"Bashiok has just posted confirming that they have yet to see any accounts comprised other than normal means. updating that section to match his new post"
Blizzard has been telling people that their accounts have not been compromised despite their gold and gear disappearing and random new people added to their friends list. They are still offering these people rollbacks to my knowledge.
Blizzard isn't lying when they say no accounts have been compromised other than normal means because most of the "hacked" accounts weren't compromised just accessed through an exploit. In other words the hackers/exploiters don't have any information about the account and can't access it without you all ready being in game and through the authentication process. After reading the battlenet forums off and on over the last 6 hours or so it appears that the majority of the people making these claims have had their characters cleaned but still have access to their accounts. Relatively, there are very few people who are claiming that their account and/or email passwords have been changed, which is common practice when phising or keyloggers are in use.
Legally Blizzard is only obligated to announce their security measures have been breached if personal information was gained by the parties that broke through their system. Why would Blizzard announce to the world that they have a faulty security setup if they don't need to? Considering the RMAH that is set to release in a week the answer should be fairly obvious -- They wouldn't announce it. I probably wouldn't make a public statement about it either if I was in their shoes.
Of course this could possibly be wrong, but I am not making any of this up as it has all been gathered first hand from the battlenet forums. Take a look at the blue topics tracker in the top left corner or at the battlenet forums and you will see that this is a very hot topic. I have never seen this big of an increase in "hacked" accounts with any releases of other Blizzard games and they all use the same authentication setup. The shear number of people getting simultaneously hacked suggests that the problem isn't everyone visiting the same lame phising site.
- SnowBro191
- Registered User
-
Member for 12 years, 6 months, and 21 days
Last active Mon, Sep, 24 2012 10:42:13
- 0 Followers
- 190 Total Posts
- 4 Thanks
-
May 22, 2012SnowBro191 posted a message on Account Security and Public Games, Hardcore Hell, Diablo 3 API, Blue PostsPosted in: News
-
May 16, 2012SnowBro191 posted a message on Most Awesome Video Spoiler Ever. Diablo III Launch Update - RMAH Push Back, Blue Posts, GiveawayI had a good laugh at this video even though I seen the models on a previous spoiler. It reminds me of torchlight (don't hate, I like that game too).Posted in: News
- To post a comment, please login or register a new account.
0
The contest was completely randomized. He took everyones battletag and put them into a list on random.org and hit the randomize button for all to see live on stream. I assume he will be doing something similar for the 1 billion gold contest as well.
1
0
Blizzard has been telling people that their accounts have not been compromised despite their gold and gear disappearing and random new people added to their friends list. They are still offering these people rollbacks to my knowledge.
Blizzard isn't lying when they say no accounts have been compromised other than normal means because most of the "hacked" accounts weren't compromised just accessed through an exploit. In other words the hackers/exploiters don't have any information about the account and can't access it without you all ready being in game and through the authentication process. After reading the battlenet forums off and on over the last 6 hours or so it appears that the majority of the people making these claims have had their characters cleaned but still have access to their accounts. Relatively, there are very few people who are claiming that their account and/or email passwords have been changed, which is common practice when phising or keyloggers are in use.
Legally Blizzard is only obligated to announce their security measures have been breached if personal information was gained by the parties that broke through their system. Why would Blizzard announce to the world that they have a faulty security setup if they don't need to? Considering the RMAH that is set to release in a week the answer should be fairly obvious -- They wouldn't announce it. I probably wouldn't make a public statement about it either if I was in their shoes.
Of course this could possibly be wrong, but I am not making any of this up as it has all been gathered first hand from the battlenet forums. Take a look at the blue topics tracker in the top left corner or at the battlenet forums and you will see that this is a very hot topic. I have never seen this big of an increase in "hacked" accounts with any releases of other Blizzard games and they all use the same authentication setup. The shear number of people getting simultaneously hacked suggests that the problem isn't everyone visiting the same lame phising site.
0
"My roommate and one of my friends got hacked too, hacker even killed my roommates hardcore champpion. Both of them lost all items and money, blizard rolled back their accounts and both lost loads of items and lots of levels. Blizard also replyed that the account can only be rolled back twice. My rommates computer was just bought for diablo, he had almost no other programs, had not visited any suspicious sites and we ran a virus scan, but no keylogger or trojans were found."
It is kinda funny they killed off his hardcore character xD.
"Having spent a lot of money on blizzard products, and 100% knowing the hacking was nothing to do with me since my computer is literally 2 days old i feel like the least I'm owed and everyone else is owed is an explanation."
Here is a game reporter claiming she was hacked even with an authenticator, I'm not sure why she refers to herself in 3rd person. Maybe random people stating it got passed their authenticator isn't credible enough for some but here is someone with a bit more credibility stating it.
"This reporter, after having her own account with authenticator hacked, firmly believes this is a serious security breach on Blizzard’s side, though they either do not want to admit it, or are still unaware of the problem. Many who have had their account on Diablo 3 hacked were logged in at the time of the hack and support staff tells them there was no evidence of their account being hacked. That indicates there is an exploit in the system being taken advantage of."
0
Like others have said, the massive influx of people getting hacked leads me to the obvious conclusion that the problem is server side. Sure there are probably people with keyloggers too, like the user that had the password changed but this backdoor entry into accounts makes much more sense, especially with blizzard telling a lot of people they have no log of their accounts being comprimised. I.E.- The session ID didn't change and the hackers skipped the authentication process. This is also why people with authenticators are getting hacked.
0
Just read this on official forums. A blue replied but didn't confirm nor deny it. Seems like the issue is on Blizzards end after all.
"an exploit was discovered by duplicating a session ID basically, if you join a public game with people, they can view your session ID and spoof it to login as you without need for a password or email or anyting if you play with people, try not to play in public games bro, only with people you know"
If this is the case we should expect to see servers going down shortly I would think.
This is the thread its in, http://us.battle.net...opic/5149539239 not much else to read though. I just logged in to delete randoms off my friends list, not sure if it would help or not but I just want to be safe as possible lol. I kept getting errors trying to remove people from friends and getting disconnected...
It doesn't explain every hacking incident, like one of the users in here that had their password changed which requires their email be hacked too.
0
0
0
You can find DPS by looking at your Character Panel and under your main stats (int/str/ etc.) there is one called Damage. If you mouse over it , it says that is DPS based on a few contributing factors like crit and so on. I think people are confused because it says Damage and not DPS so people in these threads should just call it Damage to avoid the confusion. Either way you know where to find it.
0
The only problem I invision is that the mobs should all be around lvl 63 and you might need to be extremely well geared to farm this in Inferno mode consistantly.
Also, when you first take the Cursed Tower lvl 1 WP, a group of elites will sometimes spawn on the lower ledge right next to the WP. You can safely take this group down from the higher ledge using the gap to your advantage. Just watch out for Mortars/Vortex/Teleporting groups xD.
0
I am absolutely enjoying playing D3 but Torchlight 2 is looking an awful lot more tempting now than it did a week ago.
0
0
Mass Confusion- Wasn't expecting to be able to kill the confused enemies, thought they would be considered allies at that state. It surprised me anyways xD
0
You should have also mentioned that it was only hard in D2 to level up from about level 60/70ish to 99. You could get to level 60 in a day.
0
Legendaries probably could use a bit of a buff, then again I haven't seen to many and compared them to similar level magic/rare items. However, if they make legendaries clearly superior than it will be just like D2. Everyone will be wearing the exact same gear at the end of the game and they will be farming to find 'perfect' pieces of the exact same gear they are wearing. If rares and magic items are viable alternatives than this won't happen, atleast not to the extent of D2. I've only got one Legendary item but it is better than any other items of the same type that I have found.