BNET Account Scammed

Alright. I appreciate the feedback and the suggestion about ASCII is very thoughtful.

Still I'm not surprised at some of the comments. I do however, believe you will see more of this type of activity.

Keylogger: Don't see how this could happen seeing that I have not downloaded anything from the internet in a long time. I don't use any hacks. No map hacks. I also have firewall and Norton. But hey what do I know.

Interesting - my mule was not touched either. Too bad they have crap stuff!!

No failed log in attempts that I can remember. I don't play at Internet Cafes and I don't have any friends that play Diablo.

I don't mind the inquisition - I would do the same. I really just want to make sure this is logged, as I will not be playing Diablo again until the ladder resets.

My password could not simply be guessed. It is a complex alphanumeric.

After speaking with my IT friends at my company yesterday, they really feel I was password hacked by a hacking program. Not a simple one either, considering my password was quite complex and not a word from the dictionary.

Thanks for the help.
 
You see, THIS

xNamastex said:
After speaking with my IT friends at my company yesterday, they really feel I was password hacked by a hacking program. Not a simple one either, considering my password was quite complex and not a word from the dictionary.
Click to expand...

is preciselly impossible because of THIS

xNamastex said:
No failed log in attempts that I can remember. I don't play at Internet Cafes and I don't have any friends that play Diablo.
Click to expand...

If a program tried to guess your password, you would have seen failed login attempts.

And I seriously doubt someone would hardhack your entire computer, fully illegally trying to bypass your internetaccess and any protection you have without getting caught, just to steal some virtual items online :scratch:

(hard to believe because it's near impossible for a normal person, and the weird asses that actually can pull of that kind of stunt, they sure as hell would have better accounts to hack than yours)



The only logic explenation is that someone knows your password, since the person didn't bother to change it after stealing. How this is possible, I leave up to you, I don't know your friends.
 
Nothing's impossible on the net.
It IS possible, but I would agree with the better target.
`n its not hacking. Cracking it'd be...
blah.

The best way to protect yourself, is to learn about all the current methods. Just because something isn't recognized as current - oR recognized as being able to work, doesn't mean it doesnt exist. Simply saying it is impossible, out of ignorance is really close minded; somewhat expected better from a longtime member =/

While we aren't allowed to discuss methods, and so forth here- it seems even this's toeing it a bit- the bottom line still ends up as, he's without items. So while you may disagree, or doubt, or just choose to ignore the existence of different methods - he's still without items =/

xNamastex: I don't know if you created that acct, or got it from friends / giveaway, or w/e. But be sure to protect your email - have it different than the one you use to register to forums with. and Create your own acct. Re email: all that security password stuff, helps most if you just use a secondary password as the answer, completely irrelevant to the question.
 
Xenon[KoA] said:
The best way to protect yourself, is to learn about all the current methods. Just because something isn't recognized as current - oR recognized as being able to work, doesn't mean it doesnt exist. Simply saying it is impossible, out of ignorance is really close minded; somewhat expected better from a longtime member =/

While we aren't allowed to discuss methods, and so forth here- it seems even this's toeing it a bit- the bottom line still ends up as, he's without items. So while you may disagree, or doubt, or just choose to ignore the existence of different methods - he's still without items =/
Click to expand...
Meh, I'm only in it for the facts. If he says he never downloaded any third party program or hack or whatever, he never gave anyone his password, he didn't get any failed login attempts.

I'm curious what other methods there are to obtain a regular person's password then? I'm guessing it's not as easy as in the movies to hack into something irl, but it might be possible (like I already said, I just find it highly unlikely to happen)

Merick said:
If someone's going to hack an account, why not a top ladder player instead of someone they maybe saw with a hoz in a baal game?
Click to expand...
I wondered about that too? Why go through all the problems of hardhacking just to obtain some virtual items from a regular player? (unless there is another way next to hardhacking, telling your password or keyloggers?)

EDIT: as far as I know, your password isn't stored on your computer at all, maybe only temporary when you log in on bnet. So if it is a hardhacker, he either was lurking around in the guys computer, waiting (or letting a program wait which he slipped in without the guys antivirus noticing, past the firewall) for him to log in OR the guy hacked the bnet database and said: "hm, I'm gonna choose a guy at random and steal all his good items only"

Do you understand why I find this a bit akward?
So, by all means, if there's another explenation, I'd like to hear it.
Until then, it's in my drawer labelled "impossible OR not all facts known"
 
Facts are always good +_+

Yeah... there are some things that don't add up (mainly, characters being left there, and choice of target), but...
Discounting something, just because it doesnt seem to add up, seems bit hasty :shocked:

this part's pure speculation - but Info might've been shared / leaked. Just look at the namebots. Used to be private, in the sense of only 3-4ppl had them, but they were shared - still private but spread throughout friends... and now -I'd guess, maybe 12-18 ppl have them? The relevance I suppose - would be that if an increasing number of ppl got ahold of a solid method, there would be an increasing number of seemingly unexplainable losses - among those who're not even aware its possible.
 
monsinour said:
The ascii is the most important part of that post. I am a computer person and i am Security+ certified. I have taught the CEH ( certified ethical hacker ) class at my former job. THE ONE THING THAT ALL PASSWORD CRACKING SOFTWARE PROGRAMS CANNOT HANDLE IS ASCII CHARATERS. in all of the dictonaries and self made dictonaries and all of the charater set files for these programs, the one type of charater that is not at all EVER included is ASCII. Best example i can give is to start your password with
hold down the left alt key and press 258 and then type in your password. for example "?password" DO NOT USE THIS EXAMPLE!

Monsinour lvl 84 Avenger
Click to expand...

i want to protect myself from the scan he got, but wut is this ASCII? can some1 help, im confused.
 
if your registered with blizz under the same email that you are registered here with someone can just get that info off this or another site and have the email changed to theirs. then get a new pass sent to the new email and bam they have your acc. they you just change the pass back and let the original user look at his account in wonderment. sorry for your lose:afro:
 
The only reason I said that you were lying/exaggerating is due to the sheer lack of tangible evidence.

You say you've never downloaded any hacks or bots, never used any other 3pp's, you swear that your password is unguessable, and you've never had any failed login attempts submitted to you, I just find this all hard to believe.

Like I said before, things don't just disapear out of nowhere. It could be quite possible a glitch happend and you lost some items...but it would have been random items...not all of your godlies. It just doesn't all fit together.


rolling stoned said:
if your registered with blizz under the same email that you are registered here with someone can just get that info off this or another site and have the email changed to theirs. then get a new pass sent to the new email and bam they have your acc. they you just change the pass back and let the original user look at his account in wonderment
Click to expand...

This could be a possibility...but why would someone change the password back? It's just out of the ordinary for a theif to do. When people steal things, they just steal them. There's no reason to go out of their way to leave thier victim bewildered...

Like I said, I don't mean to sound mean about this, but this all seems rather unbelievable based on the information you've given us...

Is someone who knows more about this kinda stuff comes along with information that counters my argument, then i'll concede....but it just doesn't fit as of now...
 
Stompwampa said:
This could be a possibility...but why would someone change the password back? It's just out of the ordinary for a theif to do. When people steal things, they just steal them. There's no reason to go out of their way to leave thier victim bewildered...
Click to expand...

Actually, it seems a very good possibility, I've heard numerous stories about thiefs breaking in someones house, cooking dinner and doing the dishes before leaving with all the prrrrrrecious :rolleyes:

And iirc it's better to leave no trails at all. Maybe the new pass would have hinted the original guy who stole his items?

I know I would've changed the pass back if I were the thief (not out of "friendlyniss" but just to leave no evidence as to what exactly happened)



The only thing that bugs me with this explenation though is this:

if the other guy used a password recovery to access that guys email, how did he change the password of the email back to the original? afaik, password recovery doesn't show you a password, they only allow you to enter a new password once you answered the secret question?
(I assume the email password is still the same, since he didn't say anything about that?)

EDIT: just thought of another remark:

It's nice that the OP wants to warn us about a possible new scam/hack, but with only this:
"To all forum members:

Please be on alert for some type of scam on BNET that has just occurred to me."

We don't have any idea what exactly happened and thus how to prevent it?

EXTRA NOTE: why is he using the word "scam" instead of "hack" in his first line? Since he didn't fall for any scam and didn't visit any scamwebsite and got hacked out of nowhere that doesn't seem to make a lot of sense?
 
Dawnmaster said:
EXTRA NOTE: why is he using the word "scam" instead of "hack" in his first line? Since he didn't fall for any scam and didn't visit any scamwebsite and got hacked out of nowhere that doesn't seem to make a lot of sense?
Click to expand...



Exactly my point...
 
This may not have anything to do with what's happened to the OP, but I got RRM/RWM off a link on this site the other day and after playing SP for a while I checked the folders again and along with a whole slew of .bin files in the C:\Program Files\Diablo II\runewords\data\global\excel folder a 0KB file named "BnetLog.txt" had appeared in my C:\Program Files\Diablo II\runewords folder. A duplicate of this file is also in my C:\Program Files\Diablo II directory so it's possible it's something the game creates whenever it feels like it, but I can't remember whether it was there when I was still vanilla.

Not like it really matters in my case. Now that I can use all the runewords I don't imagine I'll be going back to play on Bnet.
 
Folks, thanks for the questioning. A couple of further bits of clarification:

I went to check the email I registered Diablo 2 with and there is no email listed there? Its blank field. I don't remember if I ever did register - or maybe you have to? Appreciate input on this.

My email account seems untouched with no log in during the time I was not on BNET. I don't use the same login//pasword for other things.

I made this account myself way back a number of years ago before LOD. It was not given to me.

I may have slightly pissed someone off - if you call not accepting an unfair trade a piss off. I don't understand why I was chosen. I am far from "godly" compared to some folks out there.

I did offer up a Hoz for trade recently but seemed all the deals fell through. I was contacted by someone called Madjacky on line, but recognized that Madjacky was not the same account used by the Madjacky on these forums, so did not respond to whispers.

Now both my Hoz's are gone - my good one and the one I offerred to trade on these forums.

Regarding failed login attempts - how do I see if there were any? I was assuming whether you meant if I had any failed login attempts.

I really don't know if this was a scam or hack or whatever. I was just making sure the forum folks where aware of what happened to me - Thats all!! I am really confused but appreciate all the feedback.
 
When you're logged in, choose a character and wait in the create/join room.

Enter any chat channel and you'll get this message in grey:
"You have joined channel: Diablo II [REALM]-[COUNTRY]-1"
Followed by a few messages in blue:
"Welcome to Battle.net!"
"This server is hosted by [SERVER]."
"There are currently [USERS] users playing [GAMES] games of Diablo II Lord of Destruction, and [USERS] users playing [GAMES] games on Battle.net."
"Last logon: [DATE & TIME LAST LOGIN]"

Now, if someone tried some passwords those blue messages will be followed by one red message that looks like this:
"Failed logon attempts since then: [ATTEMPTS]"
 
Dawnmaster said:
When you're logged in, choose a character and wait in the create/join room.

Enter any chat channel and you'll get this message in grey:
"You have joined channel: Diablo II [REALM]-[COUNTRY]-1"
Followed by a few messages in blue:
"Welcome to Battle.net!"
"This server is hosted by [SERVER]."
"There are currently [USERS] users playing [GAMES] games of Diablo II Lord of Destruction, and [USERS] users playing [GAMES] games on Battle.net."
"Last logon: [DATE & TIME LAST LOGIN]"

Now, if someone tried some passwords those blue messages will be followed by one red message that looks like this:
"Failed logon attempts since then: [ATTEMPTS]"
Click to expand...

Thanks for that. But I don't recall anything in red. Hopefully I would have noticed. But maybe not.
 
Am I missing something? If his password was changed back to the original one, the old one had to be known as was stated on this page.

Nevermind anyway. Sorry for your loss.
 
It only tells you the failed login attempts once. That means if his pass was hacked using a program, the person could have taken some stuff, exited, come back (after knowing the pass), taken more. When xNamastex logged back in there would be no message in red. No changing passwords or anything horribly elaborate. Honestly, if he didn't mistakenly give out his e-mail address, I believe him. Sorry you got robbed.
 
i have a question. if you say had downloaded something d2 related and thought you were in danger what exactly could you do besides a full rebbot then pass change if you havent been got yet?
 
Log in to Reply / Create Site Account
Remove Ads - Go PurePremium

Latest posts

Back
Top