test content
Logo
What is the Arc Client?
Install Arc
Options
All the "hacked" account people
professorz
Member, Neverwinter Beta Users, Neverwinter Hero Users Posts: 0 Arc User
Hello all.
This is to anyone in the process of getting your account back from whomever has taken it.
There has been a huge amount of accounts that have been compromised within the last two weeks.
Mine included.
What seems to happen is all of a sudden the account email is changed on the account.
Then the password is changed. This all sends the confirmation of the changing of your email and password to be sent to the new email that it was changed to.
This person now has total control over the account.
Logs in and possibly kicks off whoever is playing said account.
The "hacker" then runs directly to the auction house selling whatever zen you had on your account for astral diamonds at whatever the price is at the time on the astral diamond exchange.
They then get to the auction house and purchase some type of insignia auction posted by there "Mule" account.
The price is so outrageous for the insignias that no sane person would possibly buy this auction.
Which makes for easy astral diamond exchange between characters.
Then they go to the mail box and check for any incoming mail which contains diamonds or the auctions they bought in an "attempt" to cover there tracks not allowing you to see the name of the person they bought the auction from.
I have been able to deduce this said path they take by my guildmates tracking the persons moves.
(i was kicked while doing a dungeon with them, they followed him everywhere till he logged off)
I have got my account back now after a lengthly process through support..
Upon logging in to find my zen and diamonds gone i instantly replied to the support email i had been talking to them with to get my account back. Giving them the details of my missing zen and diamonds.
No reply.
so the TL:DR You will get your accounts backs in due time. You will more than likely have no zen or diamonds. your celestial coins are gone.
Sitting tight again on support........
PS. Dont let this thread turn into a "why we were hack or what to do to not be hacked".
This post is to inform of anyone who has been hacked about the process to get your account back.
This is to anyone in the process of getting your account back from whomever has taken it.
There has been a huge amount of accounts that have been compromised within the last two weeks.
Mine included.
What seems to happen is all of a sudden the account email is changed on the account.
Then the password is changed. This all sends the confirmation of the changing of your email and password to be sent to the new email that it was changed to.
This person now has total control over the account.
Logs in and possibly kicks off whoever is playing said account.
The "hacker" then runs directly to the auction house selling whatever zen you had on your account for astral diamonds at whatever the price is at the time on the astral diamond exchange.
They then get to the auction house and purchase some type of insignia auction posted by there "Mule" account.
The price is so outrageous for the insignias that no sane person would possibly buy this auction.
Which makes for easy astral diamond exchange between characters.
Then they go to the mail box and check for any incoming mail which contains diamonds or the auctions they bought in an "attempt" to cover there tracks not allowing you to see the name of the person they bought the auction from.
I have been able to deduce this said path they take by my guildmates tracking the persons moves.
(i was kicked while doing a dungeon with them, they followed him everywhere till he logged off)
I have got my account back now after a lengthly process through support..
Upon logging in to find my zen and diamonds gone i instantly replied to the support email i had been talking to them with to get my account back. Giving them the details of my missing zen and diamonds.
No reply.
so the TL:DR You will get your accounts backs in due time. You will more than likely have no zen or diamonds. your celestial coins are gone.
Sitting tight again on support........
PS. Dont let this thread turn into a "why we were hack or what to do to not be hacked".
This post is to inform of anyone who has been hacked about the process to get your account back.
Post edited by professorz on
0
This discussion has been closed.
Comments
pwe anti hack support sucks *** your lucky if u even get your acc back let alone haveing any items on your acc which the company dealets most said items on a acc when its been reported as hacked
as for fileing a lawsuit u cant do it because its the leagal right of the company 2 do anything they see fit with your acc since its a f2p game which technical only means u are renting a char any money u spend 2 better yourself or your char is a complete loss if u lose are hacked or acc share and u lose said stuff
how do i know this lawsuit thing because i have looked into it any u cant get any where on a f2p game with it its completly dif if u are paying a monthy subsription most time but that being said look at your terms of agreement with games because it will tell u who holds the ownership of your char and your acc
Do you think I am blind. I read the whole post. Yes I saw he got his account back but because he has replied about missing stuff he has to wait for them to respond again.
Getting your account hacked and losing your stuff kinda... goes hand in hand. In any other mmo they FULLY resolve your issue at once, which is why I highly doubt (but still hope) that the currency will get returned.
I have scanned for trojans and everything like that, nothing. I have a different password for nw from any other application and I have never typed it in anywhere other than on this website and in the launcher.
Be aware that in other games, players sometimes did this and logged in through a proxy on mule accounts to see if they could dupe their Zen so to speak.
Not saying you are or did, just saying if they don't return it, this might be why.
Still im interested to see how they handle this.
Just throwing that in there.
Yeah, I have done scans of registry and my antivirus went through an extensive scan over night, found nothing at all. Thanks for your suggestion about the notepad, though I'm quite uneasy with having passwords written down.
I scanned with Microsoft's Malicious Software Removal Tool (not sure if it's good enough), but yeah, nothing.
Doesn't need to be that. All it takes is fake login site, browsing gold selling sites and clicking links in fake emails from PW.
I thought I would try to find out anything about how long it would be, or even just try to find out that it is actually in cue.
To be honest, I've never much liked Perfect World since the beginning to Perfect World Online. I went into the beta and there were a few big problems that happened so I put a ticket in, and I have never heard back about them. That ticket just disappeared years ago, so I had decided PW didn't like me, so I would not like them back. I have been a Cryptic gamer from back when City of Heroes was in Alpha, so I was hoping nothing would happen that i would need help.
Zeb saw my post in general chat, because a lot of people and I kept it up on the top. He changed things in the support cue for myself, and then a lot of other people to try to get our accounts back. I am very very grateful for Zeb.
I got an email on Monday at 11:55 PM telling me I got my account back and I could change my password. It told me that as soon as I did that, I should then reply to the message, and they would then unban my account. I checked my account email, then I changed my password, and then I replied to the email.
I am still waiting for any other word. I have replied a total of 16 times. I have called support from Tuesday through Friday 10 am-6PM Pacific and I have never been able to get a person at all. (actually, I think I sort of got someone 3 times. The phone automated messages stopped and the line when so quiet for 1 minute, then there was a few clicks, then I was disconnected)
Funny enough, they have also banned me from getting back into my account on their website, but again, I was already logged in from way back before I got hacked, and all the things I did to try to get it back. If I try to log in on a different web browser than the one I am using now, I get amessage that I am banned from doing anything with my account. I also get that with Neverwinter, Champions Online, Gateway, or Cryptics special account password double system.
I had no friends in game, so I am just assuming all my stuff (from Founders) is long gone. I hadn't used any of Astral or Zen that was on my account, so...I dunno what to do now.
Actually, this is why Perfect World is bad.
I have been in IT for longer than 20 years, and I have been a cleaner for 10. There was not even a whiff of anything on my computer. I don't read any email that looks like it is an ad, or anything that looks odd. The only sites I ever use for any online game are from the actual company, and MMORPG.com. I don't even go to other guild sites.
However, I use the same account name. I then use one of 104 passwords I have, using different numbers and special characters and uppercase to create a new password regularly.
My account name "shows up" in a lot of games, so people have wanted to get into my accounts for years, but the security must other companies have in place, with my password system, and my security on my PC has meant they have never been able to take my accounts from me up until this.
PW does not have any security for using an Account and other passwords on their website. If you try your password on either Champions, or Neverwinter on the GAME, after try 10, you can't try it again for 1 hour. That is Cryptic. PW website, you can try brute force passwords for DAYS.
As near as I can tell, the guy that did this to me, and the OP, used a brute force app to get in to a lot of accounts. Specifically, in 4-5 accounts at a time.
We can sit here all week and point the finger as to what happened.
Seems like we can add NWO to the list.
To those that have had their accounts compromised and returned and you have verified that you have no keylogger or virus...change your password. That is the best you can do and that is all it should take.
Like i said. im still in queue for a reply about the diamonds and zen.
I will update the post as i progress..
That is true, but then again.... how do you know? If we ok that as customer service for '13, we get what we deserve. I say, always give them respectable amount of time (24 hours) to keep you updated/answer. If they were to say 72 hours to do something, give them that +24. If we don't hold them to some type of standard it will just dwindle to nothing. We can't help it they don't sustain proper support, that isn't our bad.
If business had there way there wouldn't be such a thing known as support and this is why there are regulations in place, they complain about them, they have no problem taking in money but hate paying it out, that is all part of biz my friends. Without regulations they will simply run right over customers and rights. Proven over and over with death even as it's stamp, but we still get swayed into thinking all gov't is bad. Laws are the only thing that gives and protects rights and at the end of the day, that is almost everything and that is what we fought over, not off-shore accounts. Just reminding you, that we do have to be squeaky from time to time, it's just how business works.
On day 5 here and not a single word from PWE/Cryptic. I'm not holding out hope. Sad thing is that this is likely going to kill this game.
I checked for this and there's no keylogger. Don't just assume it's the user that's at fault here.
Yeah this is a major security flaw.
if you read my whole post you would see that i stated the confirmation email is sent to the NEW email.
this is one of the flaws in the current system.
You're both right. It IS sent to the new email address, but his point is that they should require the existing account owner to verify as well. The only time this doesn't work is when someone has lost access to their email account but that's the minority of cases I'm sure.