Friendly hacker or "good" luck?

First of all this is not a QQ thread, I'm just curious...

Basically, I haven't played since Saturday and logged in today to find all of my characters' armor gone and most of their weapons/stuff as well (save a few customized weapons, items, and junk greens). At this point, I'm pissed as hell. I know it's the common cry of the victimized, but I never did any of the unsafe things that make you bait for account theft. I will admit that I don't change my password very often, but that's all.

But now we come to the real subject of this thread. I run over to my Xunlai account, expecting the worst, to find 638k in my storage. I'm pretty sure I had around 18K on Saturday.

My question is, did I catch the theft before the guy had a chance to move all the dough, or did he leave that for me? I find it hard to believe that someone who hacked my account would one: leave my password the same, and two: be so lazy/dumb as to leave money behind when he had all weekend. I also kinda find it hard to believe that he could've liquidated all my possessions into so much cash so quickly, what with a decent number of my good stuff customized.

An extra 620k may just be enough to re-armor my characters (10 characters, all had elite armor) near to what they had previously, provided I don't buy elite headpieces (never did anyway). And that seems almost too coincidental to me. Although, that doesn't even begin cover the cost of all the nice weapons I had for all those characters (he even found the sweet stuff hidden on my heros ), nor the lost materials.

I seem to have also been "lucky" in that he didn't check, or didn't want, the stuff on my two pvp mule characters.

I think I've done all I can by changing my password, reporting it (not that that'll help), and by checking for trojans just in case. My question still is if I caught him mid-scam or if this money was for some reason left for me. Maybe he didn't want to steal, just pull a prank and screw me over?

No matter what we say, it's all speculation - you'll never know what the guy had in mind unless you actually find the guy. Therefore, inb4lock.

Personally I'd chalk it up to good luck in catching him - I've never heard of a hacker who just goes into accounts to have some fun without some benefit for himself. Maybe he split the cash with you as a gesture of "no hard feelings."

OMG...same exact thing happened to me. most armor was gone off my chars (primeval on my war ), most but not all weapons were gone, mule char was untouched for the most part, but the interesting thing was my sin who was lvl one (just had created him a few weeks ago) was now a perma-sin with a bunch of money... i have a feeling this is the same guy that hit us both.


Edit: if you have online banking/paypal, check it frequently. someone (might have been same guy) made a withdrawal straight from my bank account recently, i'm beginning to think it was this guy.

at least i got a permasin out of it...

very weird way of to hack an account. the first might've been that he didn't have time but the second thing by hurdle has to be intentional.

Sounds like he did it for the lulz. I approve !

Maybe he thought your chars were dressed so badly you'd need to rebuy their armors.

On a more serious note, nobody knows, so change your password before he takes all that money...

what bugs me is that this guy is smart enough to hack the account, but not smart enough to screw me over. he took most (but not all) of the armor/weaps off my chars, but didn't leave me with nothing. he hacked my bank account, but didn't drain it. He got into all my accounts, but didn't change any of the passwords. Also, he is (i'm 99% sure of this) Asian, because all my characters were in Korean districts (which i never, ever go in to) but he didn't change the actual fonts into korean, but instead changed the icons for the skills from list mode into (large font?) mode.

Still dunno how he got into my account though, that's what bothers me more than anything else, how he got my username/pword in the first place.

Maybe something came around and he couldn't finish what he was doing, its a good thing you managed to sign in when you did to maybe catch him in the middle of the act, My friend had a similar incident, a hacker got into his account only to steal the voltaic spear he just bought two weeks later he used his buddy key to tell me someones changed his password. Hes not been back since

and now i got a code 045...who do i contact for this? ncsoft support doesn't help at all

My friend was hacked (this was way before Factions) and he came back to find nothing was stolen, but in his storage was a req. 9 15>50 Fellblade.

I believe it Liam016 is spot-on. You and my friend were lucky, and managed to get your account before he finished what he was going to do.

People do NOT hack other people's account.

Brute Forcing is a concept that does NOT work too well in the GW-scene.

They can, however, hack your MSN, forum accounts or other shit, and then try the pass on your account. (Some study showed that 60% of internet users uses the same, or no more than 2 different, password(s) for ALL their internet activity. -And I'm pretty sure the REAL percentage will prolly be higher, if you were to ask EVERY internet user-)

Believe me, you can take "Brute Forcing" GW out of the equation completely.

So, you're stuck with either 2 things:

-A "friend", someone you know in-game, who knows your email u use, brute forced your guru account (Or ANY other for that matter), and used the password on your GW acount.

-Someone who saw you on a forum, went to your acount info (of Guru, or other forum), saw email adress, and thus hacked that forum acount, and applied it to the GW acount.

Either way, try and use different passes for every internet application. -You do NOT want to see my list of passwords, it's a paper glued to my desk, and it contains over 20 passes ^^-

As for the 600K, it's random, rare, but this would make option 1 (A friend hacked you) more plausible, as he merely wanted to fcuk with your mind, but not really "punish" you in any way.

I think that the reason the hacker didn't take the money was because if you went to a-net and reported that you got hacked. They would look at the days and see the transactions made. Then they would see you giving 100k+ trades for absolutely nothing in return to the hacker's account and rightfully ban him.

That is my only reason of thinking that he would leave the gold. Most likely figured he'd get banned if he took it or associated the hacked account with his in any way.

Just another reason not to play Guild Wars after drinking Vodka Poppers and smoking the rest of that doobie you found in your friend's sofa.

Also, and excellent way of establishing plausible deniability for online gold trading..."No, really, ANet look...all my stuff is gone, I have no idea where all that gold came from..."

I smell fish.

meh, don't care if i don't get armor/weaps back. they are replaceable. pain in the butt to have them gone, but replaceable.

by lots of money i mean 28k and 5 ectos

i just wanna play a bit, but to be honest i'm really not too mad at this guy. kinda annoyed i can't play right now, but i guess i'll play spore till it's all figured out. never really got rich on guild wars, so i really had nothing to lose (besides my primeval armor...that still stings )

oddly enough, he left the cuirass too, took helm, gloves, pants, and boots, but left the chest piece.

WOW, this guy did a similar thing too! My elementalist was changed to an E/A with what looked like a sf farming build, and was moved to The Tombs of the Primeval Kings. I am starting to think it really might have been the same guy, and I am going to check my paypal account, and reset the passwords to everything I have, just in case...


Well, my friends list is empty, the only people i know in game are my guild-mates/personal friends who i don't think have the knowledge nor the motivation to do this (and there there's only four of them).
Now that you mention it, this happened one week after I made my first thread (a pc over at ventari's, I usually just respond or lurk) and 1-2 days (can't be sure) after I made my first more serious thread (i.e. I actually wrote something). I bet that's how it happened.

I can understand the password part, but how would he/she have gotten my account name? It's completely separate from the e-mail account I use for guru...

I'm gonna start dedicating my stuff to HoM...that way if I get haxxored I'll at least have a few things "recorded"...

for the record.Inde stated in another hack thread(or similar) that email addresses are not viewable by members/elite gurus w/e on gw guru.at all.....ever

There is no way a hacker can see your email address or password on this forum.

I expect there's certain details not being mentioned here.

Sounds like it was a gold farming company that got in to the accounts. They probably had a bot(/poor hired asian guy) farm stuff on the permasin/ele - which is where a good chunk of the money most likely came from. The actual money in storage was (in my opinion) probably a fluke due to forgetting to change the password, catching them whilst they were still "processing" your account, or merely chalked up to "acceptable loss" so you wouldn't report the hack.

Did you by any chance sign up for anything promising, say, a GW lottery? Someone "leaving" the game who set up a website to give out his stuff? Perhaps a more shady (bot, hack, possibly even a spoof/phishing) site, that required an email address and a password to join?

I have to agree with this, quit buying online gold and you'll be safe. Either they didn't have time to transfer the gold to another account, or they kept it on your account until they had someone make a purchase. With so many people being banned for transferring 100k of gold it might be their way of trying to avoid having their surplus taken.

The last thing I signed up for was the GW anniversary sweepstakes .

I'm trying to look on the bright side of this. At least I have some gold to soften the blow, weapons are replaceable, and this does give me an excuse to give each character a different set of elite armor for the HoM. The only things that really get me down are that two characters never got their armor stored at HoM, and I lost all those collectibles I'd been saving (alcohol, destroyer cores, etc.). But hey, it's just a game.

Not that I need it, but with the holiday season coming up it seems like there should be some sort of fund for the victims of scams/hacks. Perhaps a little window (with a santa and a bell) that pops up every time you trade or merch asking for a donation to the needy...

Did you have loads of ectos missing or expensive weapons or minipets. Maybe the offender sold all your stuff with the intention of trading the money to another account but didnt get around to it.

thing i miss the most (probably more than the primeval warrior armor) is the 40ish lockpicks i had....that sucks. BUT, it's nothing, to be honest, than what it could have been: i invested alot of my money into my guild hall when i sold all my z-keys from the last tourney, so it's not a complete loss. plus, i now have a full perma sin, which is what i was gonna make my level 1 guy eventually anyways. and he came five ectos, so it's not all bad, i guess. the armor kinda ticks me off though, weapons are all replaceable, but i wish i still had my q12 inscribable shinobi blade or my golden phoenix blade

99.9% of the time this is a:

1) Friend (who obtained your PW through social engineering)
2) Keylogger obtained from too much pr0n browsing
3) Friend
4) A GW "mod" you installed from a non-trusted source
5) Friend

To be on the safe side i recommend not having the same email/password for your accs either on guru or the game itself i myself have at least a dozen diff email accs all with diff passwords same goes for my bank acc which i regularly check online. Now don't give me that i will forget BS because buying a notebook and writing all those emails/passwords down will only cost you $1.99. Dnt ever download 3rd party programs, bots to be more specific. And make sure that you perform a virus scan on your comp at least once a week to make sure everything is in good shape. That's the advice i can give you guys and so far it has worked for me.

Is it at all possible it was a family member of friend who knows your password? If this was a 'hack' attempt they certainly wouldn't have put your money in storage for you to find. They would have kept it on character and transferred it immediately.

I don't know for sure, but the way this has gone down it certainly seems to me like it's someone you know trying to play a practical joke...

You know...that Burger King Dude has been running around lately stuffing money in peoples pockets. Maybe it was him. lol

Seems someone did try to hack into guru a while back. My guess that either a) guru isn't as secure as people think or b) xunlai house on the GW site (which requires you to enter username/pwrd) isn't as secure as people think. either way, someone out there is getting into people's account and getting into their games

If either of those were true there would be a hell of a lot more people being hacked than the 10-20 that have complained about it here.

MAYBE HE RAN OUT OF SPACE/reach his gold limit. I'm surprised he didn't just buy up ectos from trader.

Something kind of like this happend to me about a month ago but none of my stuff was gone. I remember going thru nf on my necro and I stopped after the first two missions. Then I log on about two days later and I find my necro in Kodash Bazaar with about 18k and a full inventory on him. Thought it was pretty cool

Depends. This guy doesn't seem too smart, which is surprising. If he was trying to legitimately get gold from other accounts, wouldn't he change the passwords on the accounts? you know, lock the actual owners out of the accounts. Seems right now he's content with stripping and salvaging all the gear off of certain characters (my primeval warrior armor and my geomancers and dwarven ele armor are all salvaged (mostly) but my mesmer and assassin's armor is untouched), creating and using permasins to farm for ectos (which he did on mine), and selling market value weapons.

My account got code 045'd last night, but issue was resolved (after i sent anet an email) less than an hour later after i explained to them what happened, so i think Anet knows that something is going on with a hacker, but not quite sure yet where he is attacking from (both geographic location and how he is getting into accounts). The last support ticket i sent in took a couple days to clear.

Also, this is a single thread on a very large forum. how many people have actually stumble across this thread, and what how many of them were actually hacked?

This guy could be jumping from account to account, running two or three at a time until he gets found out and then "accessing" new ones. And obviously only people that have/had both their guru/xunlai/however this hacker is getting in password and their game passwords the same could be hacked.

I'm thinking (as someone previously posted) that this guy is a tool for something larger, possibly a gold farming site, and that this guy is either Korean or wants to appear to be korean. he changed all the active districts to korea, BUT did not change the actual fonts used to any form of asian. he kept them in english. So, i think it is an english speaking person who got "learned" how to hack by some bigger fish, and is trying to be cool by hacking into people's accounts and failing at being a good hacker. bigger company gives him a pat on the back and a few bucks, they keep their noses clean by jumping the gold from char to char, and keep the user accounts expendable. The OP's account could have been a collection point for the gold if you will, where as mine and others were strictly used to smash and grab.

it took them less than 5 days to do this to my account.

The 10-20 I mentioned also included the larger thread in riverside. Even that one that had lots of people scarred only had about 8 people saying they were hacked. The Xunlai House accounts must be many many thousands of accounts, and Guru has several thousand accounts. That's an extremely small fraction of the total accounts you are saying he has access too.

If I were a betting man, I would put my money on 10-20 people d/l loggers/hacks or just BSing etc rather than guru/xunlai etc being the target.

Happens to me all the time, i log on and find a stack of ecto missing from storage and all my characters are in the american roleplaying district in GTB.

Its usually something to do with my two little brothers who like fissure armour but dont like farming and enjoy the company of other 15 year old roleplayers in american servers.

Well, an interesting thing. My Account name is the Same name as my FIRST characture that I ever made. I notices that the other day. So I deleted my first characture because I could not change my account name.

This is a FLAW. If I am running around al and writing down everyone's name. I can then run a systematic bot to get your password. not that hard actually in text mod let me tell you. A little script reading and BOOM. I got your password.

match that with your "name of your first toon and there you go". So if someone asks you what you first names your first toon DO NOT TELL THEM as they have half of the work done so far.

Remember that there is a 12 year old in England can Hack VISA, guild wars is no match.

Everyone, I have stated and will state again that NO ONE IS GETTING YOUR INFORMATION FROM GURU. This includes your email and passwords. I appreciate the conspiracy that people like to generate, and even me typing this will have doubters. I have stated time and time again that we have been thoroughly through our databases and servers and no one is gathering your info. Not to mention that ALL PASSWORDS ARE ENCRYPTED. Not even I have access to these.

I will not entertain anymore conspiracy posts that Guru is somehow divulging or has been compromised in this manner. I am not saying that Guru can not be hacked, we have clear evidence of that... but the forums and the databases on this site have multiple security measures in place with only 2 people having access to the information. We have server logs and forum logs and logs of every type that would show if anyone accessed this information.

Any further "conspiracy" posts that have no merit and are false speculation will be deleted.

You mean "HASHED", not encrypted, don't you Inde? The difference being of importance: if you get the hash value, you can't get back to the original password that was hashed. If it's encrypted, the software has to protect the encryption key and this totally prevents decryption.

Are you a crackhead or just mentally ill? This is the absolutely dumbest idea I've seen posted on Guru. Your login is your email, your password is NOT your "first toon" unless you are dumb enough to name your characters after your password. There's no way to get textmod to run a script grabbing people's passwords. You don't even know what textmod is. It changes textures, only. It does not interact with server or other people's clients, the idea that it does is moronic. When interacting with anet, they dont ask your "first toon" name, they want the names of ALL toons and all keys. So even social engineering isn't going to get you anywhere with your "first toon" information.