WoW BHA: Officer Change/ Guild Bank Robbed
Sunday, July 6th, 2008 - 1:29pm
Well, the hackers strike again. This time, one of our officers got hit and cleaned out the guild bank. The biggest losses were the nether vortex and the epic gems. All of the gold is still there.
So, effective immediately, I'm demoting anyone who has bank access that hasn't played in a reasonable period of time.
In the mean time, I'm going to contact the player in question and ask them to submit a ticket and hopefully get some of the better stuff back.
And remember, the Japanese aren't commercially whaling. They're conducting "research". Like "researching how delicious this whale is". - Paleocon
Seems like GWJers suffer from hackers quite often.
Most people in WoW do.
And remember, the Japanese aren't commercially whaling. They're conducting "research". Like "researching how delicious this whale is". - Paleocon
Who was the offender (ie the person who got hacked).
I have not logged on for a while, but feel sorta obligated to try to prevent this from happening to my account. Is there anything I can do ?
True dat.
"Just remember that sometimes you need to allow problems to just roll like water off of a duckilama's back." ~Reaper
I think all officers, this is just my opinion, should get the authenticators. At least the CFOs and the CEO. Granted this is just my opinion, and not trying to cause any drama, or problems. Someone in game had mentioned this, and I agree.
Hanta, I don't think Reap wants to mention names so that the person who's account was hacked doesn't get bombarded with tells. It wasn't you, so no worries:)
Wannabe priest with a sword....
Right. I just let people know so that if one happens to log in and check the guild log and see that I've demoted about 20 characters that there's not need to panic.
And remember, the Japanese aren't commercially whaling. They're conducting "research". Like "researching how delicious this whale is". - Paleocon
Heck, I'm not an officer, but I really want one of the authenticators.
I ordered an authenticator before they were on backorder, so if I get one anytime soon (and if they're still on backorder), I'd be happy to send it to an officer/CFO for better use. I'm primarily on the Mac, and while I'm obviously not hack-PROOF, I'm more hack-resistant than Windows machines, so I can safely wait for the next batch. Plus, I can only lose personal things anyway, and Blizzard restores those.
I would also suggest, strongly, that you allow just one character per account to be an officer. That is, let Krindle be the exec, but then Gloc and any other alts are just members. You could reconsider this after the Authenticators are actually in people's hands, but for the moment, that would be much safer.
The bank was cleaned out because the hacked account had a number of alts, so each alt was able to suck a bunch of good stuff out... by limiting it to just one account per person without a keyfob, the guild exposure to any one password is limited.
Yeah, it's inconvenient having to switch chars to do officer stuff, but security is almost always inconvenient, sadly.
I don't mind saying that it was me. Anyone in the guild can see that from the bank log.
You guys know I haven't played much at all in the past 6-8 weeks, I told Reap a couple of weeks ago I was going to take a break for a bit. In fact I canceled my subscription just a few days ago and logged in for the first time in a couple of weeks to make sure my mailboxes were clean.
I have no idea how this happened. Virus scans, ad aware and spybot scans are all clean, I have not done anything stupid on my PC. In fact it's a new PC I just got three weeks ago. I can only assume it was brute force or some site I have an account at sold my details or was hacked, my user and passwords at many sites are the same.
Besides the really crappy guild bank looting, whoever did it also sold my gear, cleaned out my bags and I lost 3,500 - 4,000 gold.
I have already followed the directions on this page to notify Blizzard and try to get things restored. I also changed my account password of course. Losing my own gear sucks, but I feel even worse about the guild bank. Does anyone know if there is anything else I can do? Does anyone know if Blizzard has a history of restoring guild bank items in cases like this? If you guys haven't already, I would recommend taking screenshots of the guild bank log for records.
As far as an authenticator, since I have not been playing, I also haven't been keeping up on a lot of the threads here and I didn't even know of them until two days ago when I read Demos' "banned" thread. If/when I do play again I will surely order one, for $6.50 or whatever it is, seems like a no brainer.
People in WoW do get targeted more though because there's a larger pool for the attackers to go after. The rest is maintenance and being aware. You should never plug in your account info at other sites no matter the service. If they become compromised then you're toast. Plus a 1-3 month password change on your account should also be done. People that play WoW are targets and should act accordingly. The new authenticator should help as well.
Not trying to kick Leap while he's down, but just pointing this out to everyone else that thinks this type of thing can't happen to them.
Gamer Tag: Rantyr
I'm very sorry to hear that this happened to you guys. It happened to us recently; our GM was hacked. Rest assured that if you follow the proper channels with Blizz, you'll get everything restored in time. Our guild bank was fully restored after they finished their investigation.
It turned out that his login to a web site was the same as his login to WoW. The site was hacked and the rest is history.
Guess he won't ever make that mistake again.
Good luck.
Oh crumbs, I'm all thumbs laying here with you. You're beautiful and busty and I'm a little rusty - I've forgotten what to do...
As CC said, Blizz has been pretty good. They will basically restore your account to a point they deem acceptable. In Ely's case, he wound up with a bunch of other stuff. BOE blues and the like. Apparently the hackers were going to use his toons as mules to transfer stuff off the server.
And remember, the Japanese aren't commercially whaling. They're conducting "research". Like "researching how delicious this whale is". - Paleocon
Leap- Don't worry about it. It is a game and we can replace stuff. If you need any help when you come back, let me know as I will do my best to help you replace stuff that you don't get back. On a lighter note, the guild bank is as clean as I've seen it in a long time.
Tundra= Grinders (main), Grindars (paly alt), also work with Shanker/Reap.
Thanks Grinders, and everyone else. I didn't hear back from Blizzard today. As soon as I do I'll post here and keep you guys updated on the progress.
Three days and still no response from Blizzard. For those of you who recently had your account hacked, is this normal?
I'm still waiting on mine too, but I snail mailed it seeing as how I don't live in the 80s with a fax machine. I did however email them to ask what the "strong evidence" was that lead to my account being locked/banned in the first place... but haven't gotten a response there either. Though they do ask for 48-72 hours... So if you don't hear anything tomorrow, I'd suggest an email just to see if you can get some kind of status update. Remember to call him sir, he likes that.
"Just remember that sometimes you need to allow problems to just roll like water off of a duckilama's back." ~Reaper
Snail mailed what? Per this page I sent an email in.
I got my Authenticator. Are there any officers who are trying to get one and couldn't?
I'm pretty sure that there are multiple at this point. I was -| |- close to getting in on the batch that was briefly available for order on Thursday or Friday. I had one in my cart and by the time I entered the checkout information they were sold out.
GWJ Alliance on Blackhand
Lunazul - Rouge & GWJ Paparazzo
Merdee - Hunter
Lunarel - Druid
Well, Reap wants it, so I'll mail it to him tomorrow.
Given that having his account hacked would completely clean us out, I think I speak for everyone when I say "Thank you for your generosity. May the WoW gods shine on your account & smite any who attempt to hack it."
GWJ Alliance on Blackhand
Lunazul - Rouge & GWJ Paparazzo
Merdee - Hunter
Lunarel - Druid
Speaking of account hacking, just checking in to give you a status: Blizzard sucks. They finally responded to my email on the 11th, note I sent the email on the 6th. When they did respond all they said was they forwarded it to a "Character Specialist" who will take "up to two weeks" to get back to me. And they reset my password, note my original email stated I had already changed my password. Why thanks, you've been so helpful Blizzard.
By the way, does someone mind checking the guild tab and confirming none of my characters have been logged in since the 6th?
I'll do that tomorrow, Leap.
And remember, the Japanese aren't commercially whaling. They're conducting "research". Like "researching how delicious this whale is". - Paleocon
All the toons I recognize as being yours have not been logged in for 8 days.
That which does not kill you, still hurts like Hell. - Anonymous Soldier
None of us is as dumb as ALL of us. - Anonymous Staff Officer
Veni, Vici, Ridebam, Discedebam - "I came, I saw, I laughed, I left"
Thanks Troll.
Just my two cents as a guild leader.
We have four bank tabs. The first one is for the high dollar, ask an officer, items. The second is for "swap" space and anything goes in there. The third is for raiding consumables like potions, elixirs, food, etc. The fourth is for crafting materials.
The main tab is viewable by normal members and officers have access to 10 stacks/day.
The other tabs allow 3 stacks/day for normal members and officers have 10 stacks/day.
Officers get 100 gold withdrawal/day from the cash.
Recruits can't see the bank at all.
In my time, so far, as a guild leader, an officer has been hacked and we lost some things. And about five or so people have made off with normal account access. Luckily, my account has not been hacked. I realize that different guilds operate differently, but I set those limits based on the maximum lee-way I thought an officer would ever need. I would rather someone ask for my help, or for a temporary increase in access, than give more access. The bank has never been cleaned out and, at most, we don't lose everything. Authenticators are nice, but just having strict limits helps minimize the losses if something happens.
Again, this is just what worked for my guild and it might be that how you guys work is totally different. Just throwing that out there.
-Bad Mojo
And man that dog looks like he's having a good time, but that monkey is f*cking into it. This isn't his recreation; this is his life and he knows it in a way I will never know anything. --Danjo Olivaw
I think we've actually gone farther in locking down our bank access than you describe.
We have purchased all of the available tabs. All the tabs have restricted access (who/how much per day). Only the GM can withdraw money. 2 tabs have access for all full Guild Members, 2 tabs require Officer or higher status and 2 tabs require CFO or CEO status to access. Every tab has a limit to how many items people can withdraw on one day.
We just had the very bad luck of having the account of one of the CFOs getting hacked, which gave them access to the restricted tabs and allowed them to cherrypick the best of our guild loot.
GWJ Alliance on Blackhand
Lunazul - Rouge & GWJ Paparazzo
Merdee - Hunter
Lunarel - Druid
Yes BadMojo, we are similar if a bit more restrictive, like RedJen said. The bad thing is I was one of the four CFOs for GWJ, the highest bank access role outside of the GM.
An update for everyone. After a week and a half of unsatisfactory response (i.e. almost none) from Blizzard I put in an in-game GM ticket yesterday. This morning a GM responded via email and basically said "Here, I am restoring a bunch of your gear and some BOEs so you can start playing again. Our investigation is still continuing into more restorations and we'll let you know when it's done."
Tonight I logged in and reviewed what they had done. I am still missing a bunch of items, and all of my gold, but they did restore most of my soulbound gear. They also gave me a bunch of BOEs, some of which I recognize from being in the guild bank. I put all of the BOEs and gems they gave me into the guild bank, filled up Tab 6 and most of Tab 5. There were a bunch of blues in there including a bunch of blue gems.
I will keep you guys posted on whatever I hear next.
Well, at least they threw you a bone.
It does suck that they are taking so long to completely sort it out, but it's a start.
Xbox Live : Aries GWJ PSN : AriesGWJ