablo 3 is managed in a similar way for DRM purposes, but this also results in a centralized location for exploitation.

they should have at least some kind of tracking feature where each and every item has a unique idea where a tree style map can be formed when items are stolen, then the entire map can be undone

eg stolen item goes from hacker 1, and is sold to random player 1, random player 1 then then gets tired of it and sells it to random player 2, blizard finds that it is stolen and reverses all transactions related to that item and the hacker gets a hardware ban
 
If the hack is indeed server side battle net session id spoofing they don't need your username or password it may be possible.
Also note banks and virtual banks were broken into and money stolen just look at bitcoin that was hacked into not long ago and 500,000 was stolen.
 
When I played rift, my account was hacked. I do not belong to any communities on the net to compromise my data, i always have my antivirus on, not to mention that every week i sweep through my hard disk for keyloggers and anything similar. Still my account was hacked. My first email was that i was responsible for compromising my own security data, but when the forum was flooded within 3 days for thousands of accounts having been hacked they basically shut up and took them 2 weeks to restore me back to my previous state..... that being at least 3 to 4 days of gameplay gone wasted...... Welcome to the wonderful world of online gaming, where security is their primary concern (not getting money from customers). Coming from a company that has earned billions from their customers this is simply unaccepteable......... Rift developers took another step further to counter this by locking your account if the ip greatly differed from the one that usually logs onto your account management. They of course must have also copied this from others..... launching such a popular game without having taken these simple precautions speaks volume of how they care for money first then customers..... Honestly where is the protection for customers?

They have just proved to their customers that they keep failing in every respect. I did not buy Diablo3, will not if a single player game requires online crap like this.
 
[citation][nom]bgaimur[/nom]I'd also like to point out that while the Blizzard Authenticator is not a fool-proof method to prevent your account from being compromised, it's absolutely going to protect you from almost every traditional method of account compromise. Beyond that, Blizzard also has SMS protection, where your text-enabled cellular device will be notified and requested for permission before making any account changes, or before any suspicious (read: chinese IP addresses/random computer logging into account) computers log into your account. But yeah, Blizzard is to blame for a few people's accounts being compromised.[/citation]

blizzard is pretty good on security, but the sms authenticator is a joke, i hadd it activated on my account when playing WoW and got hacked 3 days later. note this was in the current cataclysm and i'd used the same password up till that point, when I changed to sms i changed my password that same day on my home computer which while not fort knox is clean. a few of my guildies who switched to sms also got hacked the same week and we all activated it through our bettle.net accounts.. they got over 600k gold from my account alone along with items and sold off several characters. I got them restored btu they didn't restore all my inventory items which annoyed me. I did change to authenticator and that has worked pretty well.

as for diablo 3 i wouldn't have bought it is it wasn't free when i renewed my annual pass, i wasn't planning to use it till the offer an offlien version but have played a bit, glad i haven't put much time in it as several guild mates playing it who use sms and authenticators are still getting hacked several of which are programmers and data base administrators who know how to keep their systems clean... i don't think its happening due to user error or "traditional means"
 
[citation][nom]mrpijey[/nom]Perhaps you should put things into perspective... Duke3D, Doom etc were coded by 3-4 guys, done over a few months and fit on a floppy or two. Todays games employs thousands of people, costs in the millions to develop and take years to put into shape. Not to mention the far greater tech employed into the games. Also, those games you mentioned had their amount of patches and serious bugs too, but it's a lot easier to debug some 20-30MB of code than several gigabytes of code. I've worked with these things, debugging Doom could be done in a weekend over a few cups of coffee, would you be able to do the same with Diablo 3? Or any modern game for that matter?[/citation]

But see that's the thing. As the complexity increases, so does the workload but so does amount of people on the job therefore it would seem logical that the debugging process would take a proportional amount of time or even less with all the development companies' resources thrown at it (instead of one guy coding the game, you have ten). Yes the games I mentioned had patches, but I was able to play them to completion without those patches. When the patches did come out, I didn't have a need for them.


 
[citation][nom]Brandon S[/nom]Why do they keep showing the same fat guy that reminds me of the World of Warcraft episode of South Park[/citation]
Your Disrespect of Boogie shall not be Tolerated. EDUCATE YOSELF FOO!!
 
[citation][nom]dronxlr8menowwhat[/nom]Just want to point out...if everyone hates this Always Online feature ... and the Gaming industry is WATCHING to decide if it is a viable trend...then disconnects, hacking and mass customer unhappiness is in fact THE BEST THING!I haven't even bought the stupid game, but I genuinely hope this always online crap does not catch on; or if it does, there are swift cracks for it so I can play my purchased games offline.[/citation]

amin
 
[citation][nom]g00fysmiley[/nom]blizzard is pretty good on security, but the sms authenticator is a joke, i hadd it activated on my account when playing WoW and got hacked 3 days later. note this was in the current cataclysm and i'd used the same password up till that point, when I changed to sms i changed my password that same day on my home computer which while not fort knox is clean. a few of my guildies who switched to sms also got hacked the same week and we all activated it through our bettle.net accounts.. they got over 600k gold from my account alone along with items and sold off several characters. I got them restored btu they didn't restore all my inventory items which annoyed me. I did change to authenticator and that has worked pretty well.as for diablo 3 i wouldn't have bought it is it wasn't free when i renewed my annual pass, i wasn't planning to use it till the offer an offlien version but have played a bit, glad i haven't put much time in it as several guild mates playing it who use sms and authenticators are still getting hacked several of which are programmers and data base administrators who know how to keep their systems clean... i don't think its happening due to user error or "traditional means"[/citation]

I was being critical of Toms' report, as it assumes that the users whose accounts have been compromised have in fact used all of the above methods of protecting their accounts. Reports from Blizzard suggest that these accounts have ALL been deemed compromised through traditional methods of compromising. This is not a news article, this is a lot of people angry over their accounts being stolen, and broad-stroke speculation that there are HUGE security holes in the game.

As far as your friends' friend whose dog heard someone say at the mall that their friend got hacked while using SMS protection and authenticator, as well as the secret service monitoring their account, and only connecting via encrypted VPN tunnels located in a secured underground bunker... it's only as good as the source it's coming from. Hearsay isn't evidence :\
 
Whatever this DDOS thing is, I believe I got hit with it yesterday. I have only been playing single player so far. I got home from work yesterday, fired up D3, authenicated, got in, then all of a sudden I got dropped from the game. I tried to get in again and then got this error 3007. I thought ok, it is after work, maybe lots of folks are on. I went to Google and got nothing. I thought this was just my ISP being crappy, but I haven't had any problems with them, except when they are working on the lines in the area. Maybe twice in a year. After a while I was able to get on Google, but it was insanely slow. Wound up getting fed up and just went to the gym. Maybe I'll be in for a surprise when I log in this evening. I am guessing that since I don't interact with others, they are pulling ips from the battle servers somehow.

If I got hit with this, I think it will be time to demand a refund. I mean I only play single player and I should be shielded from this kind of stuff since I don't even play with others. I can see when multiplayer or mmorpg addicts get hit with this, they kind of bring it on since they are intereacting with strangers (and sometimes the Chinese gold hacking groups I read about, I mean come on, this is supposed to be a game for de-stressing, not a cut-throat back-stabbing business), but single players???? This is crap!

All I want is the frigging single player experience. I sure hope that "no online" crack comes out soon.
 
This very thing happened to a buddy of mine, however his story has a happier ending. After contacting Blizzard support they did some investigating and ended up catching the guy who hacked his account. Ended up being some dude from New York pulling the crap. Dunno if he is the same dude that hacked them all, but at least one is off the grid.
 
How many of the hacked accounts had an Authenticator linked to the account?
 
[citation][nom]hotsacoman[/nom]It used to be that in the past when a game was released, it was pretty much done. Never had any problems with Doom, Duke 3d, Quake, Unreal or any of the great shareware games of the day, even without their patches. Now its obligatory to wait for the players to do ALL the testing for the game and MAYBE 3 - 4 patches later, the game will work as it should. I'm never buying games on launch day ever again.[/citation]

Absolutely.
I believe that in the days before cable/dsl, that game releases HAD to work better. Now the companies no longer QA their products and just throw in DRM and an autopatching system.

It could also be said that more effort is being put into the "quality" of the DRM than making the game work right: If you're going to release a bug-laden product as 1.0 that you know will get pirated, then why invest effort into fixing the problems prior to release? Just the DRM shield and patching system to fix the software 4 months later so the paying customers have a working product.

Then overhype it on release day, knowing it's broken, get the cash flow. Then "apologize" for the business decision to not pay for testing of the 1.0 product. The risk management assessment wins since customers cannot return open software.


I **NEVER** buy a game on opening day 1.
Same rule for Windows and waiting for the service pack here...
 
[citation][nom]siuol11[/nom]One more thing; Bnet is down for maintenance, maybe they are checking it out.[/citation]
It's Tuesday - normal maintenance day
 
[citation][nom]spectrewind[/nom]I **NEVER** buy a game on opening day 1.Same rule for Windows and waiting for the service pack here...[/citation]

With few exceptions I am right with you there. I'll wait and try the demo or at least open beta and certainly wait for Windows ?? SP1 before I upgrade my OS.
 
[citation][nom]wildkitten[/nom]This one can't be swept under the rug. Joystiq just had an article that even employees of gaming magazines are suffering this and because WoW uses the same authenticator system, it's not happening to WoW accounts.Either someone is investing a lot of money into doing widespread MitM attacks or someone found a way to bypass the authentication system.[/citation]

This has been happening to WOW accounts for YEARS! Can't tell you how many times I have heard friends complain about their accounts getting hacked same setup even. Guy goes in liquidates all of the gear and gold and can even get you kicked/banned for selling the stuff in-game. Blizzards, even with their "authenticator", security is a JOKE!
 
I had an issue the other night. I was kicked from my gaming session because someone else had logged into my battle.net account from a different computer. I changed my password at launch and it was a PW with caps, lowercase, and numbers. I also have the sms protect on my account. It was luck that I stayed up till midnight on a work week to play. I was able to log into my account change the password and log back into Diablo within a minute and nothing was taken.
 
[citation][nom]bryonhowley[/nom]I will pay for it but I will not buy this one until there is a offline crack out! I do not play online will never play online.[/citation]
at least add lan, or private gaming between rl friends.
 
[citation][nom]sinclaj1[/nom]Just another reason Torchlight 2 is going to clean up.[/citation]
I preordered mine already...just started playing the original torchlight now too. great game.
 
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom