So is anyone going to post an actual link to an official Blizzard acknowledgment that something is indeed happening or are we just trying on our tinfoil hats?
both of these are already in the topic
No, Blizzard has acknowledged nothing, only that they're looking at something to see if it has any merit.
It's quite funny to see you accusing hundreds of people of lying on the main forum topics about this (anyone can see, he has the same user name- Im more than happy to post links)
Youre such a sad sack blizz fanboy you truly believe no amount of evidence could prove blizzard has done wrong. enjoy eating humble pie when blizz follows up with their annoucement detailing the issue.
And the blizzard response saying they are giving an update on it shortly is just part of the hoax?
Saying they are invetigating reports of a breach and will comment on it "soon" is in no way a confirmation of a breach. It merely confirms that Blizzard is taking any and all reports of threats seriously even if it is something on the user's side.
Just because gaming sites have people hacked doesn't mean anything other then they got hacked. It could be for various reason. Most of the time when someone gets hacked the automatically blame Blizzard because they think there is no way they could have been hacked otherwise. A gaming site having members hacked could merely mean the way to gain access to the accounts is from popular gaming sites, and not from Blizzard.
I'm not saying that it can't be a problem on Blizzard's end. I'm just saying it isn't the only possible reason. But you seem to be seeing nothing but Blizzard is at fault. Excluding everything else just for your own personal crusade is folly. Its funny you call me myopic when you are the one showing the signs of that.
I'm saying that nothing has been confirmed to be Blizzard and it could be other things. You are saying it is 100% Blizzard and 100% "session ID's" just because it was posted on the internet in a lot of places. Which one is being shortsighted? The one saying more then one thing is possible, or the one saying only one thing is possible?
I'm not dismissing alternative possibilites for my own crusade,
Im dismissing them because they are so statistically unlikely, it would be like considering the possibility of sprouting wings and flying out the window.
Youre such a sad sack blizz fanboy you truly believe no amount of evidence could prove blizzard has done wrong. enjoy eating humble pie when blizz follows up with their annoucement detailing the issue.
You have yet to provide evidence. People saying X happened is not evidence. Every professional news site I've read about this issue on uses the words Unconfirmed. If you have evidence of what is happening why are you not providing it? Could it be that you are the hacker responsible?
Insulting me does nothing but bring you closer to a ban from this forum. As I've said multiple times, and you ignore, Blizzard could very well be at fault. But nothing has been proven that they are. A theory is just a theory, and there are other possible explainations for what is happening that doesn't make Blizzard at fault.
I have nothing left to say on this subject until Blizzard has released their comments on it. There is even an article on Forbes now, lmao.
All that is left to do is wait for the confirmation, then harass every user that questioned me in these topics until I get banned.(mavfin being the most notorious, as he has literally been calling out individuals on official forums for being retarded and having keyloggers for thousands of posts)
I was hacked but I don't mind. At least I think I was.
All I lost was a few chipped gems and like 10k gold. And now because of that my system is 10x more secure with way more password diversity. So I considered it a good trade early on.
Still not entirely sure why a hacker would take chip gems from a stash and leave better gems in my gear.... and only take a certain number of gold and not leave it at 0... It almost looked like some kind of server-side error but I just assumed it was client-side. Its the safer option instead of just blaming b.net.
P.S - Scans (4 different ones) came back with some baddies too. It must be all those russian mailorder bride websites
Diablofans.com is an AWESOME website, and I've learned a ton on how to create the best builds for my Demon Hunter and Witch Dr. But the forum is also filled with people who are super emotionally attached to Blizzard and do not want to hear that they can do anything wrong. In fact, Blizzard hasn't done anything wrong. It's how a company reacts to a problem which shows its strength. At the end of the day, none of us KNOW if there is an exploit or not. However, it certainly sounds feasible. Especially since there are numerous accounts of people who have similar reports. Perhaps, a bunch of people coordinated these stories across a myriad of websites and made sure that their stories had enough similarities to make it look like there is a pattern. Or perhaps, if a person's account got raped and pillaged, then it was because her skirt was too short, her underwear was infested with malware, and didn't use an authenticator for protection. Over half the people on this thread have voiced the latter and blamed the victims.
Diablofans.com is an AWESOME website, and I've learned a ton on how to create the best builds for my Demon Hunter and Witch Dr. But the forum is also filled with people who are super emotionally attached to Blizzard and do not want to hear that they can do anything wrong. In fact, Blizzard hasn't done anything wrong. It's how a company reacts to a problem which shows its strength. At the end of the day, none of us KNOW if there is an exploit or not. However, it certainly sounds feasible. Especially since there are numerous accounts of people who have similar reports. Perhaps, a bunch of people coordinated these stories across a myriad of websites and made sure that their stories had enough similarities to make it look like there is a pattern. Or perhaps, if a person's account got raped and pillaged, then it was because her skirt was too short, her underwear was infested with malware, and didn't use an authenticator for protection. Over half the people on this thread have voiced the latter and blamed the victims.
+1 for someone else with a semblance of reason.
I didn't occur to me until you posted it, but this is a textbook example of victim blaming.
Fact is, there is as yet no confirmation of any kind of security leak on Blizzard's side. If they announce they found one, fine. Until then, it's all speculation, and I frankly expected a bunch of hacks to happen to no-authenticator people.
If it was nearly as widespread as some here claim, then at least one of the ~300 people in my friends list would have been hacked, and at least 100 of them have played public games daily since launch. Again, no hacks.
In lack of any evidence, I can only conclude that istreamer is overstating the issue. I'll believe it when Blizzard comes out and says it. Until then, it's the same as the stuff from the last 5-7 years where people hacked blame Blizzard and were wrong. Also, as far as what could create an incident of this size that isn't server-side? Simple. The launch of the game itself. The hackers can read calendars, too, you know. They're stockpiling gold to sell on the RMAH and other channels, and may very well have had a lot of machines compromised waiting for that very event. They just waited five or six days for people to build up gold so they could steal it.
I find that every bit as plausible as Bnet having a security hole that only affects D3, and doesn't bother WoW or SC2. The public game D3 session ID one is plausible, but then explain the no-public-game hacks, and also convince me of the scale of it. Again, I'm just waiting for Blizzard to look it over and tell us what they found. I imagine even if Blizzard has the public game issue, that a ton of the hacked have nothing to do with that issue, and are not Blizzard's problem.
I think if Blizzard truly had a security hole on the scale some insist, then we should see 5% or more infected with it, and then you're looking at 50K per million users, and we're not seeing that, either.
Diablofans.com is an AWESOME website, and I've learned a ton on how to create the best builds for my Demon Hunter and Witch Dr. But the forum is also filled with people who are super emotionally attached to Blizzard and do not want to hear that they can do anything wrong.
I actually find that refreshing about this forum with the cesspool of blind blizzard hate the mmo-champ forum has become.
Fact is, there is as yet no confirmation of any kind of security leak on Blizzard's side. If they announce they found one, fine. Until then, it's all speculation, and I frankly expected a bunch of hacks to happen to no-authenticator people.
If it was nearly as widespread as some here claim, then at least one of the ~300 people in my friends list would have been hacked, and at least 100 of them have played public games daily since launch. Again, no hacks.
In lack of any evidence, I can only conclude that istreamer is overstating the issue. I'll believe it when Blizzard comes out and says it. Until then, it's the same as the stuff from the last 5-7 years where people hacked blame Blizzard and were wrong. Also, as far as what could create an incident of this size that isn't server-side? Simple. The launch of the game itself. The hackers can read calendars, too, you know. They're stockpiling gold to sell on the RMAH and other channels, and may very well have had a lot of machines compromised waiting for that very event. They just waited five or six days for people to build up gold so they could steal it.
I find that every bit as plausible as Bnet having a security hole that only affects D3, and doesn't bother WoW or SC2. The public game D3 session ID one is plausible, but then explain the no-public-game hacks, and also convince me of the scale of it. Again, I'm just waiting for Blizzard to look it over and tell us what they found. I imagine even if Blizzard has the public game issue, that a ton of the hacked have nothing to do with that issue, and are not Blizzard's problem.
I think if Blizzard truly had a security hole on the scale some insist, then we should see 5% or more infected with it, and then you're looking at 50K per million users, and we're not seeing that, either.
What are you talking about? Nobody said there is a security hole and that 5% of people are infected with it. What is being reported by users through social media is that there is an exploit which allows hackers & want to be hackers to discover your unique gaming session number, log in using your session ID, you get logged out, and during that time, they transfer all of your items and gold to a mule account.
The similarities in the global conspiracy to make the non-diablo fanboys believe there is hacking include:
1. Only the character which played in a public game got hacked, while the other characters in the same account were untouched.
2. Their auction house stash and recent purchases (which could have been sent to their characters stash) remained untouched. This adds credibility to that only the public session ID was compromised and explains why the hackers did not have access to the full account (other characters and auction house).
3. People's accounts have been hacked indiscriminate of whether they have an authenticator or not.
4. The hacked accounts often have new "friends" (presumably used to transfer their items to).
It is a fact that there is a torrent of recent discussion about accounts being hacked. However, the fact that one of your 300 friends has not been hacked is not proof that there is no hacking going on. There are MILLIONS of people playing the game, the chance of one of your friends being hacked is less than one in 10,000. We are just blades of grass, there is a whole lawn full of targets. If not corrected, the exploit will continue to grow and grow as more people learn how to do it. However, what we can do is make fun of people who have been victimized, that will quiet them down and then the problem will go away.
OR, as protection you can
1. Avoid public games.
2. If you do play in public games, I would not use the shared stash which can get looted. I would create a new character who is in charge of holding valuables, including backup armor and weapons. This will not protect your gold, but will help you get going again.
I don't expect to change anyone's minds on this. As some have stated, they will only listen to people who type in blue.
As I told Khrul in a PM, if the public session ID turns out to be true, that still doesn't explain the posts where people had their passwords changed, etc. so, we may be dealing with two or three different types of problems.
The sessionID thing doesn't get anyone login info or AH access, as you have to log out of the session to get those. It also poses no threat to the AH other than the loss of items/gold, which Blizzard can and will replace if they left a hole there, most likely.
So, I guess that would mean those who report their passwords being changed are the normal client-side security issues, because the session-id will bypass the authenticator, sure as hell, but it won't give login info.
I was reading up about the hacking on European battlenet forums. In one post there are two reports from people who bought brand new computers days before the release of D3. If it isn't an issue on blizzards side than how do you explain this? The computers came from the factory with keyloggers allready on them?
"My roommate and one of my friends got hacked too, hacker even killed my roommates hardcore champpion. Both of them lost all items and money, blizard rolled back their accounts and both lost loads of items and lots of levels. Blizard also replyed that the account can only be rolled back twice. My rommates computer was just bought for diablo, he had almost no other programs, had not visited any suspicious sites and we ran a virus scan, but no keylogger or trojans were found."
It is kinda funny they killed off his hardcore character xD.
"Having spent a lot of money on blizzard products, and 100% knowing the hacking was nothing to do with me since my computer is literally 2 days old i feel like the least I'm owed and everyone else is owed is an explanation."
Here is a game reporter claiming she was hacked even with an authenticator, I'm not sure why she refers to herself in 3rd person. Maybe random people stating it got passed their authenticator isn't credible enough for some but here is someone with a bit more credibility stating it.
"This reporter, after having her own account with authenticator hacked, firmly believes this is a serious security breach on Blizzard’s side, though they either do not want to admit it, or are still unaware of the problem. Many who have had their account on Diablo 3 hacked were logged in at the time of the hack and support staff tells them there was no evidence of their account being hacked. That indicates there is an exploit in the system being taken advantage of."
I wished you were caught in that Ohio University shooting, how about that?
Lawless commies? Brush up on your general knowledge, hard knuck.
Maybe you'll get drowned and swept away one day in your endless numbers of tornadoes, floods and tsunamis.
Hopefully your authenticator will save you then.
Ok little girl, I'm done wasting my time going back and forth with you. Keep crying about your account, and get an authenticator. I did chuckle about getting swept away in a tsunami.. because Ohio is real close to the ocean with tons of major earthquakes that cause tsunamis over a thousand miles inland.
Just logged in again, and I'm still not hacked. Yay me for spending $6, boohoo for you.
Oh the irony.
Says the guy who comes in all guns blazing, criticizing people that has gotten their account hacked.
If you have nothing useful to say, just keep your mouth shut.
No will call you a mute.
Go back to your mother's basement and keep on jizzin' over your $6 well spent money.
BlizzardFanBoisFtw!
I wished you were caught in that Ohio University shooting, how about that?
Lawless commies? Brush up on your general knowledge, hard knuck.
Maybe you'll get drowned and swept away one day in your endless numbers of tornadoes, floods and tsunamis.
Hopefully your authenticator will save you then.
Ok little girl, I'm done wasting my time going back and forth with you. Keep crying about your account, and get an authenticator. I did chuckle about getting swept away in a tsunami.. because Ohio is real close to the ocean with tons of major earthquakes that cause tsunamis over a thousand miles inland.
Just logged in again, and I'm still not hacked. Yay me for spending $6, boohoo for you.
people are using an exploit to get into player's accounts even if they have an authenticator
It's quite funny to see you accusing hundreds of people of lying on the main forum topics about this (anyone can see, he has the same user name- Im more than happy to post links)
Youre such a sad sack blizz fanboy you truly believe no amount of evidence could prove blizzard has done wrong. enjoy eating humble pie when blizz follows up with their annoucement detailing the issue.
I'm not dismissing alternative possibilites for my own crusade,
Im dismissing them because they are so statistically unlikely, it would be like considering the possibility of sprouting wings and flying out the window.
You have yet to provide evidence. People saying X happened is not evidence. Every professional news site I've read about this issue on uses the words Unconfirmed. If you have evidence of what is happening why are you not providing it? Could it be that you are the hacker responsible?
Insulting me does nothing but bring you closer to a ban from this forum. As I've said multiple times, and you ignore, Blizzard could very well be at fault. But nothing has been proven that they are. A theory is just a theory, and there are other possible explainations for what is happening that doesn't make Blizzard at fault.
All that is left to do is wait for the confirmation, then harass every user that questioned me in these topics until I get banned.(mavfin being the most notorious, as he has literally been calling out individuals on official forums for being retarded and having keyloggers for thousands of posts)
All I lost was a few chipped gems and like 10k gold. And now because of that my system is 10x more secure with way more password diversity. So I considered it a good trade early on.
Still not entirely sure why a hacker would take chip gems from a stash and leave better gems in my gear.... and only take a certain number of gold and not leave it at 0... It almost looked like some kind of server-side error but I just assumed it was client-side. Its the safer option instead of just blaming b.net.
P.S - Scans (4 different ones) came back with some baddies too. It must be all those russian mailorder bride websites
+1 for someone else with a semblance of reason.
I didn't occur to me until you posted it, but this is a textbook example of victim blaming.
If it was nearly as widespread as some here claim, then at least one of the ~300 people in my friends list would have been hacked, and at least 100 of them have played public games daily since launch. Again, no hacks.
In lack of any evidence, I can only conclude that istreamer is overstating the issue. I'll believe it when Blizzard comes out and says it. Until then, it's the same as the stuff from the last 5-7 years where people hacked blame Blizzard and were wrong. Also, as far as what could create an incident of this size that isn't server-side? Simple. The launch of the game itself. The hackers can read calendars, too, you know. They're stockpiling gold to sell on the RMAH and other channels, and may very well have had a lot of machines compromised waiting for that very event. They just waited five or six days for people to build up gold so they could steal it.
I find that every bit as plausible as Bnet having a security hole that only affects D3, and doesn't bother WoW or SC2. The public game D3 session ID one is plausible, but then explain the no-public-game hacks, and also convince me of the scale of it. Again, I'm just waiting for Blizzard to look it over and tell us what they found. I imagine even if Blizzard has the public game issue, that a ton of the hacked have nothing to do with that issue, and are not Blizzard's problem.
I think if Blizzard truly had a security hole on the scale some insist, then we should see 5% or more infected with it, and then you're looking at 50K per million users, and we're not seeing that, either.
What are you talking about? Nobody said there is a security hole and that 5% of people are infected with it. What is being reported by users through social media is that there is an exploit which allows hackers & want to be hackers to discover your unique gaming session number, log in using your session ID, you get logged out, and during that time, they transfer all of your items and gold to a mule account.
The similarities in the global conspiracy to make the non-diablo fanboys believe there is hacking include:
1. Only the character which played in a public game got hacked, while the other characters in the same account were untouched.
2. Their auction house stash and recent purchases (which could have been sent to their characters stash) remained untouched. This adds credibility to that only the public session ID was compromised and explains why the hackers did not have access to the full account (other characters and auction house).
3. People's accounts have been hacked indiscriminate of whether they have an authenticator or not.
4. The hacked accounts often have new "friends" (presumably used to transfer their items to).
It is a fact that there is a torrent of recent discussion about accounts being hacked. However, the fact that one of your 300 friends has not been hacked is not proof that there is no hacking going on. There are MILLIONS of people playing the game, the chance of one of your friends being hacked is less than one in 10,000. We are just blades of grass, there is a whole lawn full of targets. If not corrected, the exploit will continue to grow and grow as more people learn how to do it. However, what we can do is make fun of people who have been victimized, that will quiet them down and then the problem will go away.
OR, as protection you can
1. Avoid public games.
2. If you do play in public games, I would not use the shared stash which can get looted. I would create a new character who is in charge of holding valuables, including backup armor and weapons. This will not protect your gold, but will help you get going again.
I don't expect to change anyone's minds on this. As some have stated, they will only listen to people who type in blue.
The sessionID thing doesn't get anyone login info or AH access, as you have to log out of the session to get those. It also poses no threat to the AH other than the loss of items/gold, which Blizzard can and will replace if they left a hole there, most likely.
So, I guess that would mean those who report their passwords being changed are the normal client-side security issues, because the session-id will bypass the authenticator, sure as hell, but it won't give login info.
Regardless, we'll see what the blues say.
I have been playing in public games all night. I'm shaking in my boots.
Battle.net Profile / Diablo Progress Profile
"My roommate and one of my friends got hacked too, hacker even killed my roommates hardcore champpion. Both of them lost all items and money, blizard rolled back their accounts and both lost loads of items and lots of levels. Blizard also replyed that the account can only be rolled back twice. My rommates computer was just bought for diablo, he had almost no other programs, had not visited any suspicious sites and we ran a virus scan, but no keylogger or trojans were found."
It is kinda funny they killed off his hardcore character xD.
"Having spent a lot of money on blizzard products, and 100% knowing the hacking was nothing to do with me since my computer is literally 2 days old i feel like the least I'm owed and everyone else is owed is an explanation."
Here is a game reporter claiming she was hacked even with an authenticator, I'm not sure why she refers to herself in 3rd person. Maybe random people stating it got passed their authenticator isn't credible enough for some but here is someone with a bit more credibility stating it.
"This reporter, after having her own account with authenticator hacked, firmly believes this is a serious security breach on Blizzard’s side, though they either do not want to admit it, or are still unaware of the problem. Many who have had their account on Diablo 3 hacked were logged in at the time of the hack and support staff tells them there was no evidence of their account being hacked. That indicates there is an exploit in the system being taken advantage of."
Ok little girl, I'm done wasting my time going back and forth with you. Keep crying about your account, and get an authenticator. I did chuckle about getting swept away in a tsunami.. because Ohio is real close to the ocean with tons of major earthquakes that cause tsunamis over a thousand miles inland.
Just logged in again, and I'm still not hacked. Yay me for spending $6, boohoo for you.
Battle.net Profile / Diablo Progress Profile
Says the guy who comes in all guns blazing, criticizing people that has gotten their account hacked.
If you have nothing useful to say, just keep your mouth shut.
No will call you a mute.
Go back to your mother's basement and keep on jizzin' over your $6 well spent money.
BlizzardFanBoisFtw!
people are using an exploit to get into player's accounts even if they have an authenticator
http://www.diablofans.com/blizz-tracker/topic/224290-battlenet-account-security-diablo-iii/