I logged in today fresh after reset only to have the horrible realisation that my toons were wearing gear that I did not log them out in. They were all separated and standing outside mailboxes. Sure enough Gold was reduced to silver, all gear except undisenchantable stuff was stripped, badges, honour and arena points were 0...

My quandry is that I switched to Battle.net on the weekend. Other than that I had hardly been near a computer let alone played them since then. They have all gotten the Mr Penguin pet and login screen has changed to battle.net so it was all obviously legit. I can't help but think that if I hadn't had to do this however, my accounts would still be secure, or at worst only 1 of them would have been compromised let alone all 5...

Have put in a GM ticket. Will look more into any other action that needs to be taken, but would aprpeciate any advice from others that have been hacked.

:(:mad::(:mad::(:mad::(:mad:

that sucks.


advice?


AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR
AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR
AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR
AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR
AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR AUTHENTICATOR

Actually ordered one during my account conversion process, but living in Australia it is still in the mail. My main issue is that if I hadn't had to convert to goddam Battle.net it seems very unlikely that this would have happened...

Actually ordered one during my account conversion process, but living in Australia it is still in the mail. My main issue is that if I hadn't had to convert to goddam Battle.net it seems very unlikely that this would have happened...

hahaha that sucks. you're going to have your authenticator arrive in the mail while you account is banned for being hacked. Life can be a B sometimes. Good luck getting it back in order. There's been quite a few multiboxers here that have been hacked, so I'm sure you'll get some tips on who to contact and how to get it back fastest.

How do you corellate (sp) converting to B.Net with you being hacked?
Normally you get hacked when something like this happens.... Go to website A for free cookies! *Click* MmmCookies, Oh a trojan / keylogger mmmm...
Wake up next morning to naked toons ;)

Make sure you scan you PC, because eventually you will just get rehacked (they aren't stupid they will wait for you to get the stuff back and relog in)

Happened to me just before I started boxing, what caused me to switch TO B.Net, it's more secure, if nothing else for the ability to change your security Q...

Yeah I know the classic hacking scenarios, but this is really not the case. The PC I use for boxing I ONLY use for WoW, it was bought and built purely for this.

The correlation between B.net and the hacking is that the only website that I have put my wow information into happened to be the b.net conversion page 3 days prior.

Now I don't necessarily think that had been compromised in any way. I do not run any other executables associated with WoW or otherwise on the computer, I have just finished a full scan (done weekly) which has come up clean so I really have nothing else to go on.

What I am 100% sure on however is that prior to converting to B.net I had 5 separate WoW accounts with different usernames and passwords. I now have 5 accounts linked to the one username and password and the username is an email address. In the past if I had an account compromised it would have bene 1 of 5 only rather than all 5 as in this case. So whether the conversion was the cause or not (and it is only the fact that the conversion had occurred so recently to the compromise) it definitely increased the vulnerability of the accounts.

How do you corellate (sp) converting to B.Net with you being hacked?
Normally you get hacked when something like this happens.... Go to website A for free cookies! *Click* MmmCookies, Oh a trojan / keylogger mmmm...
Wake up next morning to naked toons ;)

Make sure you scan you PC, because eventually you will just get rehacked (they aren't stupid they will wait for you to get the stuff back and relog in)

Happened to me just before I started boxing, what caused me to switch TO B.Net, it's more secure, if nothing else for the ability to change your security Q...

Not sure how having one single username and password for ALL of your accounts is necessarily more secure though...

Are you really one of the people who used a different password for all of your accounts though? Really?

So the biggest problem/change is the user name in reality 1 for 5, yes a problem, but again the ability to change the secret Q / A is huge, reason I was hacked twice, and CC was charged for a character xfer to give the guy the stuff on his realm I guess, I couldn't change my security question so he could just keep logging my email. so I had to scrap all my old stuff and start over. In the end 5 account names can be accessed by the virus easily if you store the info, and if you do not, well then all you have to do is key log it, since you would type it in every time, read the general dicussion complaint about the guy who got hacked on a bnet account, some good suggestions on what to avoid/look for or use in there

Is it just coincidence that the two people having bnet problems while getting hacked have the username Void and Noids?

Remember that pizza comercial (domino's?) with the theme "Avoid the Noids"?

http://www.youtube.com/watch?v=jVeNr9aE8cU

yah, don't know why or how i put that together.

purely coincedence... theres not alot of advice to give. get those tickets in to get your stuffs back, and hope that authenticator gets there quickly. find some aintvirus/malware protection to keep other infections from ruining your pc.im sure you were careful enough with the sites you happened to visit, but people can and do put keyloggers in just about any ad. the chances of getting one for wow without visitin wow sites is extremely low, it is possible.

well i got my account back but still waiting for all my gear back. blizzard is taking their sweet ass time. i just want my 3 pieces of pvp so i can get my 5v5 going again ugh

but people can and do put keyloggers in just about any ad. the chances of getting one for wow without visitin wow sites is extremely low, it is possible.

Those two sentences are contradictory. Keylogging MMO accounts, not just WoW, is business, not entertainment. These keyloggers aren't coming from some jerk in your English class looking to watch you have a nerdrage event. They are coming from companies that make money off of selling gold from MMOs, fake or stolen credit cards, money from bank accounts, ebaying crap purchased via compromised bank accounts. To them, there's no difference between a WoW account and a Bank of America account. The people using your WoW account are probably no more than 3 cubicles away from the guys selling your aunt's credit card numbers.

Blizzard hacked your account in order to get you to buy an authenticator. Its true, my mates dad read it on the internet. Were going to write a book about it centitled "Blizzard: The real truth."

...

Sorry i thought this was the shit conspiracy theories forum.

Blizzard hacked your account in order to get you to buy an authenticator. Its true, my mates dad read it on the internet. Were going to write a book about it centitled "Blizzard: The real truth."

...

Sorry i thought this was the shit conspiracy theories forum.


Blizzard and the Art of Gold Selling....

World of Warcraft Account Sales and You: Who Really Buys Your Accounts?

Hacked?! Find Out By Who: The Secret Blizzard Won't Tell Us!

Ni Hao, The True Gold Sellers.


>.> <.< *Places tinfoil hat on head*

Blizzard and NCSoft, What they won't tell you.

I'm done I promise... Glide Bot: The True Masterminds Behind the Bot Program!

Blizzard hacked your account in order to get you to buy an authenticator. Its true, my mates dad read it on the internet. Were going to write a book about it centitled "Blizzard: The real truth."

...

Sorry i thought this was the shit conspiracy theories forum.


Heh, funny you should say that, when I told my wife about it (she understands very little about online gaimng let alone boxing :P) that was the first thing she came up with :P

I guess I have been lucky really in that I never actually lost control of my accounts, they were just scraped cleaen when I logged in. I immediately logged out and changed all of my security settings etc.

My problem with the keylogger/virus theory is that this is basically a quarantined computer. All of my email, web browsing etc. is done on my laptop. The only site I had been to in the past week had been the battle.net site. Other than that I run isboxer, innerspace and curse client as executables and thats it.

Either way, I have taken the opportunity to finish my water cooling system today, clean my hdd and install Win 7. The cooling is up and running I have had a bit of fun overclocking and feel a little calmer about the situation. Hopefully for me it is just a matter of them rolling my accounts back to Monday night (do they roll the whole account back or just the toons you request) and all I will have lost is a couple of days worth of raiding and dailies.

Cheers

i got mine hacked. I emailed, i did all this stuff but it took them forever to respond.. friend told me to call the blizzard number.. so i was like fine..
SURE ENOUGH!!!

in around 5 minutes my accounts were restored, the ban lifted from them, and all my stuff was back to what is was before i was hacked (they can set it back like 10 hours or even like 12 months, to where u last played before getting hacked.. easy simple,.. seriously around 5 min.

Those two sentences are contradictory. not really. the point is that you can get keyloggers from alot of different places. however the possibility of getting one thats trying to catch your wow account info from a site for say cars is very low. people dont do this just to get ANY information. they focus on specific things...

Actually ordered one during my account conversion process, but living in Australia it is still in the mail. My main issue is that if I hadn't had to convert to goddam Battle.net it seems very unlikely that this would have happened...

Does that mean this needs to be posted again? :P

I'm wondering how many people will get hit by password brute force attacks now that the login is easy == your email

ie harvest email addresses from forums and other sources; then brute force dictionary attacks against said email... I wouldn't change to bnet unless you have an authenticator (sw or hw) or a really strong totally random password (and not keyloggers/viruses/...)

Yeah I guess that was my main issue. I have had my email address for over 15 years now and god knows I haven't always protected it as well as I should previously. Saying that the password I used was a 10 digit random combination of alphanumeric characters that I can't see would be susceptible to that sort of attack.

My only other mistake I guess was that this password was one that I had used on one of my accounts prior to converting. So if they had previously had that but not the username, it was now fairly simple to put the two together.

On a sidenote, I have had one donotreply email response from blizz saying they got the message and another one saying they had reset my B.net password and that is it. Any idea how long it normally takes for them to restore my gear and if this is a fairly straightforward process?

Cheers

From my experiance helping others through this experiance, It Honestly veries, Usually you can see characters returned in short order if they have been transfered off server, or deleted, But gear being returned usually can take a week to 4 weeks to trickle in.

Bugger... its been 2.5 days now and not a word other than the autoreplies from Blizz.

My 5 accounts each have 5-10 characters on them, all alts that I have played in the past. Every single one of them has been stripped to the point that they are unplayable and in general naked. If I pooled absolutely everything that I have left and vendored it, I might be able to buy 1-2 pieces of green armour so that I can go questing or something. Maybe its time to ask guildies for a loan, but I really despise doing that.

Do they generally return gold as well as items. Do they return emblems, honour and arena points?

This is what irritates me about Blizzard. B.net login is an email address? And can other users 'friend' you based on your login name? This is what I really liked about the pre-b.net system for WoW - NO ONE knows your login name unless you give it out or it's keylogged. I haven't converted to b.net yet, and I'm not too happy about the change.. looks like I'll be creating a new email address JUST for WoW, and it won't be handed out anywhere or to anyone.

Yesterday, I did the B.Net conversion.

One B.Net account per WoW account.
My single authenticator lets me log in to each simultaneously.

Each of the emails is created with my service provider.
Did not want to use a free service, like say hotmail, which sells email addresses.
Made the addresses long and semi-random, to make it harder to guess them.
And will not send anything to or from them either.
Pretty much used exclusively for wow and nothing else.
And have the authenticator connected of course.

But, as pointed out in the other thread...
How many people use the same email for a lot of things?

Yesterday, I did the B.Net conversion.

One B.Net account per WoW account.
My single authenticator lets me log in to each simultaneously.

Each of the emails is created with my service provider.
Did not want to use a free service, like say hotmail, which sells email addresses.
Made the addresses long and semi-random, to make it harder to guess them.
And will not send anything to or from them either.
Pretty much used exclusively for wow and nothing else.
And have the authenticator connected of course.

But, as pointed out in the other thread...
How many people use the same email for a lot of things?

Are you saying that the email you used for your bnet account is different than whats on your WoW account? If so, can this be a potential problem?

Drommon

Are you saying that the email you used for your bnet account is different than whats on your WoW account? If so, can this be a potential problem?

Drommon


The email address you use for your Battle.Net account becomes the email for your WoW accounts. And your login.

Your personal contact email address can be different than your b.net email address/account name.

I have an email through my service provider.
I also have an email through yahoo and another through hotmail.

Pretty much use the hotmail, when you need to enter an email address, but wouldn't want to actually enter your own.
Conversely, the one through my provider is used by friends/family, to contact me.

I get 10 email addresses through the provider.
So just created 5 new ones, which are now the B.Net user names for my accounts.
These emails have never sent anything, any have only received the Blizzard B.Net confirmation email.

I won't use them to send anything.
Or as a username/email anywhere on the web.

It's not perfect, but guessing a username and a password combination, is a bit hard.
Already knowing the username, allows for brute force password attempts.
I suppose a keylogger could learn either, but that's what the authenticator is for.