Account Hacks: Your help in this matter are invaluable!

Good afternoon all,

Before I go into this I ask that you do not "flame" me for what I am about to write here. I'm in no way trying to point fingers or play the blame game. I am just curious to see if there are any others out there that may have had a similar experience as I and, with a little luck, maybe get some answers.

Recently I had my account hacked. I have written about this at length in previous posts and need not bore you with the whole story here, but in a nut shell, I lost plenty of loot and coin (~350k's worth), and after some Virus/Spyware Scanning, password changes and a complete overhaul the account is now back in my hands, characters still there. It was, naturally, the result of a key logger program.

Now, I've always considered myself to be extremely cautious with my security. Nothing like this has happened to me in all the +4 years of playing GWs (or ever for the matter with anything IT). So, looking back, I asked myself "What have I done past 14 days that could have caused this?" (I update my password for GWs every 2 weeks)

Turns out there was something I did do that was, for me, very unusual. Recently my main character became a GWAMM (30) and I thought, with a mixture of both pride and arrogance, "Where can I show this off?". Turns out there is a site where one can show off their character(s) and titles.

I ask that no-one reading this post attempt to Google or go to this site, just to be on the safe side mind. It's called: gwchars.de – a predominantly German site but also has an English portal.

My question to you all in the GWGuru community is “Has anyone else been to this site, signed up with their details and then had their account hacked?” If so please inform myself and others. I'll have Anet support look into it further.

However, if it turns out that there has been mostly positive feedback regarding the safety of this site please do let me know, I shall attempt to find the alternative cause.

Let me know your thoughts.

All my best,

Aurelius

plum64_uk, you probably haven't done anything in the last 14 days to cause this. People who have been away from their accounts for months are being affected as well.

I am registered at GWChars.de for quite a few months and never had a problem.

Obviously, I use a different e-mail address and password than the ones I use for my actual account - so even if GWChars.de has some security hole, the retrieved info won't be useful to hack my account.

I'd say just avoid using the same e-mail address/pass from your account in any GW fan sites and you should be safe.

So now googling a site will get you hacked? Jeez, what will these hackers come up with next?

I've never been to that site and i was hacked.

I've never even heard of that particular site but had my account hacked not too long ago.

I still don't know with any degree of conviction how my account was hacked and am sort of resigned to never really knowing now.

i have belonged to that site for over 8 months with 2 diffrent accounts and i have never been hacked.its good site btw

The reason behind all the account hacks may have something to do with yesterdays update:

Originally Posted by Update - Wednesday, December 2, 2009
Bug Fixes

* Fixed a crash bug.
* Fixed the URL for requesting a password reset.

found here in this thread:

http://www.guildwarsguru.com/forum/s...php?t=10415403

doesn't explain much, but its something.

I realise how omgparanoid this is going to sound... but announcing that you have reached GWAMM probably identifies you as a juicy target, one that's worthy of attention from would-be hackers.

I got hacked when I started to bid on, and pay a lot of money for sweets. I think that that identified me as a juicy target. Somebody approached me in-game referring to a bid I made for sweets (the correct items and the correct price) but he was not the actual seller. We concluded the transaction and within seconds he was off line. Within days my account was hacked. I lost about 1.5 million worth of stuff.

I was registered on NC Soft, Guru and GW Online. I visited the German site once but was not registered.

As an alternate to the above conversation, my son had an account taken from him (his own fault). He did learn from this, but from an outsider observation I believe that there are elements of changing a password that Anet has backwards making account theft easier.

Most major sites have as policy to send out a note to verify an email change. The normal default action is to refuse the change unless a verification is made to the emailed notification. In Anets case - Their email notification states that the change will be made unless you respond (deny the change) to the email. This is quite contrary to almost everywhere else. This fact created a situation where we scanned over the email not paying it much heed until the account became inaccessable. His account had been shifted to a temporary .yahoo email account - and immediately shifted again to a more permenant email (yahoo account deleted thereafter). Unfortunately we could not find the small slip with his original GW activation numbers and as such he GAVE his account away with a little help from Anet.

This would not have happened if it had been set up not to change unless verification had been obtained.

the above post makes me wonder if this game is safe at all anymore you can get hacked for buying something amazes me

So packet sniffing/decryption is still not ruled out? or did this happen long ago?

I haven't traded with people outside of my guild in years, I haven't talked in depth with people outside of my guild in years, I haven't grouped with people outside of my guild in years, I haven't done things in the game that add world announcements, ever. I use strong passwords and avoid the public as much as I can. I can as least say since I have been playing since March 2006 I have never been hacked, ever and hoping all this paranoia and stressful constant account checking/password/email changing will pay off. But I just have this feeling from this day out will be a stalemate and the hacking will never stop so long as there is some out-of-our-hands exploit and anet basically is holding us by the balls not fixing it.

I'm going with coincidence on this one. If the price is right, people will swipe someone else's forum sale if they can, and your seller may only have logged on to see if you were available in-game to complete a sale.

That happens pretty frequently without resulting in a hack.

If it were possible to efficiently target people, most of the High End admins would have been hacked by now. Since they have not been, I think we can safely assume that the only way you can be "targeted" is if someone can get your username, and that those admins have been appropriately paranoid about concealing that piece of information.

Like I said, hopefully you weren't STUPID to register w/ your real email address that is used for GW or anything important to you.

if you did, well, I guess you deserve to be hack and hopefully its a lesson learned.

Always create a bogus account for forums and registrations of any kind.