![]() |
#1
|
|
![]() Elune Join Date: Oct 2009
Posts: 21,428
BattleTag: Leviathonlx#1820
|
![]() So apparently hackers in public games can see your Session ID and use that to bypass using your login info and even your authenticator. So for the time being it may be best to not do public games.
|
#2
|
|
![]() Arch-Druid Join Date: Nov 2008
Posts: 1,105
|
![]() Well that sucks.
|
#3
|
|
![]() Arch-Druid Join Date: Jul 2011
Location: A big point of nothing in space and time (i.e. Brisbane, Australia)
Posts: 1,710
|
![]() How did Blizz fuck this one up?
Seriously. This isn't helping their case for the whole 'online exclusive' drum they've been beating.
__________________
|
#4
|
|
![]() Join Date: Sep 2006
Posts: 3,338
|
![]() So, I didn't use public games (only played with direct friends... ), but my account got hacked, too.
![]() Well, my WoW chars got their gold back, but the diablo 3 chars have it still missing.
__________________
![]() ![]() ![]() I am handclaw and this is my favorite thread on Scrolls of Lore!... oh wait, nope... Just another bitching thread. |
#5
|
|
![]() Demon Hunter Join Date: Jan 2011
Posts: 439
BattleTag: ask#1111
|
![]() Blizz is claiming that every investigation so far shows no signs of people being hacked by "sessionID". In every case it has been a login using username/password, not session highjacking.
So far the one person here that got hacked fits the profile, otherwise they couldn't have gotten WoW goods. In my experience administrating MMO forums, the one constant is that people lie bald-faced when it comes to cases like this and jump on a bandwagon pointing out a vulnerability, even if they know personally that they only got hacked because they entered login information somewhere they shouldn't or they had a keylogger (I've had posters admit this to me in PMs, even though in the open forums it was all about how they must have been hacked through no fault of their own like everyone else). I'm tempted to side with Blizzard on this one, although I am curious to see if that assumption proves wrong. |
#6
|
||
![]() Join Date: Sep 2006
Posts: 3,338
|
![]() Quote:
Also, blizzard was very helpful with the issue and they were quickly replying to my tickets about it.
__________________
![]() ![]() ![]() I am handclaw and this is my favorite thread on Scrolls of Lore!... oh wait, nope... Just another bitching thread. |
#7
|
|
![]() Site Staff - News Join Date: Aug 2011
Posts: 6,772
BattleTag: Greyhame#1747
|
![]() It will probably take them a bit to do the Diablo 3 accounts. They probably have the information, they probably don't have the tools to deal with it as efficiently yet.
__________________
I used to take Warcraft lore seriously, then the lore took a Rule of Cool to the knee. |
#8
|
||
![]() Join Date: Sep 2006
Posts: 3,338
|
![]() Quote:
Also, appearantly this option is aviable only twice in the first year. In my oppinion, they really need to improve this somehow, but well... dunno what the best way would be.
__________________
![]() ![]() ![]() I am handclaw and this is my favorite thread on Scrolls of Lore!... oh wait, nope... Just another bitching thread. |
#9
|
||
![]() Elune Join Date: Oct 2009
Posts: 21,428
BattleTag: Leviathonlx#1820
|
![]() Quote:
|
#10
|
|
![]() Site Staff - News Join Date: Aug 2011
Posts: 6,772
BattleTag: Greyhame#1747
|
![]() One person was called out by Bashiok about that, with him pointing out that the authenticator was added after the compromise (which is common).
__________________
I used to take Warcraft lore seriously, then the lore took a Rule of Cool to the knee. |
#11
|
|
![]() Wisp Join Date: May 2012
Location: Greece
Posts: 9
|
![]() As far as I know, joining a public game will increase your chances of getting hacked but as long as you're online your account info might still be stolen. Haven't heard this from a reliable source though just claims scettered across the web.
|
#12
|
|
![]() Elune Join Date: Oct 2009
Posts: 21,428
BattleTag: Leviathonlx#1820
|
![]() It's all false. People that got hacked got hacked due to their own fault.
|
#13
|
|
![]() Wisp Join Date: May 2012
Location: Greece
Posts: 9
|
![]() Well don't be too sure about that, there might always be a possibility of being hacked without you provoking it.
|
#14
|
||
![]() Demon Hunter Join Date: Jan 2011
Posts: 439
BattleTag: ask#1111
|
![]() Quote:
And just because it's possible that someone hacks you out of the blue based on nothing you've done doesn't mean that the sessionID or SQL injection hacks that people keep talking about are actually there. So people are right to point out that people are just repeating unsubstantiated rumor with those. |
#15
|
|
![]() Elune Join Date: Jul 2007
Location: Spain
Posts: 12,508
BattleTag: Lonami#2916
|
![]() That sucks, no decent antivirus? :S
__________________
![]() Metzen: They are one of the ancient races of Northrend that we haven't spoken of before... because we hadn't made them up before. (laughter) ~Main: Expansion theorycrafting, Expansions list, The Age of Nightmare, Empire of the Tides (coming soon)~ ~Fan ficton: Anachronos Journey: The Timeless Heir~ ~Geography of continents series: Old Kalimdor (original), Pandaria~ ~Locations as zones series: Azjol-Nerub, Barrow Deeps, Zul'Aman, Demon Hunter zone, Caverns of Time~ |
![]() |
Thread Tools | |
Display Modes | |
|
|