Website Feedback
Closed Threads
IRC Chat
irc.quakenet.org #teamliquid
IRC Web ClientTeamSpeak 3 (100 users) | |
|
| Charger United States. May 25 2012 00:04. Posts 2347 | Profile Blog # |
Recent blue post about all the recent issues: http://us.battle.net/d3/en/forum/topic/5149181449#1
Over the past couple of days, players have expressed concerns over the possibility of Battle.net® account compromises. First and foremost, we want to make it clear that the Battle.net and Diablo III servers have not been compromised. In addition, the number of Diablo III players who’ve contacted customer service to report a potential compromise of their personal account has been extremely small. In all of the individual Diablo III-related compromise cases we’ve investigated, none have occurred after a physical Battle.net Authenticator or Battle.net Mobile Authenticator app was attached to the player’s account, and we have yet to find any situation where a Diablo III player's account was accessed outside of “traditional” compromise methods (i.e. someone logging using an account's login email and password).
To that end, we’ve also seen discussions regarding the possibility of account compromises occurring in ways that didn’t involve these “traditional” methods -- for example, by “session spoofing” a player’s identity after he or she joins a public game. Regarding this specific example, we’ve looked into the issue and found no evidence to indicate compromises are occurring in this fashion, and we’ve determined the methods being suggested to do so are technically impossible. However, you have our assurance that we’ll continue to investigate reports such as these and keep you informed of important updates.
The best defense against account theft still includes smart password management (e.g. using a unique password for every site/service and keeping your password to yourself) and scanning for malware and viruses regularly, as well as following additional preventative steps found here. In the end, while no security method is 100% foolproof, the physical Battle.net Authenticator and Battle.net Mobile Authenticator app are great ways to provide your account with an extra layer of protection.
We hope this update has addressed some of the concerns you’ve had. In the end, we simply want all of our players to be able to fully enjoy Diablo III, and we’ve been working around the clock to address issues as quickly and efficiently as possible. We appreciate your continued support and enthusiasm, and we hope you and your friends are having a blast slaying Sanctuary’s demons.
|
| | It's easy to be a Monday morning quarterback. (屮◣_◢)屮 Charger#1101 |
|
|
| trainRiderJ United States. May 25 2012 00:13. Posts 563 | Profile # |
On May 25 2012 00:04 Charger wrote:Recent blue post about all the recent issues: http://us.battle.net/d3/en/forum/topic/5149181449#1
Show nested quote +Over the past couple of days, players have expressed concerns over the possibility of Battle.net® account compromises. First and foremost, we want to make it clear that the Battle.net and Diablo III servers have not been compromised. In addition, the number of Diablo III players who’ve contacted customer service to report a potential compromise of their personal account has been extremely small. In all of the individual Diablo III-related compromise cases we’ve investigated, none have occurred after a physical Battle.net Authenticator or Battle.net Mobile Authenticator app was attached to the player’s account, and we have yet to find any situation where a Diablo III player's account was accessed outside of “traditional” compromise methods (i.e. someone logging using an account's login email and password).
To that end, we’ve also seen discussions regarding the possibility of account compromises occurring in ways that didn’t involve these “traditional” methods -- for example, by “session spoofing” a player’s identity after he or she joins a public game. Regarding this specific example, we’ve looked into the issue and found no evidence to indicate compromises are occurring in this fashion, and we’ve determined the methods being suggested to do so are technically impossible. However, you have our assurance that we’ll continue to investigate reports such as these and keep you informed of important updates.
The best defense against account theft still includes smart password management (e.g. using a unique password for every site/service and keeping your password to yourself) and scanning for malware and viruses regularly, as well as following additional preventative steps found here. In the end, while no security method is 100% foolproof, the physical Battle.net Authenticator and Battle.net Mobile Authenticator app are great ways to provide your account with an extra layer of protection.
We hope this update has addressed some of the concerns you’ve had. In the end, we simply want all of our players to be able to fully enjoy Diablo III, and we’ve been working around the clock to address issues as quickly and efficiently as possible. We appreciate your continued support and enthusiasm, and we hope you and your friends are having a blast slaying Sanctuary’s demons.
Not a big surprise there. People are unwilling to admit they might have a keylogger or have responded to a phishing email. Here are some steps I suggest. Some may be easier than others:
1) Get the Blizzard Authenticator if at all possible. This should be your highest priority.
2) Use a unique username/password combination for Battle.net. Just because Battle.net is secure doesn't mean every forum and website you visit is, and if they are compromised hackers will try those logins on Battle.net, Steam, Paypal, etc.
3) For antivirus use Microsoft Security Essentials, Avira, or Avast (my preference in that order and they are all free). Be sure it updates on a regular basis.
4) Use Gmail
5) Use Firefox + noscript, or at the very least don't use Internet Explorer
6) If you've already been hacked, just bite the bullet and reformat. I know it's the "nuclear option" but it will probably be easier in the long run.
7) Ditch Windows XPLast edit: 2012-05-25 00:14:39 |
|
|
| Tanukki Finland. May 25 2012 01:34. Posts 502 | Profile # |
| Yea, having observed the situation for the past few days and now seeing Blizzard's response, I don't think there is any hack. Just some people got unlucky and had their passwords stolen. Even in the heart of the shitstorm yesterday, I couldn't see that much hacked ragers on the official forums, considering how vast the playerbase is. |
|
|
| trinxified Canada. May 25 2012 01:42. Posts 2584 | Profile # |
So wait, is changing the e-mail address (username) and password enough? Luckily, I wasn't hacked (at least not yet), and I changed my login information 2 days ago already.
Am I safe now? Or do I really need to get the authenticator? |
|
|
| LoLAdriankat United States. May 25 2012 01:42. Posts 3632 | Profile Blog # |
| Hmm, makes sense. Hackers have probably been preparing for months and I know that certain release groups like *cough*RELOADED*cough* put keyloggers in their stuff targeting B.net accounts. People just don't like admitting their own mistakes for whatever reason. |
|
|
| thatsundowner Canada. May 25 2012 02:43. Posts 286 | Profile # |
On May 25 2012 01:42 trinxified wrote:
So wait, is changing the e-mail address (username) and password enough? Luckily, I wasn't hacked (at least not yet), and I changed my login information 2 days ago already.
Am I safe now? Or do I really need to get the authenticator?
Get one anyway, it's a small price to pay to not have to deal with trying to get everything restored |
| | "you're gonna fail" in latin |
|
|
| Rannasha Netherlands. May 25 2012 03:05. Posts 2263 | Profile Blog # |
On May 25 2012 01:42 trinxified wrote:
So wait, is changing the e-mail address (username) and password enough? Luckily, I wasn't hacked (at least not yet), and I changed my login information 2 days ago already.
Am I safe now? Or do I really need to get the authenticator?
You're still not safe against keyloggers. Get an authenticator. |
| | Such flammable little insects! |
|
|
| PeT[uK] United States. May 25 2012 03:14. Posts 411 | Profile # |
sigh... I just got hacked and I went to no shady D3 websites or anything. They left me naked and with 1700 gold. pisses me off so hard. I think im gonna just quit D3. I dont wanna put that much time into getting new gear again. Just doesnt seem worth it.
funny thing is when i logged on today I seen i had a lvl 1 wizard on my friends list that i have no idea who that is. then he deleted me off his friends list as soon as i logged on. So this asshole was in the process of moving my stuff to his mule. I have his tag will that help me in anyway? because its a bs character he made. lvl 1 with 6 hours played..............Last edit: 2012-05-25 03:20:24 |
| | How Happy Are the Blameless Vestals Lot. |
|
|
| Enki United States. May 25 2012 03:54. Posts 1986 | Profile Blog # |
| Well, I still hear people saying they are getting hacked under different circumstances so fuck it. Blizzard just seems to say that it's not on their end but i'm not really convinced by it. I was already getting bored by it anyways so not a big loss...but I'm not gonna spend more time on it when my shit could just be taken anyways. |
| | "Practice, practice, practice. And when you're not practicing you should be practicing. It's the only way to get better. The only way." I run the Smix Fanclub! |
|
|
| Charger United States. May 25 2012 03:58. Posts 2347 | Profile Blog # |
On May 25 2012 03:54 Enki wrote:
Well, I still hear people saying they are getting hacked under different circumstances so fuck it. Blizzard just seems to say that it's not on their end but i'm not really convinced by it. I was already getting bored by it anyways so not a big loss...but I'm not gonna spend more time on it when my shit could just be taken anyways.
I'll take your items off your hands 
|
| | It's easy to be a Monday morning quarterback. (屮◣_◢)屮 Charger#1101 |
|
|
| dAPhREAk Nauru. May 25 2012 04:04. Posts 8698 | Profile Blog # |
On May 25 2012 03:54 Enki wrote:
Well, I still hear people saying they are getting hacked under different circumstances so fuck it. Blizzard just seems to say that it's not on their end but i'm not really convinced by it. I was already getting bored by it anyways so not a big loss...but I'm not gonna spend more time on it when my shit could just be taken anyways.
its a damn shame what is happening to people as far as getting hacked. nevertheless, all i see are people speculating about what is causing the hacks and no real evidence of anything other than that they have been hacked. after reading these forums, i am scared to go into public games for no reason other than people spouting the first thing that comes into their mind. i am glad blizzard has squelched that unsupported accusation. |
| |
|
| AnotherRandom Canada. May 25 2012 04:08. Posts 50 | Profile # |
The big question now though, is how did one get their account breached?
If it's as simple as visiting a wiki then why aren't these things all over the place for stealing PayPal login, bank account login, ebay login, etc?
How was my account compromised? Do I in fact have a keylogger on my computer? Are they just brute-forcing passwords?
How far back will the B.net rollback take me?
I was planning on playing D3 for years to come, and enjoying it as much as I enjoyed D2. However now I'm considering simply refunding the game. Playing a game and having to do a re-installation of my OS in addition to losing 80 hours of work on a character, is not what I paid for. |
|
|
| dAPhREAk Nauru. May 25 2012 04:22. Posts 8698 | Profile Blog # |
On May 25 2012 04:08 AnotherRandom wrote:
The big question now though, is how did one get their account breached?
If it's as simple as visiting a wiki then why aren't these things all over the place for stealing PayPal login, bank account login, ebay login, etc?
How was my account compromised? Do I in fact have a keylogger on my computer? Are they just brute-forcing passwords?
How far back will the B.net rollback take me?
I was planning on playing D3 for years to come, and enjoying it as much as I enjoyed D2. However now I'm considering simply refunding the game. Playing a game and having to do a re-installation of my OS in addition to losing 80 hours of work on a character, is not what I paid for.
because if you steal real money you go to prison. blizzard isnt going to track down the hackers because i doubt they care enough to do so. if you steal real money, you call the police and they have to track down the thief. |
| |
|
| Denzil United Kingdom. May 25 2012 05:35. Posts 3509 | Profile # |
On May 22 2012 05:32 CuSToM wrote:
Show nested quote +On May 22 2012 04:43 DomiNater wrote:
On May 22 2012 04:32 NotSorry wrote:
One of the more popular map hacks(over 50k downloads) was found to have a keylogger in it. Old D2 tricks at it again.
On May 22 2012 04:35 Sufinsil wrote:We really do not know who what why, to what extent. I could have typed out that dribble as a "news" article" And really, who is going to admit to downloading a map hack?
WTF 50k downloads on a maphack for D3??? What am I missing here, because a maphack seems almost useless on Diablo 3... 50k people should be ashamed of themselves for their stupidity.
I map hacked for the better half of my D2 career. Sorry but after finding Durance of Hate level 3, Throne of Destruction, and Tristram portal for Wirt's leg for what seemed like the millionth time each, it starts to get redundant and you get a maphack. It's not useless.
Fuck running countess and arcane sanc for keys, that shit was obnoxious thank fuck for the maphack |
| | Anna: So Sen how will you prepare for your revenge v MC? Sen: With a smile. |
|
|
| Instigata United States. May 25 2012 05:40. Posts 517 | Profile # |
| Does the Dial-In authenticator offer the same protection for those without smartphones and don't wanna pay for one? I don't mean the SMS text system. |
| | SC2 was doomed from the start. |
|
|
| aksfjh United States. May 25 2012 06:07. Posts 3489 | Profile # |
On May 25 2012 04:08 AnotherRandom wrote:
The big question now though, is how did one get their account breached?
If it's as simple as visiting a wiki then why aren't these things all over the place for stealing PayPal login, bank account login, ebay login, etc?
How was my account compromised? Do I in fact have a keylogger on my computer? Are they just brute-forcing passwords?
How far back will the B.net rollback take me?
I was planning on playing D3 for years to come, and enjoying it as much as I enjoyed D2. However now I'm considering simply refunding the game. Playing a game and having to do a re-installation of my OS in addition to losing 80 hours of work on a character, is not what I paid for.
Many times, these hacks work by identifying events, like Diablo3.exe being executed, and then they can narrow down the password usage easily. Also, things like bank logins have stricter measures in place to stop hackers and bank accounts. Many have extra passwords or questions for security when you attempt to login from a different location.
As for security overall, there are tools that can find and get rid of keyloggers, and in many cases, the keylogging isn't even done by installing malicious software. You can create scripts that attach to website ads or websites themselves which can act as keyloggers while the browser or page is open. Reinstalling the OS is usually the last step in the case of severe infection, and usually done when it becomes the easiest option in cleaning your PC, but is rarely the only viable option in recovery. |
|
|
| Charger United States. May 25 2012 06:22. Posts 2347 | Profile Blog # |
On May 25 2012 05:40 Instigata wrote:
Does the Dial-In authenticator offer the same protection for those without smartphones and don't wanna pay for one? I don't mean the SMS text system.
Nope, need the mobile authenticator on your smartphone or a physical keychain one.
What games and services does the Battle.net Dial-in Authenticator protect?
The Battle.net Dial-in Authenticator protects any World of Warcraft accounts attached to a Battle.net account, as well as Battle.net Account Management. The Battle.net Dial-in Authenticator is not currently compatible with StarCraft II or Diablo III, though that may change in the future.
Taken from here: http://us.battle.net/support/en/article/battle-net-dial-in-authenticator-faq#q-7 |
| | It's easy to be a Monday morning quarterback. (屮◣_◢)屮 Charger#1101 |
|
|
 UniversalSnip May 25 2012 06:51. Posts 4820 | Profile Blog # |
| Not surprised to find out people weren't getting hacked through auction house/public games, it's embarrassing to see people be so ridiculous and hysterical with no evidence. Last edit: 2012-05-25 06:52:13 |
| | Had you ever considered that all this is your fault? Your presence creates these animals... |
|
|
| Goldfish May 25 2012 12:28. Posts 2016 | Profile Blog # |
How many who got hacked:
1. Visited unofficial Diablo III sites? Like incgamers? AFAIK they have ads.
Even wikias had bad ads at one point (they may still have them but nowadays they don't).
2. Had an authenticator?
Now, either Blizzard has some other security hole they're not sure of or it's just the websites.
Here's safe browsing again:
+ Show Spoiler +People can get malware by simply visiting sites with scripts or ads enabled (one notorious example is in 2007 or so, some wikia ads installed malware but wikia has dealt with most bad ads nowadays but it's still not 100% safe).
Sometimes legit sites (possibly even yahoo.com) may have bad ads too (though very unlikely for those high end companies).
Nowadays, more malware is being installed by simply visiting websites (even just legit ones) or simply by being connected to the internet (what can happen when you don't keep your windows up to date) than actually downloading stuff (technically visiting websites require downloading stuff but I mean stuff like downloading videos or programs).
Security flaws like not keeping Flash or winamp or iTunes or whatever up to date (make sure to check whether the programs you're using are up to date).
So:
1. Use noscript or notscripts (addons for Firefox and Google Chrome respectively). Make sure to set it to blcok iFrames.
2. Use Adblock Plus too.
3. And keep stuff up to date check the official flash site to see if there are any new updates.
When using noscript:
Right click anywhere and click noscript then click options. Go to "Embeddings" tab and check all boxes that say "forbid" (including IFRAME). Click "Apply these restrictions to whitelisted sites too". Most of the settings are already done for you but AFAIKI, noscript doesn't block IFRAMES by default (at least as far as I remembered, it once wasn't checked by default).
Of course keep noscript up to date (it's updated often) and only allow sites you trust (if a site works without scripts, don't enable scripts on that site).
Flash did have a security exploit recently. I suggest using secunia and running it once every 1-2 days to see what stuff you need updated (secunia just checks all your programs to see which ones are outdated with security vulnerabilities).
Also here's Blizzard and their Warcraft III security exploit I mentioned earlier (just a repost):
+ Show Spoiler +
Anyway I post both of them just in case.
As for anti virus software? Malware bytes, super antispyware, and even most anti virus software aren't enough.
Some malware can go undetected by most AV. The best way to deal with it is prevention (and for websites to stop relying so much on flash and javascript0. Seriously twitter, then youtube (which worked really well even with noscript on, noscript could at least enable any Flash manually if you clicked the placeholder icon), and even google? (Well most of the site works without scripts).
I use Avast (free version), and make a custom scan that scans everything (by default, the thorough scan only does a "quick rootkit scan", you should make a custom one that does full rootkit scan). I check all the settings that would make it thorough (stuff like scan all archives, etc). Anyway though, I'm not sure how effective avast is (I know it's one of the top AV in terms of the free ones at least) but make sure to have your AV set to the most thorough settings. |
| | https://connect.microsoft.com/WindowsServerFeedback/feedback/details/741495/biggest-explorer-annoyance-automatic-sorting-windows-7-server-2008-r2-and-vista#details Allow Disable Auto Arrange in Windows 7+ |
|
|
| dAPhREAk Nauru. May 26 2012 03:15. Posts 8698 | Profile Blog # |
| friend got hacked. took his money but not gear. hackers = assholes. oh, and i bought an authenticator just to be safe. fuck all of you who hack. |
| |
|
| Prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Next All | |
|
|
|
| |
|
Sidebar Settings...
|
Store
