F-ck

BRK » 23 December 2007 » In Guild » 44 Comments

An AC officer’s account was hacked. He, of course, had full guild-bank access. Unfortunately he had cleared it out before we noticed he had reset to running Dire Maul as a bot.

First he logged on one toon, withdrew 500 gold, then logged the other, found out it was an officer, then raped the bank.money.pngothermats.pngmisc.pngherbs.pngTickets are submitted, but really we have little hope.

Merry Christmas.

Comments

44 Responses to “F-ck”

  1. Morannon on December 23rd, 2007 11:01 pm

    What a shame. And what a filthy jerk.

  2. Kef-Meister on December 23rd, 2007 11:09 pm

    Here’s to hoping AC gets a heads up from Greatfather Winter (and his little GM helpers). And here’s to a big ol’ lump of coal in that jerk’s stocking.

    Shame on them.

  3. Chuwlawn on December 23rd, 2007 11:09 pm

    So sorry for your guild BRK and all the work that went into building up that kind of stock.

  4. jumb on December 23rd, 2007 11:16 pm

    How did he get hacked?

  5. Pike on December 24th, 2007 12:28 am

    Ouch… I’m sorry to hear about that. =(

  6. Doomilias on December 24th, 2007 12:30 am

    Quick update – the account in question was recovered by the owner, and we are currently trying to get the GM’s to help us restore the items.

  7. Cheetara on December 24th, 2007 12:32 am

    ohmigosh! I am so scared that will happen! poor little BRK guildies!

  8. Marylin on December 24th, 2007 12:36 am

    oh bugger… that seriously suck big time :(
    really hope the GMs can do something about it for you guys.

  9. whills on December 24th, 2007 1:27 am

    you would think blizz can just follow the trail of the “tweeden” character and see what he does with the money. I would think all the transactions we make are in some kind of code.

  10. Nadim on December 24th, 2007 1:37 am

    They probably are in a log, but only keep a record of the last 30 – 50 transactions. This sort of thing is the main reason why my guild has put a hold on all guild invites unless we get to know the prospective guild member.

    Here is hopping that things work out with the GM’s.

  11. Svaren on December 24th, 2007 1:42 am

    Wow BRK, sorry that happened to you. Good luck getting it back but to be honest I’m pretty sure the GM’s won’t be much help. :(

  12. kunukia on December 24th, 2007 2:15 am

    :(

  13. Tarby on December 24th, 2007 2:50 am

    That sucks :(

    He get hit with a keylogger or something?

  14. Yaja on December 24th, 2007 3:03 am

    The GMs should be able to follow their logs to who this filcher sent all the items too I believe. If he used gamemail he’d be a moron, if he just did a straight char-char trade, it may be less likely to catch them.

    This is the kind of person who would steal from anyone, let alone in a game without hesitation… we should bring back old laws where if you get caught stealing you get your hands chopped off!! Or even have them put in a room with everyone they’ve stolen from and let them have ‘5 minutes of PLAY time’ with them… Especially on something like this which you would think someone was able to afford a computer, an account, internet etc, to be able to get access to do this sort of thing so they don’t necessarily ‘NEED’ to steal, yet they choose to do so anyways… /sigh.

    My daughter recently had her little stuffed McDonalds ‘Neopets’ stolen from her locker when she was going to the bathroom… if I ever catch the little shit that did it, they’ll be hard pressed to keep me from wringing their little neck to make them think twice the next time! Hard lesson to learn for my 9yr old… Sad to think you have to protect yourself from this sort of thing, but you do.

    F_ck is RIGHT…

  15. Yaja on December 24th, 2007 3:04 am

    Sorry, stolen from her locker at school……

  16. Scylloga on December 24th, 2007 3:11 am

    BRK my guild just recently had the exact same thing happen to us. One of our officers accounts was hacked by a mod that he DL from a installer package and the site had informed people that their database had been tampered with and gave a step by step on how to get rid of the logger.

    Unfortunately the mod in question had slipped by and nobody knew it was infected. So at 4 am server time the account was being used to clear our guild back and wipe us out dry. Not only did they get his main account he also had another account that they was able to get into. When the officer got the phone call from a RL friend that is in our guild telling him his toons was online and in (guess where) Dire Maul. He immediately logged on and went and changed pws contacted a gm and had the accounts frozen.

    In the end we have gotten everything back except a couple preBC patterns that aren’t worth complaining about. Just have to keep a open line of communication with Blizzard and they will take care of everything. IIRC it took about two to three weeks to get all the stuff back.

  17. Mark on December 24th, 2007 3:24 am

    I had my account randomly hacked a month or so ago. Blizz returned most items except any consumables and non-combat pets. I don’t know what they will do with guild bank items, but the personal process took 1-2 weeks.

  18. Doogie2K on December 24th, 2007 4:40 am

    I had this happen to me almost exactly a year ago (the early morning of Dec. 31/06). Now granted, I was but a lowly Level 54 in mostly greens and odd dungeon blues, but I got jack all back. However, a friend of mine who lost his stuff at Level 70 got it all back, and since this was a guild bank…maybe. I dunno, it’s hard to say.

    However, I most definitely feel your pain. Sorry to hear this has happened to you guys, especially at this time of year.

  19. Variety on December 24th, 2007 4:55 am

    What a total arse to do that at this time of the year, I can’t believe such people exist. Anyway, my ranting won’t help you out BRK, so I wish you – along with your guild – the best of luck
    getting all those items back. And could you please, when you find out who did this, post it, so we can all slap him?

  20. Dez on December 24th, 2007 5:19 am

    Only up side is blizz have all the items stolen listed on the bank tab. Having a word with mine after this to restrict access to fewer characters.
    Its only a game but Blizz have a responsibility to prove they are serious about keeping paying customers.
    Merry christmas anyway to all your guild.

  21. Someone on December 24th, 2007 5:50 am

    Sorry about that, but it’s time people start playing WoW more seriously!

    1) Don’t use “installers” for your mods: only .ZIP versions and do the work manually;

    2) Have current anti-virus, anti-spyware, and even a decent firewall (one that asks for OUTGOING accesses as well: this prevents any key-logger that slips through to “phone home” and hand over your details).

    3) The higher your responsibility in WoW (e.g., Guild Master, Guild Officer), the more you should enforce the above two.

    Yes, I know it’s hindsight, but for those to whom this hasn’t happened yet, it’s time to THINK about it and DO something. Don’t trust Blizzard to restore your stuff, because even if they do restore it all, it’s still a major PITA…

  22. Lienna on December 24th, 2007 6:05 am

    *cuddle* good luck getting all your items back, should have some luck with the screenshots of them. Plus who could deny BRK and risk getting attacked by a legion on hunters who know how to do MQoSRDPS?

  23. Anonymous on December 24th, 2007 7:28 am

    Someone left out four…don’t let anyone have your account info. I can’t tell you how many people I know have had “friends” get into their account and taken all. Much of the “hacking” that goes on is simply low level social engineering.

  24. B on December 24th, 2007 8:20 am

    BRK,

    I am so sorry to read your guild has such a bad experience. Our guild had it happen to us a couple of weeks ago. Good new though, he got everything back a couple of days ago and all the items removed from the guild bank were returned

    :)

    Good luck! and don’t give up hope!

  25. Galoheart on December 24th, 2007 8:23 am

    Sorry to hear about this BRK, man the plain outright suck! Anyone at anytime getting their WoW account hacked is bad enough and it sucks big time in so many ways as well as its frustrating to all the time one now has to put forth to recover a account as well as dealing with Blizzard to also recover a looted guild bank by a Hacker of an account.

    I really hope a GM at Blizzard can rectify the suitation. Blizzard should have a interest in providing customer recovery service in such instances as well when dealing with a entire guild bank system that they designed. I’m sure they have to have logs of all that happened. Can only hope things can be recoverable in this case.

    When it comes to other guilds and their guild banks people need to keep in mind that if you have valuables in your bank acessable by many at some point it can be compromised. Need to protect your PC as well from keyloggers that goes without saying as well as never ever sharing you password with anyone.

  26. Gun Lovin’ Dwarf Chick » The Day Before Christmas… on December 24th, 2007 8:40 am

    [...] I read today that BRK’s guild is going through a similar horror story. Sorry guys You all have our sympathies and [...]

  27. Hyouzan on December 24th, 2007 8:45 am

    This has been happening to my guild as well. WE have had 2 or 3 people hacked in the last few weeks. At first we thought it was keyloggers but as of late I found some very upsetting videos on youtube. I think it’s horrible that people are doing this and it’s even more upsetting that Blizz hasn’t even fixed the solution yet.

    FYI everytime I see a video of this behavior on youtube or where ever I report it as illegal activity. Join me in keep our accounts safe.

  28. Fahr & Bacon on December 24th, 2007 9:00 am

    I feel for your whole guild BRK. What a bummer.

    Good luck getting at least some of it back. I hope it doesn’t make Christmas too ugly in WoW. May Greatfather Winter smile kindly on the gifts you receive.

    ~Fahr & Bacon

  29. jmfries on December 24th, 2007 9:03 am

    We didn’t have a key logger or a hack steal from our guild, but a guildie. He took a bunch of stuff and money from our bank and gquit. Our Guild Leader sent in a ticket, the response? “Oh well, too bad, there is nothing we can do.” Can you believe that? Nothing they can do? ban, replace the items, download a virus on the little bugger’s computer(I know Blizz would get sued on that one, but a good idea to include that in the TOA, you break the rules, you get a virus. lol) It sucks to have a guildie steal from us, but it sucks more to see the GM’s doing nothing about it. I hope BRK’s guild has better luck.
    Alanor

  30. Zahana on December 24th, 2007 9:08 am

    Something like this happen to my guild a few weeks ago. From what I understand someone claimed to be an alt of one of our officers, emptied out the bank, then deleted the character.
    About a week later, a GM was able to restore just about everything. Be patient, and hopefully you can get everything back by New Years.

  31. Green on December 24th, 2007 9:38 am

    Devils Advocate.

    Sure that sucks! and I hope that the issue is resovled… But what I read is that the account appeared to have been hacked? But then the guy recovered his account. Any decent hacker would have changed the PW for that toon thus making it miserable for the true owner…

    No offense but could the guy have been upset or wanting to do something just to get the attention of others? Maybe he was lonely this Christmas?

    I’ll show them and withdraw it all from the bank and take all these items.. and make a little cash. Heck, I know blizzard is going to say that a player chooses to play their style. And that they can not do anything about it. Just like booting someone from your party after you take down a final boss in an instance. (Preventing them from well deserved loot and BoJ’s)

    Just wierd that he “recovered his own account”

    A good service:

    Get a list of all his mods that he had and put pressure on the ones who made them..

    Give us his security logs from his PC and firewall records.

    If the hacker was that stupid not to change the toons PW, then he is stupid for leaving us a security trail.

    But I still blame the owner of the toon. “Guilty until proven innocent”

  32. Mrs BRK on December 24th, 2007 9:55 am

    Sounds like Blizz needs to tighten its login procedure. Maybe like iTunes, you can have a few “registered” computers you can play on – registered by IP address. So if you travel and, say, want to play at your sister’s house, you have to call Blizz to add an IP addy *and* give them the secret question.

  33. Donald Pyers on December 24th, 2007 10:32 am

    My ip addr changes every 24 hours.

    Regarding the guildy looting the bank then quitting. Blizz can’t do much because it’s basically your word against theirs. They claim they were entitled to the loot and had permission. You claim they didn’t.

  34. corwyn on December 24th, 2007 10:32 am

    Sad. The nice thing about the theft of virtual things, is that they can be replaced at almost no cost. Blizzard can twiddle some bits, and you get all your stuff back. Thus the only down side is to Blizzard’s game economy, and thus they will be motivated to fix the problem somehow.

    Maybe it is time to lower the limit on all guildies for number of stacks that can be withdrawn. 1000 a day is more than you even have slots. 20-40 might be a more reasonable number. Unfortunately guild master always has the maximal number IIRC. Maybe a request to Blizzard can change that.

    Thank You Kindly,

    Corwyn

  35. Jaris on December 24th, 2007 10:35 am

    Sorry to hear bout your guild’s misfortune. :(
    I hope Blizzard is able to help you guys out.

  36. Hyouzan on December 24th, 2007 10:38 am

    @Green

    My roomie account got hacked earlier this year. The hacker gave it to him hard. They raped all of his toons, sent the money somewhere and then deleted every toon. Then the jack@$$ went into the account managemetn removed the payment informaiton, cancelled the account and then changed the password. When my roomie called Blizz they said that a request was made to delete the account.

    FYI, the GM we spoke to said once a toon is deleted the information about in-game mail and trades is deleted.

  37. Ahoni on December 24th, 2007 1:07 pm

    @jmfries

    Thats your guilds fault, and Blizzard should do nothing. You had stuff stolen by someone you gave access to your guild bank. If I give someone my ATM card and pin number, I can’t call the police and say they stole from me. I gave them access. Our guild, only officers can withdraw.

  38. Green on December 24th, 2007 1:07 pm

    @Hyouzan

    I think that WoW should implement a two-factor authentication. When you buy the game or updates. It somes with a keyfob that has a digital password that changes every minute or so. (Look up secure ID) or whatever… Thus the hacker would have to get your ID, PW, and key fob for access. Very hard unless they get that physical piece.

    We all spend $ and time which is worth alot.. and to get hacked is a violation and I often wonder if it has a digital right. It’s identity theft…. after all and there could be some legal ramifications.

  39. Blizzard: The Grinch? | Kestrel’s Aerie on December 24th, 2007 2:43 pm

    [...] it’s happened again, this time to an officer in Aetherial Circle (BRK’s guild on Drenden). The account holder was able to recover the account, briefly, but [...]

  40. jmfries on December 24th, 2007 3:18 pm

    @ Ahoni

    Are you kidding? I hope so. We gave access to a person in our guild who has been a member (and a mid-level officer) for a while, not some new guy off the street. We have no access for the lowest rank in our guild, and we don’t hand out promotions like they are Santa Bucks or anything. And equating my personal bank and a “guild” bank is rather tenuous don’t you think. The guild bank is for the GUILD, not personal, private use. We also have instituted a cap on items and money withdrawals per day. But in fairness, they big picture is the moron hacks who do stuff like BRK’s guild (and so many others) are going through. It sucks, and I hope Blizzard takes care of ya.

    Alanor

  41. jmfries on December 24th, 2007 3:21 pm

    @ Ahoni,

    After reading my last post, I thought it may sound a little harsh. That was not my intent. I mean no disrespect. Merry Christmas :)

    Alanor

  42. Gun Lovin’ Dwarf Chick » Alright Listen Up… on December 26th, 2007 5:58 pm

    [...] accounts are being hacked.  Does it matter if they could have prevented it, if they should have been more vigilant, whether [...]

  43. Ttrust on April 8th, 2008 12:30 pm

    I recently had my account hacked, tried to log in, couldnt. Went and did a password recovery. Found myself in dire maul. I am the gm of a 25 man raiding guild trying to get into ssc. We were in the proccess of making two nature resist sets and two frost resists sets. Each set takes 72 primals each from two schools. Plus, and this is what killed me, i lost 250 badges. They spent them on nether vortex and sold them.

    I got my toon back around 4 hours after the guild bank was robbed. of course the whole guild is helping me find the names of people selling the loot on the AH. I estimate around 30k worth of items. Got in narrowed down to three names. Added them to my friends list and now three days later i am still seeing these lvl 1 toons log in and out in sequence to collect money.

    This leads me to my question. If a person can get banned for rude behavior, harassment and items like that. Why are these lvl 1 toons able to come and go even when the names were given to a gm and it was obvios by the numbers and items it was stuff from our guild bank.

  44. Hacking … - Le Repaire de Sellia on February 6th, 2009 3:39 am

    [...] talked about this here and here.Breana here, here and here.Kestrel here.Skindancer here and here.Kinless [...]