Friends account got hacked, guarantee it wasn't their fault.

[Deleted]

There's at least 2 PDF exploits and 1 flash exploit out at the moment that allow remote execution. Every website you visit with an ad on it could potentially be a source of intrusion. Even with an ad blocker, some of them just hide the ads but they continue to execute in the background.

Point is, don't be so sure to point the finger. Evidence is required, and as such, blizzard have an obligation to release any information concerning security leaks if it could potentially compromise sensitive data. And this includes email addresses. You reckon sony would have wanted to release the info about possibly letting thousands of credit card details out?

Also, if there was a security flaw in diablo, I would have heard about it. People are trying, but nothing has been found (couple of interesting things in some of the packet headers, but nothing to indicate anything useful)



Also, if he's got any technical sense, he wouldn't post such moronic information such as "im too good to be hacked, must be blizzards fault". Any tech guy knows this.

[Deleted]

My WoW acc got hacked twice because of a flaw in firefox... was not able to find the trojan... tried to find the virus... found one.. cleared... there was another one...

Logged in again...hacked again... Blizzard restored twice.. and I loaded the app for my smartphone^^

At the end I also found the second virus... a week after the hack the library of Kaspersky was finally updated...

You are not safe without an authentificator... these Chinese / Russian basterds earn their money with hacking Bnet-accounts.

[Evil Inside]

This is going to blow up hardcore when the RMAH goes live. You can criticize me, you can choose to ignore what I had to say, but I know I'm right. I know this guy IRL, been friends with him for 8 years. He won't let anyone on or near his computer.

He doesn't play WoW, why would he buy an authenticator for Diablo3 before this happened? It's also pretty absurd to claim you need to have an authenticator or you're 100% going to get hacked.

You dont "need" one, if you dont have one then the risk you're taking is on you, take it from myself, im same as your friend there, virus scans and the lot and I still got hacked twice, and that stopped when I got an authenticator.

Edit: Why would you NOT have one in the first place when its free?

[Deleted]

How come everybody uses an authenticator? I have an active Blizzard account since summer 05 and my account has never been hacked... ever.

[Fawxey]

Nothing short of a Sony level database breach makes Blizzard responsible in this (which as far as we know has NOT happened). It's so monotonous seeing this unfounded rabble of Blizzard security. From the numerous online services i have used, Blizzard has provided THE BEST security features of all of them.

[blizzy]

How do i prove i am a Moron, what proof would be sufficient that all would acknowledge this fact? And if i could prove i was a moron would that not in fact in itself prove i was not

I know, it is not the topic of the thread but i am baffled

You, sir, win. Anyway, back to topic.

[Lilbruz]

This is going to blow up hardcore when the RMAH goes live. You can criticize me, you can choose to ignore what I had to say, but I know I'm right. I know this guy IRL, been friends with him for 8 years. He won't let anyone on or near his computer.

He doesn't play WoW, why would he buy an authenticator for Diablo3 before this happened? It's also pretty absurd to claim you need to have an authenticator or you're 100% going to get hacked.

So if you know you are right, and we cant criticize you...why the hell did you write this post ? To try to make Blizzard look bad ?

You dont really get it, do you ? It doesnt take someone else to go near your computer for it to get infected...all it takes is to surf to a known well visited site with an infected add on it, and without any browser precautions like noscript or addblock, BAM, you get infected. Im surprised your "I know all about IT security" friend dont know this stuff...its almost basic knowledge for a layman, and certainly common knowledge for people in IT.

But you know you are right, and we cant say otherwise...so why not just close this one down

[IdowhatIwant]

Didn't realize my moron statement would taunt people into trying to prove me wrong at any cost. I've said what I need to. Hopefully some people took it seriously.

[Verain]

If he didn't have an authenticator, then it was his fault. Sorry. I find your sig amusing. Perhaps you should take the time to consider a different point of view.

Exactly this post.


Maybe he logged on through a compromised network. Lots of ways to get hacked without having a keylogger on your box- that's just the easiest and most normal route.

It's also possible he got a keylogger on his box, of course, despite all your admonitions to the contrary. But if he really does practice safe computing, it's probably something between his box and Blizzard's that intercepted his login info.


But anyway, I'll bet you a million dollars he doesn't have an authenticator, and hell, you probably don't either, and blah blah blah.


Just get one. Seriously.

[Evil Inside]

How come everybody uses an authenticator? I have an active Blizzard account since summer 05 and my account has never been hacked... ever.

Its worth it for the extra peace of mind, I've been hacked and its not fun.

[Deleted]

Its worth it for the extra peace of mind, I've been hacked and its not fun.

Maybe you are right. I have never really looked into it since I never had any problems. If I understand correctly the smart phone app is free of charge? Might give it a look tonight

[Xarkan]

Maybe you are right. I have never really looked into it since I never had any problems. If I understand correctly the smart phone app is free of charge? Might give it a look tonight

Yeah the app is free

[Bitlovin]

How come everybody uses an authenticator?

That's kind of like asking "how come people having sex are using condoms?" Or "how come all these people have locks on their door?"

[Nest]

I'm the same, I don't go into fishy sites and I know how to keep my computer secure.
Joined 1 public game on my guest pass D3 account, next day I got email from Blizz that my password has been reset.

[Grraarrgghh]

Does he update Java, Flash, and every other app on his computer constantly? Or does he let them lapse for a week or so sometimes?

Those open potential exploit holes. Security means going through 30m of updates everytime you boot up.

Get an authenticator.

[Dhrizzle]

Didn't realize my moron statement would taunt people into trying to prove me wrong at any cost. I've said what I need to. Hopefully some people took it seriously.

I hope they don't, I hope everyone laughs at your friend and his pretensions of being a security expert then goes to get themselves an authenticator. There's no such thing as perfect security no matter what your friend has been teaching you over the past 8 years - if people want in to your system they will be able to get in. The trick is making it so the effort expended is not worth the rewards or, failing that, having enough security that it makes more sense to go after someone else.

[Evil Inside]

Maybe you are right. I have never really looked into it since I never had any problems. If I understand correctly the smart phone app is free of charge? Might give it a look tonight

The app is free yeah.

[Verain]

It's also pretty absurd to claim you need to have an authenticator or you're 100% going to get hacked.

I'm sorry you find the state of the internet absurd, and welcome your efforts to change it through activism that doesn't involve pretending that this is the fault of Blizzard.

So briefly:

1)- You can log on through a compromised access point.
2)- You can have one of many things snag you through any kind of browsing exploit. Since your friend probably runs some of Java, Javascript, Flash, and Windows, he's not very serious about security.
3)- Someone else can get on your computer and fail even if you won't.


So on the off chance he's fixed (3) and (2), he's still vulnerable to (1).


Stop pretending this is a Blizzard issue. Get an authenticator.




In a way, this is a good argument that cybercrime laws actually work, by the way. Because you'll notice that there's a lot more people using online banking, and that gets scammed a lot less often, because in ANY country, if you scam people's bank accounts, you can be prosecuted. But you think there's any penalty to stealing game accounts in China? No (enforced) laws, lots of sophisticated attackers, equals the results you see.

[Xarkan]

"how come all these people have locks on their door?"

Locks are like firewalls.. companies depending on selling locks have over exagerated the burglary problem and tricked people into buying locks

[rated]

Friends account got hacked, guarantee it wasn't their fault.

Okay sure, but you have yet to show any proof of this yet.