Please read all hacked

shuy

Diabloii.Net Member
Please read all hacked

Hi all,
Please look on last week news. Many person lost theirs items. They cannot have items back, but they can help prevent future problems.
Please help us.

I think there is one common "weak point" in all causes. Please let us know:

Do you used the same lgin/pass on forum and in game (most people answered no)
What browser do you use - IE, Firefox, Opera, etc
Do you use communicators: ICQ, Skype etc.
Did you had any problems with another internet activity - start page, etc.
Do you use firewall (MS or another one), adaware and antivir
Do you use any mods in game - I predict that nobody use bots and hacks but many people use language mods etc.

Last point. If you lost your gear please feel free to whisp me (shuy, shuy1). You will not get enigma for free but I can give you medium class items which let you play and rebuild your stuff.

Sorry for threat not about trade but situation looks dangerous. If you thinks that this forum is not a place for such thread please delete or move.
I'm posting it here, because most people hacked read just this forum.

shuy
 

HardyTarget

Diabloii.Net Member
Why do you people keep posting stuff like this in the trading forums?

Discuss about it in the OT thread or something.

I don't mind giving free stuff either but usually people quit after something like this happens.
 

Dawnmaster

Diabloii.Net Member
It's nice, but offering your items (europe realm) won't be of any use, since all those who were hacked, are from another realm (first West got hit, them East started getting hit as well iirc?)

Sofar no reports from Europe players being massively hacked afaik...
 

Cppo-The-Wild

Diabloii.Net Member
There's been hacking in Eu too... including me and i'd like to know wether it's something more serious (keylogger) that might even require formating or uhmm... something less serious.

-Cppo
 

jimba

Diabloii.Net Member
I'm on EU and got done (fortunately I didn't own much worth taking tho!)

To answer your Q's-
Different password for forums and battlenet a/c's (but forum may have been same as my email password).
IE7, no communicators
No other internet problems
ZA firewall (free) + hardware FW on internet box + McAfee AV + Spybot (PC1)
Hardware FW on internet box + Sophos AV + Spybot (PC2)

Some additional info-
I have scanned both systems with AV & Spybot (&Norton anti-spy) and found nothing - so if I caught something, I still have it - is there anything else you would recommend me scanning with?
I have 4 battlenet a/cs of which only one has evidence of being 'hacked' - my password had been changed and I couldn't get into the a/c - when I got new password and got back in a few items were missing - there was no evidence in my email a/c of any emails from Bnet (i.e. change of password/email address, etc).
The a/c that was 'hacked' was *jimba, same as my tag on these forums but I I haven't actually played the a/c for a long time (just log on every week to keep chars alive) - I've also previously disclosed two of my other a/c names in the trade form but these a/c's seem fine.
My battlenet passwords contained only letters but were not real words (my login for here & email was a simple word).

I've personalised the few remaining items that I have of value (and have no intention of trading), which will hopefully make them less attractive.

I'm pretty cheesed off at this happening but what really worries me is I don't understand how it happened, so can't guarantee it won't happen again...

OK, one thing that doesn't seem to be working properly is the advertising banner on this website, so when I use the backward & forward navigation keys they don't work properly (I have a ref to loadedinc & a 404 error) - maybe this is just coincidence and I only noticed now coz I'm paranoid :shocked:
 

Tim B

Diabloii.Net Member
i'm now lucky enough to join this elite club of "hacked" etf members. i've had many high runes worth of equipment stolen over the weekend. whoever did this went through my 4 playing accounts, and stole anything of obvious value(runewords,annis etc), and a few things of very little value(average stat jalals and titans and god knows how many pairs of goreriders). they also left a few things of great value (max/ar/life charms some very nice rings and amus and other rares/crafts). fortunatlyt they missed my mule accounts so i've managed to scrape together enough wealth to make an enigma and i've just started my first ever hammerdin
 

MapleBarb

Diabloii.Net Member
i'm now lucky enough to join this elite club of "hacked" etf members. i've had many high runes worth of equipment stolen over the weekend. whoever did this went through my 4 playing accounts, and stole anything of obvious value(runewords,annis etc), and a few things of very little value(average stat jalals and titans and god knows how many pairs of goreriders). they also left a few things of great value (max/ar/life charms some very nice rings and amus and other rares/crafts). fortunatlyt they missed my mule accounts so i've managed to scrape together enough wealth to make an enigma and i've just started my first ever hammerdin
what realm do you play in??



 

Leohappy

Diabloii.Net Member
Tim B - can you tell a little how you THINK you got hacked?

this weekend my account was also attacked as i ended up with more than 30 failed logon attempts (cumulative in 3 days)

i suspect those spambots have something to do with recent hackings as well, lots of them everywhere and very aggressive advertising
it's very likely they record accounts in channels they visit, then their users try to bruteforce those accounts
 

Cooked

Diabloii.Net Member
Log in and forum passwords are different. Game pass is alphanumeric
Windows explorer.
No communications stuff.
Use firewall. Was not running enough virus checks.
No mods or hacks.
Used Limewire.
Keylogger I found which was used to hack my account was...Backdoor32

I play West and tried to continue for awhile but it is hard to start over. I have some remaining wealth but the skillers and annihilus charms and pala torch are too hard to replace.

In real life my personal realtionships are rough which make playing this game even less appealing.
 

Tim B

Diabloii.Net Member
Tim B - can you tell a little how you THINK you got hacked?

this weekend my account was also attacked as i ended up with more than 30 failed logon attempts (cumulative in 3 days)

i suspect those spambots have something to do with recent hackings as well, lots of them everywhere and very aggressive advertising
it's very likely they record accounts in channels they visit, then their users try to bruteforce those accounts
All my accounts that were hacked were very similar, each followed by a consecutive number.

I have done a search of all the processes running. This is a very new computer, and there is nothing out of place running. There are no Keyloggers running. I don't really have any other software other than windows, diablo, and virus checkers. My other accounts were not hacked probably because a) I have not listed them anywhere, and b) they dont have obvious names. All the accounts that were hacked are listed on this forum.

I would really expect the hack to be either a brute-force technique or some sly way of finding out your password, perhaps through the password-recovery as Frosty has suggested.



 

Leohappy

Diabloii.Net Member
My other accounts were not hacked probably because a) I have not listed them anywhere, and b) they dont have obvious names. All the accounts that were hacked are listed on this forum.
how much did you use your other accounts? i would say that main play accounts will be a lot more exposed than say, mule accounts which you rarely use in public

there are many ways your account names can be logged, spambots, forums, trade channels, irc, etc
I would really expect the hack to be either a brute-force technique or some sly way of finding out your password, perhaps through the password-recovery as Frosty has suggested.
some people have indeed been hacked through the pass recovery system recently (i know two of them) so this is a real possibility

also i believe you said in a post before you used password with just letters and no characters/numbers, so it is certainly a possibility someone bruteforced your password



 

zeskelnec

Diabloii.Net Member
For the time being , can I suggest all traders to communicate only their acc through PM instead of posting them and ask the mod to delete the stickie containing all acc names linked to each forumers.\
Yes, I know, that it is easy to search in all thread the main acc of each trader but it may slow hackers.
 

MjolnirY

Diabloii.Net Member
I have checked my PC twice nothing to find but...
I remember me that, I think the day before or 2 days before the hack, I was obligatorily to login on etf. So normaly I don't need to login because I have asked to login automatic. This was the critical point. What this mean?
Each computer stores cookies:
These virtual cookies—small text files that Web sites can create on your computer to store information gathered about your visit to the site including, where you went, what you did, and any personal information you gave are not on my computer!!! Otherwise I don't need to login again!!!

Cookie name: bbpassword
Value: 5718e011e79951a0baf6efcedb6463cc ?
Server: diabloii.net
Expire: 2007-11-13

does the bell tinkle?

Is there some1 who has receive pictures by mail just before hack?
 

snowBlizz

Diabloii.Net Member
i got hacked on europe softcore ladder

I use opera
firewall
Not enough virus cotroll
different username/pass here

Someone logged in to my acc, switched pass, i switched pass again, nothing was stolen and then someone switched pass again, my chars was totally reaped but he left a shako and a cerebus.

i got hacked once before, but then i didnt use the email system.
I found a trojan/keylogger but my brother deleted it..
 

jimba

Diabloii.Net Member
Keylogger I found which was used to hack my account was...Backdoor32
What did you use to find/remove Backdoor32?
Is that the exact spelling/syntax? I've checked a few places on this name and can't find any info for a keylogger of this name.

Thnx for your help! :smiley:



 
Top