[WARNING] I got my account hacked

Hi,
My account was hacked a few months ago. I lost all the currency and gear that I acquired playing this game since beta. The only "help" that grinding gear support gave me was an advice to change my password in my email account...
But if you think for a minute. Who would invest time and energy to hack PoE accounts ? There is no money involved. You cannot steal the cosmetic enhancements, effects or additional tabs.
OK maybe some players manage to sell exalted or specific gear against hard cash on specific websites, but to me this seems far etched.

When I got hacked, and before I realized it, a friend of mine "saw" me playing (even though I wasn't, the hacker was). He had accepted a friend request and was simply transfering all my stash to his friend.

Again, would a real hacker bother ? In addition, according to GG, they would have needed to hack my email account. Obviously, it is substantially more difficult account to hack, yahoo or google than it should be hacking gg servers. And if that had been done, the hacker would have needed to hack my PoE account AND my email account. Since my PoE account was reseted, it meant that an email request should have been sent to my email account and I should have noticed it.
Unless he took extra pain in hacking my email account, receive the email reset confirmation, change my PoE account and delete the email afterwards. All of this to get access to PoE with no financial gain involved ? I do not believe it one bit. What I think is that some kids managed to find my username which is not hard to do and simply used one of these tools:

[Removed by Support]

I do not know if that works (I am not crazy enough to download a software from a self admitted hacker). But it took me one google search to find it. Assuming that it is working (or that a similar tool is working). Hacking a PoE account is something any PoE user can do easily. It seems to me far more realistic than having a real hacker hacking my PoE account and my email.

Needless to say that I gave up playing PoE, even though I loved this game and had started playing when there were only 50'000 players compared to the millions they have now.

Hopefully GGG should have tightened their security, because to me the weakness is at their level. If a hacker could develop an automated tool to access any account automatically, then there is a flaw in their security. I do not believe that such a thing is as easily achievable on a google or yahoo account.

Well, I am not bitter, just sad, because I really enjoyed this game.
Hopefully someone at GGG will see this post and reassure players that such tool cannot work anymore.

Cheers all

It happened to me too.

I used no 3rd party programs or something like that. I lost money at paying to steam. But I lost no PoE items. Of course I deleted everything from my HD and installed windows and everything else again and I changed my E-Mail password and made it very loooong. THAT'S the only way to get rid of a Computer Virus.

I think some games are hacked in general. What games did you play before you got hacked? Perhaps we can find out something what all of us did.


I played DayZ Standalone and Trackmania 2 before (or while?) I got hacked. I don't trust both games anymore.

And why the hell I lost the Supporter Sign? I bought a Support pack as the game was in beta status. I have the Rhoas pets but no support tag anymore? WTF?

"

edessiex написал:

Hi,
But if you think for a minute. Who would invest time and energy to hack PoE accounts ? There is no money involved. You cannot steal the cosmetic enhancements, effects or additional tabs.
OK maybe some players manage to sell exalted or specific gear against hard cash on specific websites, but to me this seems far etched.

Again, would a real hacker bother ? In addition, according to GG, they would have needed to hack my email account. Obviously, it is substantially more difficult account to hack, yahoo or google than it should be hacking gg servers. And if that had been done, the hacker would have needed to hack my PoE account AND my email account. Since my PoE account was reseted, it meant that an email request should have been sent to my email account and I should have noticed it.
Unless he took extra pain in hacking my email account, receive the email reset confirmation, change my PoE account and delete the email afterwards. All of this to get access to PoE with no financial gain involved ? I do not believe it one bit. What I think is that some kids managed to find my username which is not hard to do and simply used one of these tools:

I think you underestimate people and how desperate they are or how easy it is for them to have that sort of access. Got hacked once on my blizz account years ago, changed my email domain to gmail and haven't been hacked since in any game.

If you got hacked in two games... I suggest checking to see if the email address you're using is actually secure.

thanks for your reply.
To clear things out, I had my PoE account hacked only once ! And I still not believe that my email account was hacked. I do believe that a hacking tool was used (I posted the link to one of those to support my argument, but it was removed by the admin). If this tool is indeed working (I will not try to install an exe from a self admitted hacker), then it is easy as pie to hack a PoE account and without any need to the email address. On the page of that tool, the hacker mentioned that the tool had been used 800 times with 99% success and it was in 2014...

Anyway, my point was just that it does not require huge skills to crack a PoE account with one of those tools if GGG had some security issues. Hopefully they are aware of this problem and that they have tightened their security since then.

Cheers

IMO there is more to the story, there has to be a reason a "hacker" would want what you have.

The question that I wonder is why you? why not someone who has better items and more currency?
How did they know what you had to begin with?

Either of these I think applies to this situation.

1. You showed a friend what you have they wanted it and decided to fuck you over.
In the past you may have given them access to your steam for something but never changed info so they still had access to your account.

2. You downloaded something that had something to do with poe and in it there was a keylogger that you gave permission to run and allowed it to be white listed in your security programs so you would be able to use it.

3. You gave your info to a friend told them to jack your shit so you could tell GGG you got hacked in hopes they would "hook" you up with the items again giving you and/or your friend more assets.


People don't just get hacked out of nowhere, there was a reason to why this happened to you and not others.

If this was a random event then there is a problem, but as of now I do not see anyone else saying they got hacked.

A past account hacked read here ----> https://www.pathofexile.com/forum/view-thread/1409677


EDITED: Added link to someone who thinks procurement got them hacked.

"

maciemace написал:

IMO there is more to the story, there has to be a reason a "hacker" would want what you have.

The question that I wonder is why you? why not someone who has better items and more currency?
How did they know what you had to begin with?

Either of these I think applies to this situation.

1. You showed a friend what you have they wanted it and decided to fuck you over.
In the past you may have given them access to your steam for something but never changed info so they still had access to your account.

2. You downloaded something that had something to do with poe and in it there was a keylogger that you gave permission to run and allowed it to be white listed in your security programs so you would be able to use it.

3. You gave your info to a friend told them to jack your shit so you could tell GGG you got hacked in hopes they would "hook" you up with the items again giving you and/or your friend more assets.


People don't just get hacked out of nowhere, there was a reason to why this happened to you and not others.

If this was a random event then there is a problem, but as of now I do not see anyone else saying they got hacked.

A past account hacked read here ----> https://www.pathofexile.com/forum/view-thread/1409677


EDITED: Added link to someone who thinks procurement got them hacked.

These scenarios seem to be the most likely to me. The last few pages read like a conspiracy theory of procurement used to hack, GGG purposely being weak on security, and/or "give me my stuff back!" lying in my view.

Not specifically calling out OP since I have no evidence and you really could have been flat out hacked out of the blue, but I see red flags on almost every page that make me skeptical about the situation.

USE DIFFERENT PASSWORDS ON DIFFERENT SITES. I have ONLY ever been hacked on stuff I used old passwords or identical passwords on. Fortunately it was just things I left insecure on purpose because they were throwaway accounts.

The majority of account compromises are from one website database leaking its user info, and then the hackers try the username and passwords on more secure sites (and get in quite a few).

Use a different password on everything!!!!!!!!!!

A lot of tin foil hat and paranoia in this thread.

Bottom line is that GGG are not responsible for the security of your account past a point.

So long as they give you the means to keep it secure (which they have)

If the OP is running through steam, then they use pretty much the same sort of security.

Stuff like "i use a very complex password" means nothing to a keylogger, all you need to do is login to your email and game at some point, complexity only stops brute forcing the account.

Stuff like "i didn't receive the unlock code" is a load of rubbish.
You got it, the hacker read it, then deleted it after using the code...sometimes if the hacker is being lazy you'll find the email in the trash.

Stuff like "i have good security"(or having multiple layers) that's nice an all but most of these work from a database and compare known security risks to that list...that list is updated almost daily...the fact is that someone can write a new one up that isn't on the DB and can wreak havoc until it's added to the database of the security programs.

Blaming it on GGG dose not work, if they were hacked then anyone with a high value account would be hacked in short order from the time you were hacked.
Same deal with procurement.

"

Alysma написал:

"

DeltaWing написал:

And why the hell I lost the Supporter Sign? I bought a Support pack as the game was in beta status. I have the Rhoas pets but no support tag anymore? WTF?

Go to your profile, there now is an extra tab named "Badges". All the Supporter titles you have are now there and you can choose which ones to showcase, i.e. to appear under your avatar, by dragging and dropping titles from the right to the "Showcase" on the left.

Thank you!