The results of being hacked: losing all of your equipment yet having a nice amount of gold…
This past weekend, I received an email from Blizzard Entertainment informing me that my account password had changed. The email went on to state that if I had requested the change, to disregard the email. But if I did not request the change, then I would need to contact Blizzard immediately in case my account had been compromised. I did not request the password change, so I got a bit worried. I tried to log onto my account on the battle.net website, and surely enough, my password was no longer valid. Someone had actually somehow hacked into my battle.net account! This freaked me out. Read on to see what transpired…
Luckily, as the account was still my email address, I was able to reset the password and log back into my account. When I logged in, the first thing I noticed was that the person who “hijacked” my account started the World of Warcraft Wrath of the Lich King 10 day trial. I am basically speechless that someone would do that. Does this mean that they’ve already logged in as one of my characters? Ugh.
I called up Blizzard’s customer support (and waited for 45 minutes) before actually getting through to someone. Once I did, she was able to verify that someone did get into my account, and that the person was in China. Wha? How did some Chinese gold farmer get into my account? And did they take all my moneys? How did they do that? I’m slightly concerned that this gold farmer was able to gain access to my WoW characters, but because I don’t play it much anymore it’s not as big of a deal. What bothers me is that on my battle.net account, all of my Blizzard games are registered there with their CD keys. I guess he now has CD keys to my copies of Starcraft and its expansion, Diablo II and its expansion, and Warcraft III and its expansion. Grr. At least this was before I bought Starcraft II, because that would be a problem if my Starcraft II key was compromised.
What did I do next? I ended up downloading all of the updates just to load WoW to see if the hacker did any damage (and hopefully kick them out as well once I logged in). All of this was over an hour after the password change request, and by the time I logged in, the damage was done. My main and basically all my alts were naked. Anything that wasn’t soulbound was sold and my inventory and bank accounts were practically empty. What was odd was that on my main, I had almost 1000 gold. I wondered if I really had that much when I quit playing, and if not, did that mean I took control of my account before the hacker was able to transfer the money elsewhere? I did notice a couple letters in my mailbox that consisted of something like 50 g each for the sale of Pristine Black Pearls or something at the Auction House, so it looks like the hacker put some of my stuff up for sale.
Fortunately, I think Blizzard deals with this all the time, so I was able to petition a GM and inform them that my account was hacked and all of my gear and items were basically sold. I actually thought about it for a little while if I wanted to get the GM to restore all my characters, because now I at least had nearly 1000 gold on my main. Maybe that was compensation enough? In any case, I ended up doing it because I felt that having no gear at all at that level would be too difficult if I were to want to play again.
Hours later, I got emails informing me that my characters had been restored. I logged into my main and apparently, if your characters were hacked and you lost all your gear, you get letters with gear attached to them. I think I got maybe 7-8 letters with 12 attachments each. It was pretty crazy to keep opening more and more epics. I also noticed that I had over 700 gold once my main character was restored. So what happened to all the money? Was the extra 250 gold on my hacked main a result of just all my epics being sold at a vendor? I was also surprised that the hacker had gone onto my level 2 alt that I used to store all my snowballs. Apparently they were all sold, because my alt got maybe something like 400-500 snowballs back in the mail from the GM!
In any case, looks like everything is restored, and I have changed the email and password to my Blizzard account. I still ask myself how the hackers did it though. How did they find my account? I doubt I have a keylogger installed on my machine and I have firewalls, spyware scanners, etc. I never fall for these stupid phishing scams, and I haven’t even played WoW or visited a WoW website in months. Did they just brute force guess my passwords?! And how did they get my email? I’ve never been successfully hax0red before, so this is all a little startling to me. I’ve since proceeded to try to change my passwords for every login of importance, but even then, it’s quite a harrowing task and now I need to actually implement a system for managing all of my accounts and passwords. So for those of you that are reading, I recommend you update your passwords from time to time – those Chinese gold farmers must be expanding to hacking now to try to meet their weekly gold quotas!
wow that’s scary.
was your password a word you could find in a dictionary? it’s certainly possible they used brute force. if they had a key logger, you would had to have logged into your b.net account for some reason or another. but when’s the last time you actually logged in?
also, if you still have access to the game, can you check the guild bank? i forgot if i restricted access to your account lol. it’s funny that i still care even though i stopped playing too.
Didn’t WOW get outlawed in China? Sorry to hear you got hacked, my old hotmail account got hacked once and so even after I got it back, I shut it down and had to reset ALL of my passwords.
Anyway, does that mean you are still paying the WOW subscription fee? Activision strikes again! Maybe I’ll hold onto the stock after all
eeyore: ya my password was a word though but with a number. it has since been changed to be a bit more secure…
i had been logged into my battle.net account a few times in the last month or so just to see if i got into the sc2 beta, but for WoW, I hadn’t logged on in about a year since i originally got the Wrath of the Lich King 10 day trial.
I think all of my Foxhound alts are not officers, so I was not able to access the guild bank so we should be ok i think. looking at the guild roster certainly brought back memories though. And btw eeyore, it looks like you’ve been busy with all those WoW characters sitting up there as the GM and officers hahaha
cmfl3x: i think last month WoW got approval to run in china again. I’m not paying any WoW subscription fee – but because the hacker activated my 10 day free trial (Blizzard loves giving these away so that you get hooked within those 10 days and start paying again), I was able to log in and check my characters.
yep, that’s how they got me. they gave me a free trial back in november, and i got hooked again lol.
oh i recently bought a new guild tab shortly before i quit so that i could store all the extra items floating around in my mailboxes. i forgot if i set the permissions to that tab correctly, but if you don’t feel like checking, it’s not a big deal. i was just curious.
it certainly sounds like you might’ve accidentally picked up a keylogger. there are actually viruses out there that specifically target wow accounts heh.
after i gained a decent amount of gold, i decided to get a blizz authenticator. yay microtransactions
I recently got hijacked too. I responded to an in-game mail disguising to be Blizzard offering to be beta testers for Cataclysm. A red alert should have triggered a warning when i clicked a fake website worldofwarcraftbeen.com, but all warnings were ignored because I really wanted to be part of the beta testing crew. To make the long story short, gm has restored some of my character’s items and gold but still waiting for my main to be fixed. So far my experience with Blizzard’s support has been stellar.
Hope they catch the hackers…DAMN YOU!!!!
good to hear that your account got restored. At least in your case, you were able to tell that you went to a fake website and that’s how your account got hacked. for me, i still don’t know!