Account Hacked, not a QQ.

This is just a note to other GW users. I was hacked while on my account last night. Someone logged into my NCSoft master account and changed the passwords for it as well as my log in password. I was immediately booted out of GW and could not log on. I then logged onto one of my other accounts to see someone else logged into my main account. I started the ball rolling trying to get a quick response from Anet, with no prevail.
It seems to me that NCSoft has some issues with Brute Force hacking.
I have no Trojans, KeyLoggers or have I downloaded any unsafe programs, I am running Kespersky total security.
The only thing I have downloaded recently was GWML, I do not know if this is the culprit or not but it was recent.
Yes when I first started GW I bought gold for real money, stupid I know, but I was not aware of the pitfalls at the time and I didnt know it was wrong.
I just wanted everyone to be aware, change your NCSoft Master account passwords regularly, it might have saved me a large headache.

make your password 10 chars + next time.. don't use words in the dictionary or names/slang words and add some numbers, you'll be fine

or you can make your pass really random- use a pattern on your keyboard, like start at g and press the keys to make a circle around it, last letter in caps then add your favorite number after.. just an example of ways to make your pass totally random and still remember it

Lol if someone actually brute-forced your password, it must really suck. A password with just letters/numers alone ain't the best idea.

Being an ex-Unix engineer with a specialty in hacked systems, I can tell you that making up good passwords is actually pretty easy.

The random Star Wars name generator is perfect. Type in some random crap, you cousin's best friend's dog's name, a made-up prescription drug name, whatever, replace some of the letters in the generated name with corresponding numbers on your phone, such as 2 for abc, 3 for def and so on, and you have a password that is impossible to hack. It has no ties to anything that's remotely familiar to you. Write it down, remember it, tape it to the bottom of a desk drawer or somewhere in case you forget.

No one would brute force a GW password unless they're so bored, that they have nothing else to do. Hackers brute force a system that actually is worth the time and has something worth stealing. I would expect it's something that you've accidently downloaded.

Anyway, my two cents worth.

Brute forcing would also hit the failed attempt login delay GW is supposed to have.

Hacked, hacked, hacked... who believes this crap? You don't get hacked in GW. Somehow, somewhere security slips. Answer a wrong email, change pass on an NCsoft imitation page - bang. Use strong GW password and download nothing - and someone gets into the Email used for login, resets password, and gets it sent to him. Stuff like that is what really happens.

But noooo - everyone is SOOOO secure.

I sometimes actually wonder whether half the "hacking" reports are false complaints from gold sellers angry that Anet shut their accounts down, trying to make it seem GW is insecure.

This also just happened to me early this morning..

I use a non-dictionary alpha-numeric password that would take years to brute force and they were still able to reset my password... Perhaps the forgot password function was exploited or something similar. Any update on your account Rainen_Fyre?

I'm sure the majority of people this happened to have had some security slip. However, you need to stop drinking the Anet kool-aid. No security system is flawless. If a hacker really wanted to get your account without a security slip, I'm sure they could.

Hell, I think Anet is even secretly aware of some sort of exploit for this, hence why guru now has the no IGN in profile policy as requested by Anet.

Just my 2 cents.

ive had i think 4 but for sure 3 friends who were looking up how to hack guild wars and the next day they were hacked so you might want to stay away from hacking sites to

Posting about this is a waste of time. I have made a couple of posts about this and had one deleted. With 3 years of grinding to only have my stuff gone is pure bs.

Stop drinking the Anet kool-aid... no kidding.

To anyone else whos been hacked, the Kool-aid really don't taste good anymore anyway so move on.

For the ones who love this Kool-aid let them be happy with Anet ops I meant Jim Jones.

What everyone has been saying, stay away from suspect e-mails, downloads, websites etc. There is real money to be made in hacking peoples accounts and taking their gold (like the OP who admits to buying in-game gold with real $$). Sorry for your loss dude. Thanks for putting this warning out too.

Karma always gets you.
But really you cant do much for keeping your account safe. Random passwords regular virus scans and try to avoid weird gw related web sites.

I just logged on for the first time in months today because I felt like restarting. Noticed a few items are missing (I thankfully customize everything and they left those) + all my armors have had their vigors runes taken off, no more cash in stash, all my chaos gloves + destroyer gloves have been salvaged as well.

Guess I'm permanently done with this game after 2200 hours played. Thanks hackers.

P.S : I only use this + GWwiki as sites.

I've been wondering about that. Friend/ignore lists in this game are account wide (someone can log in on an alt and still show up), I wonder if someone figured out how to use this to get account emails. Doesn't explain how they get the password, but it does solve half the "battle" right there.

*coughs*

Majority of the people that have made "omg I just got hacked" threads recently have been told by support that RMT companies were responsible. They don't need a keylogger if you used the same email and password (hell, even a similar one) to register on their website.

No as of right now just waiting on Anet to reset password. Probably be on Monday, I get jacked out of farming Pie..........so sad.

And after reading all the above emails I believe my password was on the weak side. As Deviant Angel pointed out, I could have used the same password or something similar at that sight. I know it was the same email. And now in the crunch wars against gold sellers they picked my account out of the hat.

I just wanted to share this story as a warning to others that Gold Buying online is as Dumb as it comes. Hind sight 20/20.

They still needed you NCsoft username first.

And if they hacked through your GW account, they need to know your account name. Player names can not get you account names. One way or another your info got tapped.

This. 100%. And @ passwords: I don't understand why people can't grasp the concept that if you use passwords that don't contain any common dictionary names, your chances of getting hacked with bruteforce are literally 0. On the other hand, you are never safe from a keylogger. I guess people overall are just too lazy to take their online safety seriously, so it comes down to making their password part of their username or their pet dog's name.

Actually, it doesn't have one (at least, not on the website where he claims he was hacked).

And even Gaile has admitted that these recent influxes in hacked accounts were no coincidence. Support is actually trying to add some more anti-hacking protocols, because of these problems (as per Gaile's talk page).

These hacks are a real problem and I personally tell everyone I know in game to avoid buying from the NCSoft website and to avoid using the NCSoft website for anything other than increasing the strength of their passwords.

Sure is pretty risky to be playing Guild Wars these days, eh?

Good lord, I hope we don't have to use the PlayNC account to transfer things from GW to GW2.

My boyfriend's ex-guildie stopped playing Guild Wars for a few months. When he recently logged in (A few days ago), his account was gone.

Since he doesn't play anymore, how could he have slipped up his password? A-net confirmed it was a Chinese Money Trader.

I admit, the majority of people probably responded to a fake e-mail or somehow gave out their information, I don't think -everyone- has fallen for that.


Even Gaile has addressed this is a very real problem and it is hacking in one form or another.


Very scary times, these are.