asd původně napsal:

Aradragoon původně napsal:

I do cyber defense professionally and this just isn't true or accurate. There can be vulnerabilities in code, websites, etc. that mean you can do everything right and still be a victim. (I will note here, that the majority are due to user error. That being said it isn't appropriate or correct to tell someone if they do everything correct they won't ever have anything happen.)

One popular game had an issue where when logging into the main website the session ID was stored in plain text within the cookie. If you can see where this is going, people exploited that "vulnerability" and compromised accounts without needing the password, putting anything on your computer, etc. Won't get into all the details but there were other exploits that people used after that as well. Ultimately some that were hacked didn't do anything "stupid."

The example you're talking about is certainly possible—you can do everything correctly and still get hacked. However, in most cases, hackers prefer the easiest and most generic methods that work across all software. And that usually means targeting careless users.

Based on probability, if you follow good security practices, the chances of being hacked are very small—but not zero. Hackers simply prefer to target careless users since it's much easier and more effective.

I trade a lot. I sit in my hide buy low sell high. Very normal thing to do in something cold TRADE league. people in 3rd world country can sell divine for real money and make a living from it. So I'm sure there are more then enough ppl looking to hack others for monitory gains right.

drake.mouth původně napsal:

asd původně napsal:

The example you're talking about is certainly possible—you can do everything correctly and still get hacked. However, in most cases, hackers prefer the easiest and most generic methods that work across all software. And that usually means targeting careless users.

Based on probability, if you follow good security practices, the chances of being hacked are very small—but not zero. Hackers simply prefer to target careless users since it's much easier and more effective.

I trade a lot. I sit in my hide buy low sell high. Very normal thing to do in something cold TRADE league. people in 3rd world country can sell divine for real money and make a living from it. So I'm sure there are more then enough ppl looking to hack others for monitory gains right.

There it is.

Fake news

asd původně napsal:

Garlic Jr. původně napsal:

2FA wont stop this from happening. People with 2FA have still had their accounts stolen using this token copying. There is obviously a very serious exploit in the game that GGG has even eluded to.

The only way this "token exploit" could be carried out is if someone had access to GGG's infrastructure and was able to intercept communication between the client and server, which I find highly unlikely. If you download Microsoft's "PocMon" tool, you can see your token along with other details, such as the registry entries Path of Exile is using. Therefore, unless an attacker has direct access to client-server communication, this exploit is not possible.

ok know it all

Your items will be funneled to china and then into Elon's Rares folder.

You could've given less info

drake.mouth původně napsal:

Lost every thing I had on my account. GGG is doing nothing so far. Any ideas what I should do?

I installed cracked office, and 3 weeks later my 3 steam accounts got hacked without password without login, they just hijacked my session, and traded themselves every cs go skin.

Since then:
1. Never crack stuff.
2. Never use 3th party apps. You can price check easily.
3. Don't install stuff that your av is clearly telling you they're viruses.

Piggy původně napsal:

Dr. Rockso původně napsal:

Nah guys i'm sure he did nothing wrong.

1 VAC ban on record
1 game ban on record

Ha!

I stopped respecting game bans. Vac bans are one thing, but game bans are moronic.
As mentioned above, not only I lost all cs go skins, the f'rs played Rust through me, a game I haven't touched in 2y, and they got banned, and I had a game ban on my profile.

I contacted support, they told me to contact the game, I contacted the game, they told me they wont remove it, despite me providing:

1. steam support confirmation that I was really hacked.
2. email notifications of the hackers trading themselves the items to various other accounts.

Since then, steam did their job actually, and banned those accounts. But the game ban remains. So I made a new account.

A tremendous amount of people have been hacked recently. I suspect it's due to one of two things. One, poor security on the PoE forums logins, no 2FA, or two, there's something up with trading and the stealing of session id's. Change your forum password at least.

P původně napsal:

A tremendous amount of people have been hacked recently. I suspect it's due to one of two things. One, poor security on the PoE forums logins, no 2FA, or two, there's something up with trading and the stealing of session id's. Change your forum password at least.

"Tremendous"
<100.

People finally learning to not reward the troll an instead give your rewards to people you like.

Aradragoon původně napsal:

...

if you have a computer and you don't know that the chance isn't 0, I don't know what you are doing on the internet. It's why we do our best to avoid it.

We have no proof that it's happening as far as I know, and that's it's linked to the game itself, not bad habits, so let's not scare people for no reason. ;p

Occam's razor here is "dude tried something that didn't work out well for him".

P původně napsal:

A tremendous amount of people have been hacked recently. I suspect it's due to one of two things. One, poor security on the PoE forums logins, no 2FA, or two, there's something up with trading and the stealing of session id's. Change your forum password at least.

There's a lot of people playing poe2, therefore more people are getting hacked. Does it mean more people are getting hacked than elsewhere in proportion ? :P

Count all the threads reporting hacks, then compare that to number of peak concurrent players. This is still a fraction of the playerbase. People who have no issues aren't represented in complaints, and people who have reason to complain are overly represented in here and on reddit.

Taking shortcuts can be tempting, and it's not really something anyone would say in these threads, therefore it's easy to doubt op. Because of that, no reason to talk about this here, the only solution is to contact GGG, they will look into the history of your account, if there's legit a problem with their game, they'll see it by themselves, even if there's only one person reporting it. ;p

drake.mouth původně napsal:

Lost every thing I had on my account. GGG is doing nothing so far. Any ideas what I should do?

You clicked on a toxic steam discussions link

and well, who cares about losing standard league gear ;D

This PC původně napsal:

Aradragoon původně napsal:

...

if you have a computer and you don't know that the chance isn't 0, I don't know what you are doing on the internet. It's why we do our best to avoid it.

We have no proof that it's happening as far as I know, and that's it's linked to the game itself, not bad habits, so let's not scare people for no reason. ;p

Occam's razor here is "dude tried something that didn't work out well for him".

P původně napsal:

A tremendous amount of people have been hacked recently. I suspect it's due to one of two things. One, poor security on the PoE forums logins, no 2FA, or two, there's something up with trading and the stealing of session id's. Change your forum password at least.

There's a lot of people playing poe2, therefore more people are getting hacked. Does it mean more people are getting hacked than elsewhere in proportion ? :P

Count all the threads reporting hacks, then compare that to number of peak concurrent players. This is still a fraction of the playerbase. People who have no issues aren't represented in complaints, and people who have reason to complain are overly represented in here and on reddit.

Taking shortcuts can be tempting, and it's not really something anyone would say in these threads, therefore it's easy to doubt op. Because of that, no reason to talk about this here, the only solution is to contact GGG, they will look into the history of your account, if there's legit a problem with their game, they'll see it by themselves, even if there's only one person reporting it. ;p

Ok well this is from GGG them self.

https://webcdn.pathofexile.com/forum/view-thread/3514587

https://www.pathofexile.com/forum/view-thread/3667200

they had link up on there page for fake account and ppl stilling info. Along with they made a post on x. So it is not just me and it is not just a couple ppl. They had to make a public thread about it on there web page.

This PC původně napsal:

and well, who cares about losing standard league gear ;D

Yes you are right! no one cares about account security.... or having a game where you loose every thing when you log out....If only we where all as tough and great and smart as you...Only if we had your greatness we could not be bothered with loosing 100s of hours of effort. only if we all had a fraction of your almighty greatness lol.

You sound like a bad key board kuk man.