Curse

Jo0707 · Jan 15, 2011, 05:57 PM // 17:57

My GW account was hacked this week too. I tried several times to log in on the 13th but my details weren't recognised. I kept getting Code 227 I think it was. I did not get any emails to say my password had been changed.

Had no idea what was wrong was so sent a text to some guildie friends, one of which logged on and noticed that I was down as having left the Guild that same day (I am/was an Officer in my Guild) I immediately got to changing my password and got logged in only to find all my Elite armor's going including the Monk Obsidian armor (my Husband and fellow Guild members secretly got me the gold and materials to get it all, as a thank you a couple of years ago), all of my backpacks gone, all of my weapons gone, all of my materials and dyes, all weapon and armor upgrades plus about 200 platnium.

I have contacted support, but I haven't heard anything back. I'm surprised they don't reinstate stuff I mean if you have stuff dedicated in HoM that proves that you had them so no reason that they couldn't reinstate things, and even without HoM, they must be able to tell what you had on your account. Maybe its just too much trouble.

I'm really upset about my Obsidian, because of how i came by it. I doubt that ever be able to get the materials again to ever get it back. But not only that, I had materials saved to get weapons for HoM as still have a way to go to complete for GW2 rewards.

But apart from all that, it's almost like a feeling of being burgled, its an invasion of your privacy, its 5 years of work just snatched away and it makes me feel hurt and angry

ToKookK7 · Jan 21, 2011, 12:34 AM // 00:34

Add me as another person who just got hacked this week. Had only one toon cleared out though, all the other characters were left alone for some odd reason. Only one toon wiped nearly clean and my storage was raided. All other characters were left alone (even my main).

Edit 1: Support has locked my account and is verifying whether I am the account owner or not.

kalitnrun · Jan 25, 2011, 01:10 PM // 13:10

got hacked too...lost 1000 plat and a ton of arm-braces and gem-sets...i couldn't be bothered to play again...there's no way im farming that again. Heh it was fun while it lasted but im done with GW

Poisoned Hunter · Jan 25, 2011, 07:31 PM // 19:31

Ehh since everyone is saying that they got hacked. I might as well add myself as one of the victims.

I also did not receive an email that my password had been changed. I emailed NCSoft and they told me that gold sellers hacked into my account and blocked it. After I sent them some information about the account (like serial codes and personal information), they unblocked it for me. Everything that was worth more than a few plats was stolen. All materials from the materials tab were stolen, superior vigors off armors and also weapons. It's quite frustrating =/

When I changed my password I received an email to tell me of the change. However I didn't have an email before this incident about the password change by the hacker. I emailed ArenaNet telling them why they didn't alert me when my password changed and havn't gotten a proper answer (only that their system is very secure like banks etc...). I'm also thinking it's a bug or something from their side.

They also told me to scan my computer and check for viruses/keygens. It's the most possible way one could have gotten inside my (and the others above me's) account. I never shared contact information with anyone, never traded with an RMT, never sold real life gold, never traded with someone suspicious, etc...

I'm really worried, as this is the Second time that I've been hacked by the same goldsellers. I doubt my account is safe anymore. Sigh.

Ariyen · Jan 26, 2011, 06:52 PM // 18:52

I had my account hacked on the NcSoft website and all of that was locked down. I was playing my monk at the time...
It took me a while to get my stuff back, but all I can say is change your passwords and don't have your master account pw be the same as your game account pw.
Also, don't combine game accounts into one master account either.

Laraja · Jan 26, 2011, 07:42 PM // 19:42

Also, never ever let your computer store passwords. Use the tools provided with your web browser to delete stored passwords after every session, you can set this up to automatically happen when you close the browser. I know you can't 'store' GW passwords, but that doesn't matter if you use the same password as GW for other sites. Use different passwords for anything like online banking, ebay, paypal etc...

And never underestimate the usefullness of a secure home firewall. Have your firewall return nothing if it's pinged so its invisible. We're so paranoid, we have two firewalls.

I used to be a UNIX engineer that specialized in hacked systems. Random bullshit passwords are the best. Go to a random name generator of your choice, plug in some silly answers, replace some of the letters with corresponding numbers on your phone number pad and there you go. Do you use a lock for a bike or whatever? Use the lock numbers with some letters.

Anyway, just some ideas.

P.S. It also helps to be poor like me, lol.

Porkchop Sandwhiches · Jan 28, 2011, 07:52 PM // 19:52

My account was broken into a couple weeks ago as well. I highly suspect it's because the same email login I use for GW is attached to two certain game websites associated with GW and the passwords were the same. This is my own fault. However, I really wish you didn't have to use your email address to login your GW account. I run my browser with Adblock Plus, I scanned with two virus scanners, and I always have FireFox clear my data. It would be nice to know for sure how my information was obtained, but I am assuming my information was taken from one of those two websites.

Lost my Obsidian armor, ectos, plat, and they even took my dedicated tormented weapons. I went through the whole useless dance of having customer service lock my account while I got them my CD keys, etc. Luckily I had most things in the HOM already and some friends helped me replace my weapons, etc.

Anyway, I had the same problem several others are having. I never received an email when my GW account password was reset by whomever took my account, but I did receive an email when I changed the password. I noticed that you only receive an email once you have actually set a new password, not when you reset it (like, if you click on "I forgot my password" link).

ElinoraNeSangre · Jan 29, 2011, 12:53 AM // 00:53

This happened to me in another game (LOTRO); most everyone has touched on it, but my experience with this is:

-Never make your forum password the same. I suspect this bit me.
-Keep a file of all of your product keys. It's common for support to ask for this, and it's a pain to dig it up when you need it most.
-Try to use usernames/email addresses that aren't all over the place.
-Never click on links that ask you to fix your account or enter information. Only enter your information on a site if you explictly navigate to it. Always check the URL.

These are some of the things I've picked up over the years of watching this happen. ANet/NCSoft can't help other than to get the account back in your hands, prevention is the best policy. I hate that there's people out there that steal accounts, but they're not going anywhere.

As for those that have had this happen to them, you have my sympathy. The one time it happened to me, all that happened is that everything in my inventory was sold, but the gold was still there. I caught it within hours (and they were dumb and didn't change the password), and the leader of our group there has my number and texted me when he saw odd behavior.

sepraphim · Feb 06, 2011, 01:37 PM // 13:37

i got hacked a dew days ago too. i did not recieve password change notification, and i was on a break from GW because of exams. i was able to get my account back, and found out the hacker cleared my gold, and took my main toon weapon and tormented shield (which i dont understand why as they are customized)
i'm just furious.

shodannet · Feb 06, 2011, 10:47 PM // 22:47

Quote:

Originally Posted by Porkchop Sandwhiches

My account was broken into a couple weeks ago as well. I highly suspect it's because the same email login I use for GW is attached to two certain game websites associated with GW and the passwords were the same. This is my own fault. However, I really wish you didn't have to use your email address to login your GW account.

What's lame is that you can't change the email address used for logging into GW; I contacted NCSoft support and they said theres no way to change it.

karateckie · Mar 13, 2011, 10:56 PM // 22:56

I got hacked on February 26th via my NCSoft account. Unfortunately, I didn't realize it until yesterday. When I went to login for the special drops weekend my password wasn't working, so I requested a reset password email, which I never got. I then went looking to login to NCSoft but had issues there too. Eventually I found an email from NCSoft on the 26th that my email address for my account had been changed. So they:
-Hacked my NCSoft account (somehow?)
-Changed the email address on the account
-Then reset my guild wars password via NCSoft

I have no idea how they got a Character name so they could login though, I looked through my profile here and don't see that I have my character names posted. i've been playing something like 4 years and in the past I know I'd posted character names for trades and stuff...so maybe that's how. A guildie can see that "I" last logged in 2 weeks ago (the day after they hacked me). Hopefully they just took money and crap and didn't ruin my armor/weapons etc. At least I've dedicated anything worth much in the HoM already.

I looked up the IP that changed my address and it was on the east coast. That surprised me, and makes me think it was likely a targeted attack (meaning someone who did some research and was able to find a character name of mine somewhere). I'm very computer savvy, working in IT for a living, and have of course scanned all my computers. Not to mention I can't remember the last time I've logged into NCSoft...so it couldn't have been a keylogger that did it for me.

I'm finding a lot online about NCSoft security compromises in the past, and am wondering if there isn't a current issue with their site. As soon as I get back into both accounts, I'm definitely unlinking my Guild Wars account if I can. My Guild Wars password was unique from any other by the way, but I can't remember what my NCSoft password was since I hardly ever used the site.

Anyway, just figured I'd add myself to the list.

Porkchop Sandwhiches · Mar 14, 2011, 09:52 AM // 09:52

Quote:

Originally Posted by karateckie

I'm finding a lot online about NCSoft security compromises in the past, and am wondering if there isn't a current issue with their site.

I have scoured the internet and the websites I use for guild wars trying to find the link between my email, password, and full character names and I have come to the same conclusion at this point. I have played MMOs for a good 10+ years and January was the first time any of my accounts had ever been hacked into. I also don't feel my guild wars account is safe in the least anymore and won't until I know for sure how my info was obtained. I'm waiting for the day I log in and everything I've redone is gone again.

karateckie · Mar 15, 2011, 02:27 PM // 14:27

Quote:

Originally Posted by Porkchop Sandwhiches

I also don't feel my guild wars account is safe in the least anymore and won't until I know for sure how my info was obtained. I'm waiting for the day I log in and everything I've redone is gone again.

Was your NCSoft account hacked first as mine was? If so have you considered un-linking your GW account from it? I don't know if that's a possibility but I will try and do so as soon as I get back into my account. I'm still waiting on a reply from support after sending all my info in to have my identity validated. I asked them for any details they could give on how my NCSoft account was accessed, we'll see if any additional information is available.

They said that my account was blocked due to it being accessed by gold sellers. Does anyone know if gold sellers tend to just take gold available on the account and quickly move it, or if they raid the whole inventory too? (In general). I know every case is different, but I'm hoping they just grabbed the gold and ran. But they probably ransacked the whole account.

Raven Wing · Mar 15, 2011, 05:16 PM // 17:16

AFAIK they won't let you unlink your account from the NCsoft account. I wish they would.
And I think they use to take all that can be sold to npc's, rare materials, black dye etc.
After that they like connect a bot to your account and use it to spam the gold seller messages until it gets caught. Or they use it for bot gold farming.
With some luck your chars will still be there with their titles etc, they cant make money from deleting them anyways.

Porkchop Sandwhiches · Mar 15, 2011, 10:52 PM // 22:52

Quote:

Originally Posted by karateckie

Was your NCSoft account hacked first as mine was?

I assume so, I had to reset my NCsoft account password as well. Most of the replies I got from the NCsoft customer service were all canned replies and my case wasn't really handled personally, so I wish you better luck in getting information.

All I know is that if Guild Wars had a few things that most other major MMOs had, accounts in this game would be far more secure. This includes: an auction house, official forums, a unique user login name.

Miss Merryweather · Mar 15, 2011, 11:37 PM // 23:37

had my old account hacked recently, took all my minipets and deleted my skirt from my elementalist lol, somehow they changed the password but i didn't get a password change email like i did when i changed it back to get my account back.

don't care about the items that are missing just feel bad that anyone who was in there could plainly see my home address in the "change mailing address" option in "edit account"

karateckie · Mar 16, 2011, 12:06 AM // 00:06

Well, I turned out extremely lucky. I just got access to my account again and I can't find that anything was taken. I'm not sure how it happened but it looks like before anything was taken my account got suspended. I was prepared to login to naked characters today. I think that I may have had less money than I actually do now, by about 40 platinum or so. Though I can't be sure because I can't remember precisely how much money I had.

Lyger · Mar 17, 2011, 12:01 PM // 12:01

Add me to the list. /sigh

I'm still scouring my own network activities to see where I slipped up - but I think my NCSoft account was compromised first. I'm very irritated since I thought I was very anal about my online security in terms of keeping up to date on anti-virus/malware, and in keeping all my logins anywhere totally different. Obviously I wasn't as careful as I thought!

Add me to the list of those who had passwords changed *without* receiving any notifcation emails.

How can someone change my NCSoft and GW passwords without my getting a single email about it? I didn't even get an email when I tried to reset my GW password myself.

I know that in 99% of cases like this, it's the user who is at fault in terms of the account getting compromised in the first place - but why is there no explanation on the lack of notification emails? Surely that's one of the very first and basic features of any password change/reset facility? It's obviously gone very wrong somewhere.

Don't know how much I've lost yet (going through the process of getting my account back at the moment) - but I'm bloody lucky I have my guild mates on msn, who let me know as soon as they saw 'me' log on when I was at work. Hopefully I got my account locked down before too much damage was done.

karateckie · Mar 17, 2011, 09:00 PM // 21:00

I wouldn't go so far as to say 99% of the compromised accounts are due to user error. There have been some MAJOR security flaws associated with the NCSoft servers. I'm not saying that's what let someone into my account or yours, but it can't be discounted. I have little faith in NCSoft security measures. I would like to be able to unlink my Guild Wars account from the NCSoft master account but unfortunately that's not possible it seems. And be aware, now that you have a support account with them your ticket will eventually be updated with everything you send them (keys, etc) which is needed to verify you are who you say. So if that support account were compromised the scammer could really have everything they needed to pretend they were you to NCSoft.

I only received one alert email from NCSoft when all this happened, and it was explaining that the email address had been changed on my NCSoft account. Once they'd changed the email address, all that remained was to reset my guild wars password (and I received no warning email since the address on my account had been changed). Perhaps this is the same email you should be looking for?

My question is...WHY can those things (password, email on the account, etc) be changed without a confirmation email, if hacking is such a problem. For instance, I need to change my email associated with NCSoft, so I try but have to verify the old email account is mine first. So I click a link they've sent me to the old account and voila! As long as you have separate passwords for the email/NCSoft accounts you're secure. I have much more faith that Hotmail, Gmail and Yahoo mail are secure against hacker attempts than I do in NCSoft. Anyway, say you can't access the old email account which is why you want to change it. Fine, but you have to contact NCSoft support at that point and go through the 50 questions about who you are. Many compromises would be avoided this way.

I'm not convinced it was anything on my part that caused my issue. I'm IT/security savvy and have scoured my computers to ensure they're clean. Honestly, I had forgotten my NCSoft master password, because it had been so long since I'd used it. And no other accounts, anywhere, had been compromised, so there was no keylogger on my machine. Anyway, I've started writing suggestions for NCSoft/Guild Wars security, and will post them soon to a new thread. I'm hoping to get feedback and more suggestions from other players, and to eventually send it on to NCSoft in hopes they will pay some attention to more simple security measures that they should already be taking.

I wish I were a fly on the wall in the server rooms at NCsoft...I'm incredibly curious about what security measures they actually are using.

Anyway, good luck with your account. Hopefully your situation will turn out like mine and you won't loose much, if not anything.

Kara

Nittle Grasper · Mar 17, 2011, 10:48 PM // 22:48

My account got hacked too

lost a ton of stuff, obby armor, tons of weapons which I had collected over the ages, all my materials. I can consider myself lucky because my sin had enough ectos on her to get me on my feet plus a few other things. However I must of catched a case of the stupid as it was pretty obvious that my sin was used for botting purposes at primeval tombs because my account was banned for botting. What did I decide to do after unlocking my account? You guessed it, farmed tombs, 10 minutes later dhuum came outta the ground and cut me a new one

. Working on reclaiming my account. Again.

I blame myself for not using a strong password, but I HATE myself because I had enough money to get 45/50 in HoM and I didn't.

edit: I think they got me through this website though as I'm pretty sure I had my main char's name under my username