What just happened Method?

[Lord Pebbleton]

Why, Method?
Whyyyyyyyyyyy.

*Falls on his knees and raises fists at the sky, screaming.*

[Aqua]

Pray tell me what are the chances of that happening.

A concentrated hacking attack on a high profile guild officer? It's not that too far out of the ball park.

It's not ALWAYS Chinese gold farming websites with scripts and trojans, occasionally it can be some jackass with malicious intent.

And it DOES happen. I implore you to remain skeptical in most cases but... there are cases. Especially if you use the phone app, I don't trust that thing as much as the key ring.

Anyway, who cares, my guild regularly trims the guild fat... every month in fact, if you haven't logged in in a month and not given a written and valid excuse on the forum, you've just won a kick. So if it's that... then whaaatever.

[Deleted]

The new mobile security feature if not filled in allows them to remove your password and authenticator if they get into your e-mail.

[Sierra85]

if an officer was targeted by asian gold farmers to ransack the guild bank, i would expect blizzard to do some serious detective work and to press real life charges against whoever IP it is backlogged to.

[Ninotchka]

if an officer was targeted by asian gold farmers to ransack the guild bank, i would expect blizzard to do some serious detective work and to press real life charges against whoever IP it is backlogged to.

Honestly, I don't think that Method deserves 'serious detective work' from Blizzard any more than Joe Schmoe guild leader from some server-12th guild deserves it. OK, their raid group is world's first elite but this incident proves that they're as human and vulnerable as any other guild in the game. Blizzard should look into it, yes, but giving them a whole strike squad treatment would be wrong.

Hacking anyone's account to sell gold is wrong. Just because Method is the victim doesn't mean that the perpetrator should get any heavier treatment than any other hacker.

[Not Againnn]

You know you can still get hacked even with an authenticator, right?

no i dont think so.

10char

[Osmeric]

no i dont think so.

10char

No, there are ways it can happen. "Man in the Middle" attacks, for example.

[blackblade]

Pray tell me what are the chances of that happening.

There's several ways to do it.

First is the "Man in the middle" attack, where a trojan captures your auth key and credentials and steals them before they reach the server. They send the server false information, so it returns an "invalid password" error to you, while quietly whisking the valid info back to the attacker (who has approx 60-30sec to log in)

Second is "Social Engineering", where you capture the credentials of the user, send a note to blizz customer service saying "I've lost my authenticator, I need it removed so I can apply a new one" they ask for your secret question, date of birth, and a product key of any game attached to your account. You can mine the first two simply enough by googling around facebook, twitter, etc getting "happy birthday" messages with a date-stamp. Worst case is that you have to send them a photoshopped scan of a driver's licence. (Which, btw, is fraud.) to get around the product key issue.

I'm sure there's several other valid ways to undermine the system.

There's no such thing as "Perfect" when it comes to security. Things have gotten better, but in a world of humans every system we create and maintain is inherently imperfect and susceptible to manipulation.

[Deleted]

Shame they didn't just quit. The more hardcore guilds leave the less they whine about the game being improved for casuals. The game can get by just fine without any of them.

The raiding culture keeps this game alive, with only casuals this game wouldn't last another month, and there would be 0% public attraction.

[fps90]

How did this reach 5 pages?

Why do you people care about a guild/people that you will never be involved with?

[chrisisvacant]

There's several ways to do it.

First is the "Man in the middle" attack, where a trojan captures your auth key and credentials and steals them before they reach the server. They send the server false information, so it returns an "invalid password" error to you, while quietly whisking the valid info back to the attacker (who has approx 60-30sec to log in)

Second is "Social Engineering", where you capture the credentials of the user, send a note to blizz customer service saying "I've lost my authenticator, I need it removed so I can apply a new one" they ask for your secret question, date of birth, and a product key of any game attached to your account. You can mine the first two simply enough by googling around facebook, twitter, etc getting "happy birthday" messages with a date-stamp. Worst case is that you have to send them a photoshopped scan of a driver's licence. (Which, btw, is fraud.) to get around the product key issue.

I'm sure there's several other valid ways to undermine the system.

There's no such thing as "Perfect" when it comes to security. Things have gotten better, but in a world of humans every system we create and maintain is inherently imperfect and susceptible to manipulation.

Uh, no. You cannot get the answer to a secret question easily enough.

[Osmeric]

The raiding culture keeps this game alive, with only casuals this game wouldn't last another month, and there would be 0% public attraction.

"The Fly and the Chariot", by Aesop

There was a chariot racing around the stadium, and on that chariot sat a fly. As a great dust arose, both from the pounding of the horses' hooves, and also from the turning of the wheels, the fly exclaimed, "Oh what a mighty dust I have stirred up!"

[rated]

Shame they didn't just quit. The more hardcore guilds leave the less they whine about the game being improved for casuals. The game can get by just fine without any of them.

I would rather get rid of people with attitudes like yours before we get rid of hardcore raiding guilds.

[Harmzuay]

You know that to do so you have to have a system so ridiculously infested with malware and other garbage that you might as well be beta testing viruses for a living?

Seriously, don't spread garbage like that.

You're not a very bright person. That's all I'll say on the matter. Thanks for your response.

[Eternal Ice]

Shame they didn't just quit. The more hardcore guilds leave the less they whine about the game being improved for casuals. The game can get by just fine without any of them.

Elite hardcore guilds like them couldn't care less about LFR or casuals wearing epics, the people demanding LFR to be removed or make it to drop only blues are hardcore wannabes that can't even finish normal mode and want LFR removed so they can feel "leet" with their awesome 4/12 normal progress.

[Phookah]

How many people in North America would be interested in ice hockey after all NHL teams quit permanently (players going to their lives, not continuing playing) and upon interviewing them, they'd say: "Ice hockey sucks, all it left behind was physical injuries."

Well if they were truly interested in Ice Hockey it really wouldn't matter where the hell it was coming from, eh?

[Deleted]

Shame they didn't just quit. The more hardcore guilds leave the less they whine about the game being improved for casuals. The game can get by just fine without any of them.

the real hardcore guilds don't whine about that , it's the guilds/players that think they are hardcore and elite that do that.

[GrieverXIII]

They have officers in a guild like that without an authenticator? ROFL, how sad.

You can still get hacked with an authenticator, specially if you're a prime target (like being the officer of one of the most succesfull raiding guild) for serious hackers (ie, not the usual script kiddies but criminals that actually what they're doing).

- - - Updated - - -

Uh, no. You cannot get the answer to a secret question easily enough.

You can by, for example, obtaining a copy of government issued documents and send them to Blizzard. And it has hapened before to Hydra (10+ times R1 EU Priest) at the end of S11. Yes, its criminal identity theft but aparently it doesn't stop some people.

Edit : Cool another thread filled with LFR drones parroting the same absurdities again. Sigh.

[Mtburn]

Most members rejoined already, so probably someone with the ability to guildkick got hacked

[Harmzuay]

No, we didnt disband, still raiding tonight with monk, 10man alt+friend run 18:00!
Maybe some new heroics! http://twitch.tv/treckie

/10chars cause quotes don't count.