1. #1

    Authenticator Backfire

    So many of you swear by your authenticators (even though there was that whole authenticator hack drama not to long ago).

    So I commended blizzard for the idea of this device. It has no doubt saved many from destruction. However one of the aspects I don't think Blizzard really ever considered as a problem, is one that many of us have witnessed happen. Those damnable gold farming bastards who steal accounts and stick authenticators onto them.

    What I find most amusing though, is where do these authenticators get shipped to ? Wouldn't that be some kind of way to trace the malicious bastards behind these attacks ?

    The reason I bring this up, is because as I am sure you have guessed. My battlenet account was hacked. I have not had a virus or trojan since the great blasterworm virus of 2003(?). The only thing I have ever had hacked was my paypal account around 2003 or 2004, when I was fool hardy to think I was fine with a 12345678 password.

    I still have no idea how my battlenet was hacked in the first place. I still have no virus or trojans or spyware. I have no out of the normal process running on my computer. Everything is typical windows shit or ati. The only thing out of the ordinary was when I logged onto the Remote AH beta. Oddly enough, the next day when I logged back on remote AH to see my auctions that sold, my gold suddenly dropped from 1700 on the character to 0. I just brushed this off as a bug of some kind with the RAH beta. Perhaps I was mistaken.

    Anyways, I am sitting here, laughing at my accounts 72 hour suspension for gold selling. But my laughter stopped when I tried to log onto bnet to play Starcraft II.

    I am curious to see what damage was done to my account though, and if the damage was singled out to just the alt char on the alt server.


    So now I am wondering what I should do with this free time I have until I finally get through to blizzard. I could study for my finals, but that's no fun. I just want to rush Void Rays at people =(

  2. #2

    Re: Authenticator Backfire

    You can download the software for a phone on to your computer and run the authenticator from that. it's free, no shipping involved, and they don't have a way to trace it (afaik). My guess is that is what the gold farmers do
    Did you think we had forgotten? Did you think we had forgiven? Behold, now, the terrible vengeance of the Forsaken! Death to the Scourge! And death to the living!

  3. #3

    Re: Authenticator Backfire

    You can also attach a single authenticator to an infinite number of accounts.

    In any case, that sounds more like a bug with the Remote AH beta, and I certainly hope you reported it, since that could mean a potential security loophole on the iPhone (or whatever you're using).

  4. #4

    Re: Authenticator Backfire

    So I assume you didn't have an authenticator?

    Then they can actually force hack your account, I don't believe Blizzards website or game is protected with a simple 'you can only attempt password x times'.

    If you don't have an authenticator of your own, get one, no matter how 'secure' you think your system is.

    This kind of crap will continue regardless, the only way for Blizzard to beat gold sellers is by offering it themselves by micro-transaction.
    I'm an altoholic since 2005.

  5. #5

    Re: Authenticator Backfire

    Quote Originally Posted by Eucep
    Then they can actually force hack your account, I don't believe Blizzards website or game is protected with a simple 'you can only attempt password x times'.
    Hahahahahahahahahaha... Wow... If you really believe that... Brute-forcing passwords is not as easy as in the movies, especially when you are doing it over the internet.


    Quote Originally Posted by soulfringe
    What I find most amusing though, is where do these authenticators get shipped to ? Wouldn't that be some kind of way to trace the malicious bastards behind these attacks ?
    There are weekly reposts on this forum and many others on how to get authenticator for absolutely free. That's the exact same method the gold sellers use. They do not buy the authenticators either.

    Quote Originally Posted by soulfringe
    The reason I bring this up, is because as I am sure you have guessed. My battlenet account was hacked. I have not had a virus or trojan since the great blasterworm virus of 2003(?). The only thing I have ever had hacked was my paypal account around 2003 or 2004, when I was fool hardy to think I was fine with a 12345678 password.
    So the authenticator is bad because you didn't care enough about computer security to buy one?

    This is going to be harsh, but certain things are best learned that way. If you use insecure passwords like 12345678 for something that involves real world money, you are probably stupid enough to do some other insecure things like using same 12345678 password on your WoW account, or register to some warez/porn site with same name/password you use to log in to WoW. Even if your computer is honestly 100% secure which I doubt, you can still very easily be "hacked" if you use same password on many places around the internet.
    Never going to log into this garbage forum again as long as calling obvious troll obvious troll is the easiest way to get banned.
    Trolling should be.

  6. #6

    Re: Authenticator Backfire

    Authenticators can be produced by those other than blizzard. They're easy to reverse engineer in order to make your own if you have the technical know how, but you won't be cracking one without the unique private key provided with each authenticator.

  7. #7

    Re: Authenticator Backfire

    as has been said before just get the mobile authenticator for your iphone or whatever it is you are running RAH on. its free.
    Quote Originally Posted by tkjnz
    If memory serves me right, a fox is a female wolf.

  8. #8

    Re: Authenticator Backfire

    Quote Originally Posted by vesseblah
    Hahahahahahahahahaha... Wow... If you really believe that... Brute-forcing passwords is not as easy as in the movies, especially when you are doing it over the internet.
    In some cases - it may actually even easier than in the movies:

    If you use insecure passwords like 12345678 for something that involves real world money, you are probably stupid enough to do some other insecure things like using same 12345678 password on your WoW account

  9. #9
    Bloodsail Admiral
    10+ Year Old Account
    Join Date
    Oct 2009
    Location
    The Island
    Posts
    1,089

    Re: Authenticator Backfire

    Just pray that when you do get back on you have the 10,000 Primordial Saronites and 20 choppers that the guy in the screenshot had :P.
    Skullmaster - Slathe - Duat - Tamriel

    Absolutely everything happens for a reason - Omnia Causa Fiunt.

  10. #10

    Re: Authenticator Backfire

    I think it's fun to see people, who think that they don't need an authenticator because their "computer is clean" or whatever, getting hacked.

    Also, Portal is free for 1 more day, it's a fun game, you could kill some time with it.

  11. #11

    Re: Authenticator Backfire

    Quote Originally Posted by vesseblah
    Hahahahahahahahahaha... Wow... If you really believe that... Brute-forcing passwords is not as easy as in the movies, especially when you are doing it over the internet.
    People essentially on this forum have straight up posted that people can magically shoot rays through the internet and steal your account.

    Denial, you see, is not simply a river.
    Quote Originally Posted by Zeal
    Authenticators can be produced by those other than blizzard. They're easy to reverse engineer in order to make your own if you have the technical know how, but you won't be cracking one without the unique private key provided with each authenticator.
    I have no idea what this is even supposed to be referring to.

    Of course people can make authenticators. It generates a random number from a seed. So what?

  12. #12

    Re: Authenticator Backfire

    Quote Originally Posted by vesseblah
    This is going to be harsh, but certain things are best learned that way. If you use insecure passwords like 12345678 for something that involves real world money, you are probably stupid enough to do some other insecure things like using same 12345678 password on your WoW account, or register to some warez/porn site with same name/password you use to log in to WoW. Even if your computer is honestly 100% secure which I doubt, you can still very easily be "hacked" if you use same password on many places around the internet.
    Going to start by saying getting 'hacked' isn't a very big deal, since Blizz is kind enough to fix it rather quickly and you usually get more stuff back than you lost. So in some ways its almost beneficial...

    Also figured I'd throw my input in here. I had my account stolen a month or two ago, since then I bought an authenticator. Hadn't really thought about it, was one who used the defense 'if you are not an idiot you won't get hacked'. So I just kind of put it off

    I used a unique password for WoW that I don't on any sites, have Avira anti-virus running full time. I don't really go to very many places on the net to begin with, don't download software or visit any suspicious websites. After it happened, I scanned my computer with about 5 different programs these sites recommended for cleaning keyloggers, not a single ANYTHING ever popped up, not even spyware. Nothing even labeled 'suspicious' popped up. My password had unique characters and numbers, not something I could see being brute forced even if that were possible. If i had a keylogger it would show some trace, some process or service or outbound traffic would raise some flag wouldn't it?

    And what bugs me is, if my password was that easy for a Chinese gold farmer to get, why is everything else I've ever logged into safe and unhacked? My ebay account, facebook, paypal, my online banking... possibly the forums I visit like mmo-champion. I didn't change any of those, haven't in years.

    Just saying

  13. #13

    Re: Authenticator Backfire

    i wouldent get the phone app..... a guildie of mine got it and was able to hack into his relatively easy in comparison to the actual authenticator(real life friend). so yeah go with an authenticator for security, but dont get the phone app.

  14. #14

    Re: Authenticator Backfire

    Phones are easy to hack.

  15. #15

    Re: Authenticator Backfire

    Quote Originally Posted by Iyenrith
    I used a unique password for WoW that I don't on any sites, have Avira anti-virus running full time. I don't really go to very many places on the net to begin with, don't download software or visit any suspicious websites. After it happened, I scanned my computer with about 5 different programs these sites recommended for cleaning keyloggers, not a single ANYTHING ever popped up, not even spyware. Nothing even labeled 'suspicious' popped up. My password had unique characters and numbers, not something I could see being brute forced even if that were possible.
    Did you ever at any point log into WoW or Blizzard's account management page or Blizzard forums from another computer during that time? Remember that the forums use same name/password as your account, and if you log into the forums from school or internet cafe from example, it's totally possible one of those computers was keylogged even if you did everything right. It can take weeks, sometimes even months from the actual password stealing to account getting raped by gold sellers.
    Never going to log into this garbage forum again as long as calling obvious troll obvious troll is the easiest way to get banned.
    Trolling should be.

  16. #16

    Re: Authenticator Backfire

    @soulfringe; you used remote AH on you iphone? here's your sign

    to everyone, these mobile devices are full of errors and are easy to hack, so far I read that the remote AH app is being hacked left and right, best thing to do is, use your iphones for ---------------- calling people only, It's a phone FFS!

  17. #17
    Deleted

    Re: Authenticator Backfire

    Quote Originally Posted by Lark
    People essentially on this forum have straight up posted that people can magically shoot rays through the internet and steal your account fry your motherboard.
    Fixed that one for you.
    Quote Originally Posted by Strages
    I got hacked several months ago, got all my gear and gold back, but I learned my lesson, and got an authenticator, +software that blocks hackers and sends a signal back to their computer and fries their motherboard. (Yes, that kind of software exists.)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •