Trending Games | Cabal 2 | EVE Online | Guild Wars 2 | WildStar

  Network:  RTSguru
Login:  Password:   Remember?  
Show Quick Gamelist Jump to Random Game
Members:2,976,493 Users Online:0
Games:818  Posts:6,419,944
Recent forum postsRSS
Active threads
Cloud view
List all forums
General Forums
Developers Corner General Discussion
Popular Game Forums
Click a status to find game forum
Game Forums
Click a letter to find game forum
A-C
2029 Online 2112: Revolution 2Moons 4Story 8BitMMO 9 Dragons A Mystical Land A Tale in the Desert III A3 ACE Online AD2460 ARGO Online Aberoth Absolute Force Online Absolute Terror Achaea Adellion Aerrevan Aetolia, the Midnight Age Age of Armor Age of Conan Age of Empires Online Age of Mourning Age of Wulin Age of Wushu Aida Arenas Aika Aion Albion Online Alganon All Points Bulletin (APB) Allods Online Altis Gates Amazing World Anarchy Online Ancients of Fasaria Andromeda 5 Angels Online Angry Birds Epic Anime Ninja Anime Pirates Anime Trumps Anmynor Anno Online Applo Arcane Hearts Arcane Legends ArchLord ArcheAge Archeblade Archlord 2 Archlord X Armored Warfare Ascend: Hand of Kul Asda 2 Asda Story Ashen Empires Asheron's Call Asheron's Call 2 Astera Online Astonia III Astro Empires Astro Lords: Oort CLoud Asura Force Atlantica Online Atriarch Aura Kingdom Aurora Blade Auto Assault Avatar Star Battle Dawn Battle Dawn Galaxies Battle for Graxia Battle of 3 Kingdoms Battle of the Immortals Battlecruiser Online Battlestar Galactica Online Battlestar Reloaded Beyond Protocol Bionic Marine Command Online Black Aftermath Black Desert Black Gold Black Prophecy Black Prophecy Tactics: Nexus Conflict Blackguards 2 Blacklight Retribution Blade & Soul Blade Hunter Blade Wars Blazing Throne Bless Blitz 1941 Blood and Jade Bloodborne Bloodlines Champions Boot Hill Heroes Borderlands 2 Borderlands: The Pre-Sequel Bound by Flame Bounty Bay Online Brain Storm Bravada Bravely Default Bravely Second Brawl Busters. Brick-Force Bright Shadow Bullet Run Business Tycoon Online CTRacer Cabal Online Caesary Call of Camelot Call of Gods Call of Thrones Camelot Unchained Canaan Online Cardmon Hero Cartoon Universe CasinoRPG Cast & Conquer Castle Empire Castlot Celtic Heroes Champions Online Champions of Regnum Chaos Online Child of Light Chroma Squad Chrono Tales Citadel of Sorcery CitiesXL Citizen Zero City of Decay City of Heroes City of Steam City of Transformers City of Villains Civilization Online Clan Lord Clash of Clans Cloud Nine Club Penguin Colony of War Command & Conquer: Tiberium Alliances Company of Heroes Online Conquer Online Conquer Online 3 Continent of the Ninth (C9) Core Blaze Core Exiles Corum Online Craft of Gods Crimecraft Crimelife 2 Cronous Crota II Crowfall Crusaders of Solaris Cultures Online Cyber Monster 2 Cyberpunk 2077 Céiron Wars
D-F
D&D Online DC Universe DK Online DOTA DOTA 2 DUST 514 DV8: Exile Dalethaan Dance Groove Online Dark Age of Camelot Dark Ages Dark Legends Dark Orbit Dark Relic: Prelude Dark Solstice Dark Souls 2 Dark and Light DarkEden Online DarkSpace Darkblood Online Darkest Dungeon Darkfall Darkfall: Unholy Wars Darkwind: War on Wheels Das Tal Dawn of Fantasy Dawntide DayZ Dead Earth Dead Frontier Dead Island Dead Island 2 Dead Island: Riptide Deco Online Deep Down Deepworld Defiance Deicide Online Dekaron Demons at the Horizon Desert Operations Destiny Diablo 3 Diamonin Digimon Battle Dino Storm Disciple Divergence Divina Divine Souls Divinity: Original Sin Dofus Dominus Online Dragon Age: Inquisition Dragon Ball Online Dragon Born Online Dragon Crusade Dragon Empires Dragon Eternity Dragon Fin Soup Dragon Heart Online Dragon Nest Dragon Oath Dragon Pals Dragon Raja Dragon's Call Dragon's Call II Dragon's Prophet DragonSky DragonSoul Dragona Dragonica Dragons and Titans Drakengard 3 Dream of Mirror Online Dreamland Online Dreamlords: The Reawakening Drift City Duels Dungeon Blitz Dungeon Fighter Online Dungeon Overlord Dungeon Party Dungeon Rampage Dungeon Runners Dungeon of the Endless Dying Light Dynastica Dynasty Warriors Online Dynasty of the Magi EIN (Epicus Incognitus) EVE Online Earth Eternal Earth and Beyond Earthlock: Festival of Magic Earthrise Eclipse War Ecol Tactics Online Eden Eternal Edge of Space Einherjar - The Viking's Blood Elder Scrolls Online Eldevin Elf Online Elite: Dangerous Embers of Caerus Emil Chronicle Online Empire Empire & State Empire Craft Empire Universe 3 EmpireQuest Empires of Galldon End of Nations Endless Ages Endless Blue Moon Online Endless Online Entropia Universe EpicDuel Erebus: Travia Reborn Eredan Eternal Blade Eternal Lands Eternal Saga Ether Fields Ether Saga Online Eudemons Online EuroGangster EverEmber Online EverQuest Next EverQuest Online Adventures Evernight Everquest Everquest II Evony Exarch Exorace F.E.A.R. Online Fable Legends Face of Mankind Fairyland Online Fall of Rome Fallen Earth Fallen Sword Fallout 4 Fallout Online Family Guy Online Fantage Fantasy Earth Zero Fantasy Realm Online Fantasy Tales Online Fantasy Worlds: Rhynn Faunasphere Faxion Online Fearless Fantasy Ferentus Ferion Fiesta Online Final Fantasy Type-0 HD Final Fantasy XI Final Fantasy XIV Final Fantasy XIV: A Realm Reborn Firefall Fists of Fu Florensia Flyff Football Manager Live Football Superstars Force of Arms Forge Forsaken Uprising Forsaken World Fortnite Fortuna Forum for Discussion of Everlight Freaky Creatures Free Realms Freesky Online Freeworld Fung Wan Online Furcadia Fury Fusion Fall
G-L
GRAV GalaXseeds Galactic Command Online Game of Thrones: Seven Kingdoms Gameglobe Gate To Heavens Gates of Andaron Gatheryn Gauntlet Gekkeiju Online Ghost Online Ghost Recon Online Gladiatus Glitch Global Agenda Global Soccer Gloria Victis Glory of Gods GoGoRacer Goal Line Blitz Gods Rush Gods and Heroes GodsWar Online Golemizer Golf Star GoonZu Online Graal Kingdoms Granado Espada Online Grand Chase Grand Fantasia Grepolis Grimlands Guild Wars Guild Wars 2 Guild Wars Factions Guild Wars Nightfall H1Z1 Habbo Hotel Hailan Rising HaloSphere2 Hand of Fate Haven & Hearth Hawken Heart Forth Alicia Hearthstone: Heroes of Warcraft Helbreath Hellgate Hellgate: London Hello Kitty Online Hero Online Hero Zero Hero's Journey Hero: 108 Online HeroSmash Heroes & Generals Heroes & Legends: Conquerors of Kolhar Heroes in the Sky Heroes of Atlan Heroes of Bestia Heroes of Gaia Heroes of Might and Magic Online Heroes of Thessalonica Heroes of Three Kingdoms Heroes of the Storm Hex Holic Online Hostile Space Hunter Blade Huxley Icewind Dale: Enhanced Edition Illutia Illyriad Immortals USA Immune Imperator Imperian Inferno Legend Infestation: Survivor Stories Infinite Crisis Infinity Infinity Iris Online Iron Grip: Marauders Irth Worlds Island Forge Islands of War Istaria: Chronicles of the Gifted Jade Dynasty Jagged Alliance Online Juggernaut Jumpgate Jumpgate Evolution KAL Online Kakele Online Kaos War Karos Online Kartuga Kicks Online Kill Strain King of Kings 3 Kingdom Heroes Kingdom Under Fire II Kingdom of Drakkar Kingory Kings Era Kings and Legends Kings of the Realm KingsRoad Kitsu Saga Kiwarriors Knight Age Knight Online Knights of Dream City Kothuria Kung Foo! Kunlun Online Kyn L.A.W. LEGO Universe La Tale Land of Chaos Online Landmark Lands of Hope: Redemption LastChaos League of Angels League of Legends - Clash of Fates Legend of Edda: Vengeance Legend of Golden Plume Legend of Grimrock 2 Legend of Katha Legend of Mir 2 Legend of Mir 3 Legendary Champions Lego Minifigures Online Lichdom: Battlemage Life is Feudal Light of Nova Lime Odyssey Line of Defense Lineage Lineage Eternal: Twilight Resistance Lineage II Linkrealms Loong Online Lord of the Rings Online Lords Online Lords of the Fallen Lords of the Fallen 2 Lost Saga Lucent Heart Lunia Lusternia: Age of Ascension Luvinia World
M-Q
MU Online Mabinogi Maestia: Rise of Keledus MagiKnights Magic Barrage Magic World Online Manga Fighter MapleStory Martial Heroes Marvel Heroes Marvel Super Hero Squad Online Marvel: Avengers Alliance Mass Effect 4 MechWarrior Online Megaten Meridian 59 : Evolution Merlin MetalMercs Metaplace Metin 2 MicroVolts Middle-earth: Shadow of Mordor Midkemia Online Might & Magic Heroes Online Might & Magic Heroes: Kingdoms Might & Magic X: Legacy MilMo Minecraft Mini Fighter Minions of Mirth Ministry of War Monato Esprit Monkey King Online Monkey Quest Monster & Me Monster Hunter 4: Ultimate Monster Madness Online MonsterMMORPG Moonlight Online: Tales of Eternal Blood Moonrise Mordavia Mortal Online Mourning My Lands Myst Online: URU Live Myth Angels Online Myth War Myth War 2 Mythborne Mytheon Mythic Saga Mythos N.E.O Online NIDA Online Nadirim Naviage: The Power of Capital Navy Field Necropolis Need for Speed World Nemexia Neo's Land NeoSteam Neocron Nether Neverwinter Nexus: The Kingdom Of The Winds NinjaTrick NosTale Nova Genesis Novus Aeterno Oberin Odin Quest Odyssey RPG Ogre Island Omerta 3 Online Boxing Manager Onverse Oort Online Order & Chaos Online Order of Magic Original Blood Origins Return Origins of Malu Orion's Belt Otherland Forums OverSoul Overkings Overwatch Oz Online Oz World Pandora Saga Pantheon: Rise of the Fallen Panzar Parabellum Parallel Kingdom Parfait Station Path of Exile Pathfinder Online Perfect World Perpetuum Online Persona V Phantasy Star Online 2 Phantasy Star Universe Phoenix Dynasty Online Phylon Pi Story Picaroon Pillars of Eternity Pirate Galaxy Pirate Storm Pirate101 PirateKing Online Pirates of the Burning Sea Pirates of the Caribbean Online Pixie Hollow Planeshift Planet Arkadia Planet Calypso PlanetSide 2 Planetside Planets³ Playboy Manager Pocket Legends Pockie Ninja Pockie Pirates Pockie Saints Pokémon X and Y PoxNora Prime World Prime: Battle for Dominus Priston Tale Priston Tale II Prius Online Prodigy Project Blackout Project Gorgon Project Powder Project Titan Forums Project Wiki Project Zomboid Puzzle Pirates Quest for Infamy Quickhit Football
R-S
R2 Online RAN Online RF Online ROSE Online Rage of 3 Kingdoms Ragnarok Online Ragnarok Online II RaiderZ Rail Nation Rakion Rappelz RappelzSEA Ravenmarch Realm Fighter Realm of Sierra Realm of the Mad God Realm of the Titans Realms Online Rebel Galaxy Reclamation Red Stone Red War: Edem's Curse Regnum Online Remnant Knights Renaissance Repulse Requiem: Memento Mori Rift RiotZone Rise Rise of Dragonian Era Rise of Empire Rise of the Tycoon Risen 3: Titan Lords Rising of King Risk Your Life Rivality Rockfree Rohan: Blood Feud Role Play Worlds Roll n Rock Roma Victor Romadoria Rosh Online Roto X Rubies of Eventide Ruin Online Rumble Fighter Runes of Magic Runescape Rust Rusty Hearts Ryzom S4 League SAGA SD Gundam Capsule Fighter Online SMITE SUN Sacred 3 Sagramore Salem SaySayGirls Scarlet Blade Scions of Fate Seal Online: Evolution Second Chance Heroes Second Life Secret of the Solstice Seed Serenia Fantasy Seven Seas Saga Seven Souls Online Sevencore Shadow Realms Shadow of Legend Shadowbane Shadowgate Shadowrun Chronicles Shaiya Shards Online Shattered Galaxy Sho Online Shot Online Shroud of the Avatar SideQuest Siege on Stars Sigonyth: Desert Eternity Silkroad Online Skyblade Skyforge SmashMuck Champions Smoo Online Soldier Front Soul Master Soul Order Online Soul of Guardian South Park: The Stick of Truth Space Heroes Universe Sparta: War of Empires Spellcasters Sphere Spiral Knights Spirit Tales Splash Fighters Squad Wars Star Citizen Star Conflict Star Sonata 2 Star Stable Star Supremacy Star Trek Online Star Trek: Infinite Space Star Wars Galaxies Star Wars: Clone Wars Adventures Star Wars: The Old Republic StarQuest Online Starbound Stargate Worlds Starlight Story Starpires State of Decay SteelWar Online Stone Age 2 Stormfall: Age of War Stormthrone Storybricks Stronghold Kingdoms Styx: Master of Shadows Sudden Attack Supremacy 1914 Supreme Destiny Sword Coast Legends Sword Girls Sword of Destiny: Rise of Aions SwordX Swords of Heavens Swordsman
T-Z
TERA TS Online TUG Tabula Rasa Tactica Online Tales Runner Tales of Fantasy Tales of Pirates Tales of Pirates II Tales of Solaris Talisman Online Tamer Saga Tank Ace Tantra Online Tatsumaki: Land at War Terra Militaris TerraWorld Online Terraria Thang Online The 4th Coming The Agency The Aurora World The Banner Saga The Banner Saga 2 The Black Watchmen The Chronicle The Chronicles of Spellborn The Crew The Division The Epic Might The Hammers End The Incredible Adventures of Van Helsing The Incredible Adventures of Van Helsing 2 The Legend of Ares The Lost Titans The Matrix Online The Mighty Quest for Epic Loot The Missing Ink The Mummy Online The Myth of Soma The Pride of Taern The Realm Online The Repopulation The Secret World The Sims Online The Strategems The West The Witcher 3: Wild Hunt Theralon There Therian Saga Thrones of Chaos Tibia Tibia Micro Edition Tiger Knight Titan Siege Titans of Time Toontown Online Top Speed Topia Online Torchlight Torment: Tides of Numenera Total Domination Transformers Universe Transistor Transverse Trapped Dead: Lockdown Traveller AR Travia Online Travian Triad Wars Trials of Ascension Tribal Hero Tribal Wars Tribes Universe Trickster Online Trove Troy Online True Fantasy Live Online Turf Battles Twelve Sky Twelve Sky 2 Twilight War Tynon U.B. Funkeys UFO Online URDEAD Online Ultima Forever: Quest for the Avatar Ultima Online Ultima X: Odyssey Ultimate Naruto Ultimate Soccer Boss Uncharted Waters Online Undercover 2: Merc Wars Underlight Unification Wars Universe Online Utherous Utopia Valkyrie Sky Vampire Lord Online Vanguard: Saga of Heroes Vanquish Space Vector City Racers Vendetta Online Victory - Age of Racing Vindictus Virtonomics Vis Gladius Visions of Zosimos VoidExpanse Voyage Century Online W.E.L.L. Online WAR (Warhammer Online) WAR2 Glory WYD Global Wakfu War Thunder War of 2012 War of Angels War of Legends War of Mercenaries War of Thrones War of the Immortals WarFlow Waren Story Warflare Wargame1942 Warhammer 40,000: Eternal Crusade Warhammer 40K: Dark Millennium Online Warhammer Online: Wrath of Heroes Warkeepers Warrior Epic Wartune Wasteland 2 WebLords Wild West Online WildStar Wind of Luck WindSlayer 2 Wings of Destiny Wish Wizard101 Wizardry Online Wizards and Champions Wonder King Wonderland Online World Golf Tour World of Battles World of Darkness World of Heroes World of Kung Fu World of Pirates World of Speed World of Tanks World of Tanks Generals World of Warcraft World of Warplanes World of Warriors World of Warships World of the Living Dead WorldAlpha Wurm Online Xenoblade Chronicles 3D Xenoblade Chronicles: X Xenocell Xiah Xsyon Xulu YS Online Yitien ZU Online Zentia Zero Online Zero Online: The Andromeda Crisis Zodiac Online Zombies Ate My Pizza eRepublik

MMORPG.com Discussion Forums

World of Warcraft

World of Warcraft 

General Discussion  » Hacked characters?

2 Pages 1 2 » Search
23 posts found
  AzurePrower

Novice Member

Joined: 3/18/07
Posts: 1547

Ahh yes, "Hypers." The people who praise and hate every MMORPG... We've dismissed that claim.

 
OP  8/04/12 1:20:39 AM#1

Alright. Just having a strange issue here whilst checking back on characters in World of Warcraft.


I've of course have left my characters inactive since the start of 2011 and they're showing the inactive not found page.


How ever, I checked a friend who has quit with me at around the same. They're characters are showing up. Showing activity for 2012 with their gear missing and one character even apparently transferred to another realm.


I had my friend log onto their account. Sure enough, they're able to get in. They check their world of warcraft account page and their subscription status. Sure enough, it was frozen and has been inactive since early 2011.


Friend also has full access to the e-mail their account is connected to and received no e-mail about a realm transfer or any thing.


So how is this possible?

  Dragohr

Novice Member

Joined: 12/08/04
Posts: 50

8/04/12 1:24:08 AM#2
Why are you posting this here? Noone will be able to answer anything as the details you gave are so vague and the information is restricted to account managers from blizzard. Go to blizzard support for help.
  Aori

Apprentice Member

Joined: 1/28/06
Posts: 1891

8/04/12 1:27:53 AM#3

If the character was transfered to another realm then he woulda been notified if the email is still attached. People can't just hack your account and move your character to another realm on whim without paying for it heh.

Either way sounds like he got his password jacked and his gear stolen.. hes also obviously in denial and is lying about not getting notification emails for changing realms.

Authenticators are great for people who can't keep their passwords safe.

  miguksaram

Apprentice Member

Joined: 4/29/03
Posts: 835

8/04/12 1:34:11 AM#4
PW tip for the mentally impaired.  Diagnol strokes downward starting at the numerical keys with the occassional shift key in conjunction works wonders against most would-be hackers.  Just sayin!
  AzurePrower

Novice Member

Joined: 3/18/07
Posts: 1547

Ahh yes, "Hypers." The people who praise and hate every MMORPG... We've dismissed that claim.

 
OP  8/04/12 1:46:55 AM#5

Still doesn't explain if their game time expired in 2011. How can an account be accessed?

Seems like accounts getting hacked in WoW is too much of a common thing. No other game has such wide-spread account hacking. Even with authenticators. There's only so many times you can blame it on the player.

  armodeus

Novice Member

Joined: 2/22/11
Posts: 20

8/04/12 2:10:38 AM#6

The same just happened to me, My Account was inactive since january 2011.

Yesterday I activated my account using the rez scroll with the 7 free days.  My surprise when I discovered my characters naked, with empty bags and no gold at all.

So HOW is this possible? looks like the new "modus operandi"  is Hacking inactive accounts?

Fortunately I do not care since I dont plan going back to wow. But that is disgusting and unfortunate.

 

  AzurePrower

Novice Member

Joined: 3/18/07
Posts: 1547

Ahh yes, "Hypers." The people who praise and hate every MMORPG... We've dismissed that claim.

 
OP  8/04/12 2:10:49 AM#7

 


Originally posted by Magnetia
Hacking old accounts is a much better way to steal. People tend to notice when hacking active accounts.

 

[mod edit]


 

Their account was frozen and last paid game time was march 2011. So... Doesn't make any sense.

If it was a 3 day pass or a paid month. It would list the expired date.


I used a 3 day pass last on my account and it lists its expired date instead of my actual subscription months before it. So doubt the date would go unlisted.

  Aori

Apprentice Member

Joined: 1/28/06
Posts: 1891

8/04/12 2:12:15 AM#8
oh here we go, making up stories. The account had to have been active to be stripped, sorry people aren't sneaking into the backdoor of blizzard stealing your epics.
  AzurePrower

Novice Member

Joined: 3/18/07
Posts: 1547

Ahh yes, "Hypers." The people who praise and hate every MMORPG... We've dismissed that claim.

 
OP  8/04/12 2:14:04 AM#9


Originally posted by Aori
oh here we go, making up stories. The account had to have been active to be stripped, sorry people aren't sneaking into the backdoor of blizzard stealing your epics.

I could get them to screen shot it if you like. There's really no point to make up stories.

  User Deleted
8/06/12 1:55:44 AM#10

A long time ago in EverQuest (I can’t remember if it was the original or EQ2) a real controversy erupted in the forums that reminds me of your story. I wish I had links but in a nutshell, SOE had corrupt GM staff members that used inactive account characters to farm gold and sell it to players.They would get characters moved around to where ever needed. They went further and hacked into “choice target players and guilds” for cleaning them out and got caught for that but the damage was done.  

 

I am not saying that is what happened here. But, “If” you are sure there is no mistake in your assertion, then see if your pals can contact Blizzard through web support channels or phone with the details and ask them about what has happened. They can get to the bottom of it and find out...

  faxnadu

Novice Member

Joined: 3/28/08
Posts: 959

playing games that you don't have to.

8/06/12 2:00:10 AM#11
there no really point of asking this from here, contact blizzard customer support via phone and you get your answers.
  delete5230

Elite Member

Joined: 8/15/07
Posts: 2758

8/06/12 4:54:29 AM#12

Last time I played was about three months ago.  20 days in I could not take this lifeless, too easy game anymore. I cancled my account with 10 days left.

The next morning, My Yahoo account was hacked ( an account I had for five years ). I decided to check my WoW game ( after all 10 days left ). Sure enuff, Hacked and could not log on........To make a long story short.....They got into all my stuff, not just WoW.

WoW is just a nasty game, I called Blizzard, told them to shut everything off for good......I'm done with this crap !!!

  User Deleted
8/07/12 9:19:06 AM#13
Originally posted by Crazy_Stick

A long time ago in EverQuest (I can’t remember if it was the original or EQ2) a real controversy erupted in the forums that reminds me of your story. I wish I had links but in a nutshell, SOE had corrupt GM staff members that used inactive account characters to farm gold and sell it to players.They would get characters moved around to where ever needed. They went further and hacked into “choice target players and guilds” for cleaning them out and got caught for that but the damage was done.  

 

I am not saying that is what happened here. But, “If” you are sure there is no mistake in your assertion, then see if your pals can contact Blizzard through web support channels or phone with the details and ask them about what has happened. They can get to the bottom of it and find out...

 

They also added a NPC/Banker to the bottom of befallen that'd dupe gold.

 

 

  SirBalin

Warmonger

Joined: 11/22/06
Posts: 1127

8/07/12 9:20:16 AM#14
I"ve actually never seen a company that has more accounts hacked than Blilzzard...its nuts.

Incognito
www.incognito-gaming.us
"You're either with us or against us"

  hot-hustler

Apprentice Member

Joined: 8/25/12
Posts: 3

8/25/12 7:14:19 PM#15

Just to add a little something to this thread...

Blizz will never publicly admit that their security protocols have been completely breached and/or bypassed. It would be disasterous for business. The few times they have actually spoken publicly about breaches, they still will not divulge or admit the depth of the vulnerabilities.

I am an IT security specialist (and pretty damn good at what I do... ;)) and the first rule of data security is that there is no such thing as 100% secure. Any and every security protocol, especially any client/server based protocols, can be breached. It's just the nature of the client/server software architecture. Blizzard is most definitely no exception to this rule and being such a large target, I assure you they have been breached in ways you wouldn't believe...

Accounts can (and have been) accessed, and used by completely bypassing the authentication and validation systems. Accounts that are inactive, not having "time" on them, are able to be logged in and played, transfered, you name it. "Hackers" are using premium account services (paid services) freely on these accounts and blizzard still maintains the position that it has never happened... haha that's cute. Try posting up about this in the official blizzard forums and see the respone you get. These are responses from blizzard representatives that have no idea how the WoW architecture even functions, let alone the securing of it. They are not qualified to even be answering questions regarding these types of breaches.

While Blizzard does go to great lengths to protect their users, aswell as themselves, there is only so much they can do. The nature and effectivelness of these attacks suggests blizzard has been victim to side-channel attacks against their datastores. And for neutralize the threat that would have been created by successful side-channel attacks, would require an enormous amount of work restructuring and resuring their data from the ground up. They avoided upgrading the rendering engine this long because of the workload it would impose, and that's just a rewrite of the rendering framework... haha. It's much easier to deny responsibility than the restructure the entire datastore infrastructure...

Anyway, the point is, yes you are correct in assuming that your account can be accessed in these manners and don't count on any acceptance of responsibility from the blizzard. And keep in mind, it isn't just World of Warcraft that this is happening in...

Food for thought.

BOOM!

  Shadoed

Novice Member

Joined: 10/03/03
Posts: 1505

8/26/12 3:59:43 PM#16
Originally posted by hot-hustler

Just to add a little something to this thread...

Blizz will never publicly admit that their security protocols have been completely breached and/or bypassed. It would be disasterous for business. The few times they have actually spoken publicly about breaches, they still will not divulge or admit the depth of the vulnerabilities.

I am an IT security specialist (and pretty damn good at what I do... ;)) and the first rule of data security is that there is no such thing as 100% secure. Any and every security protocol, especially any client/server based protocols, can be breached. It's just the nature of the client/server software architecture. Blizzard is most definitely no exception to this rule and being such a large target, I assure you they have been breached in ways you wouldn't believe...

Accounts can (and have been) accessed, and used by completely bypassing the authentication and validation systems. Accounts that are inactive, not having "time" on them, are able to be logged in and played, transfered, you name it. "Hackers" are using premium account services (paid services) freely on these accounts and blizzard still maintains the position that it has never happened... haha that's cute. Try posting up about this in the official blizzard forums and see the respone you get. These are responses from blizzard representatives that have no idea how the WoW architecture even functions, let alone the securing of it. They are not qualified to even be answering questions regarding these types of breaches.

While Blizzard does go to great lengths to protect their users, aswell as themselves, there is only so much they can do. The nature and effectivelness of these attacks suggests blizzard has been victim to side-channel attacks against their datastores. And for neutralize the threat that would have been created by successful side-channel attacks, would require an enormous amount of work restructuring and resuring their data from the ground up. They avoided upgrading the rendering engine this long because of the workload it would impose, and that's just a rewrite of the rendering framework... haha. It's much easier to deny responsibility than the restructure the entire datastore infrastructure...

Anyway, the point is, yes you are correct in assuming that your account can be accessed in these manners and don't count on any acceptance of responsibility from the blizzard. And keep in mind, it isn't just World of Warcraft that this is happening in...

Food for thought.

The worst sceptic pandering and scaremongering post i have read in a long, long time! You of course have information to back up the accusations that Blizzard are just creating a huge cover up to hide the 'fact' that accounts are breached and used on a regular basis?!? I'll take your word that you do what you do and you are good at it, but at the same time i am pretty sure that Activision/Blizzard don't just have an 65 year old bloke sitting in a chair just making sure that the lights don't blink red to show a security breach.

As an IT Security specialist you will know all too well that the worst threat to any users security is the user themselves and that will always be the number 1 cause of security issues. Blizzard admitted to a security breach only a couple of weeks ago, made it very public, let everyone know how deep the breach went and suggested resolutions but i am yet to see in all this time and the numerous posts about accounts being hacked any solid evidence that there is a security conspiracy going on within Blizzard. In a relatively large guild for over four years now only three people have ever been hacked (one guy twice) and all three were down to keyloggers found on their machines when checked properly and as well as that we have had many people leave for extended periods (having babies, work commitmnents, university etc) and all have come back with no issues on their accounts. Not a definative sample of the playerbase by a long chalk, but having been in a large raid guild in Vanilla and another before the one i am in now i would have expected to meet at least one person that had, had this problem, but never have.

Personally i believe posts like the one you have made above are the worst as it makes people believe that it isn't their responsibility when they have their account hacked, somehow it is all down to Blizzard and some sort of conspiracy when in all reality it is a 99.999% (no network is 100% secure ;-)) chance that it is down to something at their own end that has caused the problem.

It must be Thursday, i never could get the hang of Thursdays.

  hot-hustler

Apprentice Member

Joined: 8/25/12
Posts: 3

8/27/12 1:13:05 AM#17

The worst sceptic pandering and scaremongering post i have read in a long, long time! You of course have information to back up the accusations that Blizzard are just creating a huge cover up to hide the 'fact' that accounts are breached and used on a regular basis?!? I'll take your word that you do what you do and you are good at it, but at the same time i am pretty sure that Activision/Blizzard don't just have an 65 year old bloke sitting in a chair just making sure that the lights don't blink red to show a security breach.

As an IT Security specialist you will know all too well that the worst threat to any users security is the user themselves and that will always be the number 1 cause of security issues. Blizzard admitted to a security breach only a couple of weeks ago, made it very public, let everyone know how deep the breach went and suggested resolutions but i am yet to see in all this time and the numerous posts about accounts being hacked any solid evidence that there is a security conspiracy going on within Blizzard. In a relatively large guild for over four years now only three people have ever been hacked (one guy twice) and all three were down to keyloggers found on their machines when checked properly and as well as that we have had many people leave for extended periods (having babies, work commitmnents, university etc) and all have come back with no issues on their accounts. Not a definative sample of the playerbase by a long chalk, but having been in a large raid guild in Vanilla and another before the one i am in now i would have expected to meet at least one person that had, had this problem, but never have.

Personally i believe posts like the one you have made above are the worst as it makes people believe that it isn't their responsibility when they have their account hacked, somehow it is all down to Blizzard and some sort of conspiracy when in all reality it is a 99.999% (no network is 100% secure ;-)) chance that it is down to something at their own end that has caused the problem.

This would be the public announcement by blizzard you are referring to? http://us.blizzard.com/en-us/securityupdate.html

When I mentioned side-channel attacks, this is exactly what I was suggesting. Go figure... lol

The "cryptographically scrambled" passwords they are speaking of would be tough to decrypt although not impossible, and you better believe if an attacker has the ability to get root access to their database servers and specifically target the user account password data, they probably have the means to decrypt it... 

You are absolutely correct in suggesting most security issues are a fault of the user not protecting themselves properly or not being aware of the threats in different scenarios, not just in online games, but everywhere. However this is not the type of attack I am talking about.

I'm suggesting the authentication and validation systems are capable of being completely bypassed. I wouldn't be able to say exactly how attackers are going about this as I'm not aware of blizzards authentication and validation system structuring, but if I had to guess, I'd assume multiple filesystem servers had been breached through one of those "internal network" breaches and had copied internal assemblies and stole memory dumps to figure out where teh vulnerabilities where. Again, just an idea of course.

Do I have information to back up the accusation? Absolutley! lol But not information I think blizzard or my friend would appreciate me divulging. The reason I know this has happened is I witnessed it happening to a friends account that had ceased playing for almost 6 months. I spoke with the GM (out of game) that was managing the support ticket with my friend after examining both his system and his account and determined there was no fault on his part and his account was infact inactive. I had the GM confirm this aswell, the GM assuring that no trial time or credit card disputed time purchases had been applied to the account since his last activity. Yet his characters were clearly online and turning a hefty profit in the Action House business lol. He even recieved a few premium services applied to the account by the attacker including a few server transfers and a few extra characters on the account that most certainly were not created by him. And get this, even though the account clearly had no time on it and hadn't for months (verified by Blizzard representatives), the armory was still showing recent character updates in the recent activity feeds... 

After helping him with his issue I got curious and did some searching around and sure enough, a large amount of other players were reporting the same activity only to be shunned for suggesting that an attacker somehow accessed and used their inactive account.

To answer the question you're probably thinking, yes I did ask the GM if they have had any attacks of the nature I described above, which obviously, he/she was not able to answer (understandably). 

Anyways, yes this can and does happen. It's just the way things work. Anything that can be done on a computer can be undone, or done in multiple alternative ways.

Love hot-hustler xo

BOOM!

  Shadoed

Novice Member

Joined: 10/03/03
Posts: 1505

8/27/12 10:32:35 AM#18
Originally posted by hot-hustler

I'm suggesting the authentication and validation systems are capable of being completely bypassed. I wouldn't be able to say exactly how attackers are going about this as I'm not aware of blizzards authentication and validation system structuring, but if I had to guess, I'd assume multiple filesystem servers had been breached through one of those "internal network" breaches and had copied internal assemblies and stole memory dumps to figure out where teh vulnerabilities where. Again, just an idea of course.

Do I have information to back up the accusation? Absolutley! lol But not information I think blizzard or my friend would appreciate me divulging. The reason I know this has happened is I witnessed it happening to a friends account that had ceased playing for almost 6 months. I spoke with the GM (out of game) that was managing the support ticket with my friend after examining both his system and his account and determined there was no fault on his part and his account was infact inactive. I had the GM confirm this aswell, the GM assuring that no trial time or credit card disputed time purchases had been applied to the account since his last activity. Yet his characters were clearly online and turning a hefty profit in the Action House business lol. He even recieved a few premium services applied to the account by the attacker including a few server transfers and a few extra characters on the account that most certainly were not created by him. And get this, even though the account clearly had no time on it and hadn't for months (verified by Blizzard representatives), the armory was still showing recent character updates in the recent activity feeds... 

After helping him with his issue I got curious and did some searching around and sure enough, a large amount of other players were reporting the same activity only to be shunned for suggesting that an attacker somehow accessed and used their inactive account.

To answer the question you're probably thinking, yes I did ask the GM if they have had any attacks of the nature I described above, which obviously, he/she was not able to answer (understandably). 

Anyways, yes this can and does happen. It's just the way things work. Anything that can be done on a computer can be undone, or done in multiple alternative ways.

So i will ask the million dollar question based on the above. If you were so inclined would you lay your career and reputation on the line and take Blizzard to court based on the evidence you believe you have that they are somehow covering up a major continuous (over the last several years if some posts are to be believed) breach of their secure systems that allows persons unknown to access and play inactive characters without having to activate them?

It must be Thursday, i never could get the hang of Thursdays.

  hot-hustler

Apprentice Member

Joined: 8/25/12
Posts: 3

8/27/12 6:14:10 PM#19

So i will ask the million dollar question based on the above. If you were so inclined would you lay your career and reputation on the line and take Blizzard to court based on the evidence you believe you have that they are somehow covering up a major continuous (over the last several years if some posts are to be believed) breach of their secure systems that allows persons unknown to access and play inactive characters without having to activate them?

haha obviously not. 1: There's no legal basis for Blizzard to be sued. What would you sue for? Pain and suffering? Damages? lol.... and 2: It's THEIR system being compromised and the object being compromised has no value to the end user beyond the lisence they purchase for the client software and the gametime they purchase and the sentimental value it may hold. Their disclaimer(s) in the EULA pretty much sum it up. And even if there was a legal basis, what grounds would I have? It wasn't my account.

As for the "conspiracy theory", it's not much of a theory. It's a standard business practice in the software world... scary huh? lol Many IT companies share this practice as it is devastating for business to publicly announce a security breach of something your clients find valuable. If you read the EULA the accounts, characters, etc are ALL property of Blizzard, not the user. This is a clause that benefits many of their needs, including "illegal" real-world economy of in-game items, account selling, etc. You pay for the service, not the property (virtual or not).

I don't think anyone is suggesting this particular type of attack has been happening for years. Rather, it seems that this is a relatively new breed of attack, emerging in 2010 or so.

I'm sure blizzard loves this kind of blind faith from it's users because it is splendid for business, but the backlash is it removes pressure from the company to secure the vulnerablilities in a timely fashion. Whether you choose to be aware of it is up to you.

If you don't have a firm understanding of application and client/server security protocols (google searchers and "armchair programmers" are no exception), then you really aren't capable of making a valid statement in these matters.

xo 

BOOM!

  Shadoed

Novice Member

Joined: 10/03/03
Posts: 1505

8/28/12 2:30:06 AM#20
Originally posted by hot-hustler

I'm sure blizzard loves this kind of blind faith from it's users because it is splendid for business, but the backlash is it removes pressure from the company to secure the vulnerablilities in a timely fashion. Whether you choose to be aware of it is up to you.

If you don't have a firm understanding of application and client/server security protocols (google searchers and "armchair programmers" are no exception), then you really aren't capable of making a valid statement in these matters. 

The only blind faith i have in anything is the love of my children, other that that i am a pretty straight forward guy who just likes to see a little proof when someone makes a statement about something. Can i prove that it isn't happening, well of course i can't but at the same time i am still to see any solid proof to the contrary other than rumour, conjecture or guess work. As for understanding, with 22 years in the IT industry i have picked up a few bits and pieces along the way but that being said, i always stand to be corrected should a solid nugget of evidence land in my lap.

It must be Thursday, i never could get the hang of Thursdays.

2 Pages 1 2 » Search