Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:

Regularly scheduled events

Diablo III Hacking?

A bunch of threads on the Diablo III forums from players who've experienced unauthorized access to their accounts suggest their may be a security issue with the action/RPG sequel or that the game's future support of real-money auctions has attracted more hacking attempts than one would consider normal. The threads in question are: Ummm...all of my gold and items are gone, Hacked. GG Online Only Single Player DRM, Hacked with an authenticator, and The hacker found (with screenshot). Thanks nin.

Post Comment
Enter the details of the comment you'd like to post in the boxes below and click the button at the bottom of the form.

238. Re: Diablo III Hacking? May 23, 2012, 10:17 Verno
 
My coworker (btw, I am a Systems Security Engineer for the govt (CISSP), and have been doing security for decades) started up Wireshark, and then D3.. he was telling me how easy it was to hijack his session..the session ID floating around out there.. and then we got into the 2 step process it took to reverse engineer his authenticator.

Yeah, a friend of mine mentioned their use of unencrypted session IDs on the forums and they won't comment. Battle.net went down for maintenance later on as well which is amusing timing. I'd also note this same problem happened with Rift at launch but at least the devs owned up to it and fixed things quickly. This will likely just be handwaved away under the predictable guise of "ppl r stupid with computars!" which may be true but doesn't really answer every single case of this.

The other thing is that Battle.net accounts are very lucrative to hack. They are worth $25-50 a pop on the "black market", pose no risk of prosecution and are highly in demand. The idea that Blizzard is some unhackable entity just by virtue of being a profitable corporation is laughable. Quite often it's those same institutions which view IT/IS as money black holes and don't invest enough in them.
 
Avatar 51617
 
Playing: Shadow of Mordor, Peggle 2, TIE Fighter
Watching: Capturing the Friedmans, The Jungle, Person of Interest
Reply Quote Edit Delete Report
 
Subject
Comment
     
 
      ;)   ;)   :(   :(   :o   :o   %)   %)   :)   :)   :|   :|   ;P   ;P   X|   X|   :D   :D   More
 
Login Email   Password Remember Me
If you have a signature set up, it will be automatically appended to your comment.
If you don't already have a Blue's News user account, you can sign up here.
Forgotten your password? Click here.
 
          Email me when this topic is updated.
 

Special Codes

  • b[bold text]b
  • i[italic text]i
  • u[underline text]u
  • -[strikethrough text]-
  • c[code text]c
  • +[bullet point]+
  • q[quote text (indented)]q
  • [quote="Author"]quote text (indented)[/quote]
  • [url=Link]text[/url]
  • r{red text}r
  • g{green text}g
  • b{blue text}b
  • m{maroon text}m
  • s{secret text (shows in the background colour)}s

Forum Rules

  1. Disagree all you want but attacks of a personal nature will not be tolerated.
  2. Ethnic slurs and homophobic language will not be tolerated.
  3. Do not post spam, links to warez sites, or instructions on how to obtain pirated software.
  4. Abusing the forums in any manner that could be construed as 'griefing' will not be tolerated.


footer

Blue's News logo