HACKED ACCOUNTS (UPDATED) - INFO ABOUT ISSUE, DATA COLLECTION, KIND REQUEST FOR ZOS TO FIX THIS

Kiara

Roach1990 wrote: »

if you want see how zos help players who pay them from day 1. you can go reapers march bank and meet this person who steal my account online
I have more screenshots where he go to one person a trade items with him...

[img][/img]

Man, that is awful! how did this happen?

Roach1990

I dont know how zos can give acces to my account another person from another country, ip and other stuff.
and this happend two times.
for real?...

altemriel

Roach1990 wrote: »

if you want see how zos help players who pay them from day 1. you can go reapers march bank and meet this person who steal my account online
I have more screenshots where he go to one person a trade items with him...

[img][/img]

wait, so this is an actual screenshot of your stolen character being played by someone else?

and you have provided this screenshot to ZOS and they are doing nothing??

@ZOS_GinaBruno @ZOS_MattFiror @ZOS_KaiSchober @ZOS_JessicaFolsom

altemriel

ZOS, could you pls comment on this??

it is really urgent!

SisterGoat

I wonder if there could possibly be a malicious addon going around that has Czech/Slovakian support that these people were using that put a keylogger on their computer and that was used to hack their account? I am quite certain that's how my WoW account was hacked when it didn't have an authenticator.

SirAndy

SisterGoat wrote: »

I wonder if there could possibly be a malicious addon going around that has Czech/Slovakian support that these people were using that put a keylogger on their computer and that was used to hack their account? I am quite certain that's how my WoW account was hacked when it didn't have an authenticator.

AddOns aren't loaded until you are already logged in but if you have a AddOn that requires a 3rd party EXE to be installed, that 3rd party exe could easily function as a key logger.

monktoasty

Hmm..I'd be interested in official response to how hacks are handled and how they will protect users.

People spend loads of money not to be protected

altemriel

SirAndy wrote: »

SisterGoat wrote: »

I wonder if there could possibly be a malicious addon going around that has Czech/Slovakian support that these people were using that put a keylogger on their computer and that was used to hack their account? I am quite certain that's how my WoW account was hacked when it didn't have an authenticator.

AddOns aren't loaded until you are already logged in but if you have a AddOn that require a 3rd party EXE to be installed, that 3rd party exe could easily function as a key logger.

insightful info, thank you !

altemriel

while my second tread was closed yesterday for duplicity treads (agains forum rules), let`s continue the discussion here in this first tread.

I will make quote-replies from the closed tread here into this tread later today

altemriel

Ok, so this was the first original tread (bellow).
I have created a follow-up tread (HACKED ACCOUNTS, PART II, data collection + kindly asking ZOS for official reply (again))
to get more attention from ZOS - so that they reply.
It was closed for duplicity treads, so I am updating this tread and moving all the discussion from there to here

altemriel wrote: »

Ok, so one of my guidies mentioned this issue has happened to her, her account was hacked multiple times, her stuff robbed, gear, crafting bag, gold, AP, and the only respond from ZOS support was, we are sorry, we actually can not do anything about it, here, have some gold as compensation?

How could this even happen? We all know ZOS is logging everything we do in this game, our chats, our inventories, movement, IP address we usually log in from, everything.
So how could it even be true, that they can not restore all the stolen items, find the hacker and ban him???

I hope I do not get banned from the forums or even from the game for bringing this topic again up, but this really needs some more attention.


Please read her tread about this:
https://forums.elderscrollsonline.com/en/discussion/373263/my-account-has-been-hacked-and-sold-out/p1


Meanwhile her ESO account was banned, as ZOS claimed, that the ownership of her account was taken by another person and they can not for some mysterious reason distinguish, who the real owner of the account is (of course she was the owner, as she was all the time from the beginning logging from her (the same) IP address).


This really makes me sad. And what is even more sad, that there was no official response from ZOS about this, about their part of fault and about how to prevent this, so that it will not happen to us.

I play this game since beta, I really enjoy it, despite all the bugs and lags, but if this would happen to me and if I would receive such a response from the support as she did, I would feel really bad.


Could anyone from ZOS pls comment on this?????

altemriel

ZOS_CoriJ wrote: »

While we appreciate concern over the matter of hacking, we will now allow for continued spamming and duplicate discussions on Hacked accounts on General Discussion. This is receiving a lot of reports and becoming more of a disruption than an assistance.

Moderators, Community Managers, and Developers are not the parties who can give further information on the topic of Hacked Accounts. They are not involved in this process and therefore cannot be of assistance.

The best thing that can be done is for the individuals to take any individual matters up with Customer Support. Accounts are not closed without reason and the details, as personal information, should be handled one on one between the users and what Support staff has further information.

For those interested in further reporting, we suggest the long-running thread in General Help. Keep in mind, however, that this does not expedite a resolution the way that sending in a Support request sooner will.

Thank you for your understanding.

This was the first reply from ZOS to my second tread about this (which was closed because of "duplicity treads")

altemriel

But the thing is, that:

My main reason for opening the first and then also this second tread was because noone from ZOS replied to the first one.
ZOS is suggesting, that this issue should be solved trough support tickets, but that is the problem - the reply from the support and their "solutions" are totally not satisfactory, as:
1. they do not satisfy the players - offering just some gold as compensation is really not enough, why can not all what was stolen be returned to them? I mean, yes, they could be suspected as fraud - wanting to duplicate their items, but come on, some more trust in us would be really nice. I strongly believe that it was not the case of fraud from our side.
2. they do not give us any info about why this happened and how to prevent it in the future
3. they do not improve the situation at all - there is clearly a better authentication procedure needed - as "blaming" the players for not enought secure behaviour on the internet is simply not enough. these hacked guildies of mine, they all had proper antivirus installed, they have not shared any account info with other players, nothing at all.we need an improvement from your side too, implementing a two-factor authentication for every login to the game and to the eso account would be really helpful.

I created these two forum treads for this reason - to bring more attention to this issue and to move this issue "higher" to the managers, who are in charge for such issues - to improve this - as this is really needed.

I have moved to and will continue the discussion in this first tread, with hope for a better solution to this issue.


as there is already a two-factor authentication when logging to the eso account on the website - if I log in from an another IP address as usual, I receive a code to my e-mail to verify that it is really me logging in.

But this is not implemented to when logging to the game from an another IP address - either directly trought the game executable or trough steam - there is no verification.

So that is why this could be very easily misused by the "hackers".

This game really needs this implemented also to the game login (both trought the exe and also trought steam).

Is there a way for any form admins to highlight this issue as "very urgent" to any of the mangers please?

altemriel

monktoasty wrote: »

this is from my point of view.

i assumed some are farming through auction vendors for "big fishes" to get hacked, if they got something high value multiple items, they will try to gain control other players account and wipe.

personally, i dont like having the names of who selling and easy recognized, and few often they track if "victims" to recover by finding fresh loots, and get stolen again.
these guys know which guilds that owns vendors and targeted again.
I prefer anon-no names universal auction format, that would keep sellers and players safe from hacking.

maybe they are attacking sellers if they are using bot scripts as revenge and they dont like cheaters.
example, i look for Bouyant motif for weeks and got noting but junks, and some of those guys can find Bouys 5 times every day, then that why some get very mad.
that was my conclusion and just a theory.

Thank you for your reply to this tread. Let us peacefully and kindly ask ZOS to put more attention to this issue.

altemriel

Woeler wrote: »

This is why we need two-factor-authentication. And not the cheap pseudo two-factor with the email. No, the one with a token generator or mobile token generator.

Yes, I totally agree with you, this needs to be improved, to prevent any future hacks to happen.

Of course every player should use proper antivirus, should not share any account info with others, etc. But this has to be improved also on the side of ZOS.

altemriel

Colecovision wrote: »

How much is “some gold?” Is it reasonably similar to what was stolen?

Well, I am not sure, but what my guildies said, the offered gold was not enough at all. They invested hundrets of hours to the game, gathered lots of mats, gold gear, etc...but now all is gone and for some reason "can not be recovered".

I hope it will improve soon.

altemriel

Dracofyre wrote: »

Hackers will also spam racist remarks in zone chat after stealing all valuables to get the account banned.

It makes it harder for the victim to ever get stuff back, or have ZOS even care to help.

Good point, yes, then the owner gets its account banned, but because of this not fair reason, not his/her fault at all.

altemriel

TheValar85 wrote: »

LOL still no roleback in 2017-2018 in an MMORPg game? thats just shamful. while almost every mmorpg support system have that kind of help if an account hase been stolen, pluss all of the items, and golds were lost or stolen. Rolback should be implamented to the game even i know how to add some kind of feature like this to this game

For issues like these, there should be an immediate roll-back, yes, I bet that loosing some exp. progress is nothing agains getting all the stolen items back.

altemriel

wondertroll wrote: »

How odd... in world of warcraft all you need to do is submit a ticket and they will restore all your items for you with an instant password reset.

Your situation sounds a bit worrying.... This makes me have second thoughts on continuing eso/recommending eso to my friends to be honest. Account security is very important especially if you are a serious gamer that have invested hours into the game.

Why doesn't ESO uses 2FA authentication or mobile code to protect people's a/c like other mmorpg's?


Regardless, I wish you a speedy account recovery! (:

This is totaly true, maybe ZOS could trust us more and do this as you write, that would be really nice from them.

altemriel

Alyiah wrote: »

To summarize what I said in previous topic:

1. My account Has been hacked around month ago, it may be worth noting that I come from nearby to Czech country.
2. I log to game directly through launcher.
3. My account was exploited (usage of botting software to an absurd amount), suspicious gold was transfered through my account. Zos decided to give my account a second chance despite a lot of evidence I provided after weeks of fighting. I never received any recompensation for time I couldn't play game (and wasted ESO+) nor anything for stolen goods from my account (it was empty).
4. I gave Zos evidence left on my account about gold sellers/buyers and botters. They didn't even said if they will investigate.

thank you for posting your case, let`s hope that the things will get better soon

altemriel

Alyiah wrote: »

Hmm..I'd be interested in official response to how hacks are handled and how they will protect users.

People spend loads of money not to be protected

notimetocare wrote: »

Keep yourself secure. Being hacked multiple times, in a game that requires email code verification anytime you log from a different IP, shows that your passwords on many levels are not secure. Or option b, is that you are lying. It's harsh and being hacked sucks if it's true, but it's hard to expect somebody to believe you multiple times with the system ESO has in place

no it does not. only logging to eso account on the website requires you to verify your login from the new IP address with a code you receive to your e-mail.

but unfortunately not loging into the game - which is the root of this issue and the way to solve this issue in my opinion

Reverb

SirAndy wrote: »

SisterGoat wrote: »

I wonder if there could possibly be a malicious addon going around that has Czech/Slovakian support that these people were using that put a keylogger on their computer and that was used to hack their account? I am quite certain that's how my WoW account was hacked when it didn't have an authenticator.

AddOns aren't loaded until you are already logged in but if you have a AddOn that require a 3rd party EXE to be installed, that 3rd party exe could easily function as a key logger.

Some wildly popular add-ons have a stand alone .exe. I'm always alarmed at how few people are concerned about this. That's NOT saying that any of these add-ons are doing anything nefarious, but people need to be aware of how easy it would be to publish a really nasty piece of code through ESOUI.

Edit to add - this risk is not restricted to ESO, this is true for any game or function that allows mods developed by the community. Most mods are fine, but know what you're installing. A UI mod shouldn't need a standalone exe. If it does, know what you're risking, and make an informed decision about it.

altemriel

Reverb wrote: »

SirAndy wrote: »

SisterGoat wrote: »

I wonder if there could possibly be a malicious addon going around that has Czech/Slovakian support that these people were using that put a keylogger on their computer and that was used to hack their account? I am quite certain that's how my WoW account was hacked when it didn't have an authenticator.

AddOns aren't loaded until you are already logged in but if you have a AddOn that require a 3rd party EXE to be installed, that 3rd party exe could easily function as a key logger.

Some wildly popular add-ons have a stand alone .exe. I'm always alarmed at how few people are concerned about this. That's NOT saying that any of these add-ons are doing anything nefarious, but people need to be aware of how easy it would be to publish a really nasty piece of code through ESOUI.

I would never use an addon with an exe file, I mean I can say I trust the dedicated people who publish them, but an exe file from an unknown source could very easily contain malware (keylogger for example), which not only could help the eso account get hacked, but even some other accounts of the victim

altemriel

Roach1990 wrote: »

I dont know how zos can give acces to my account another person from another country, ip and other stuff.
and this happend two times.
for real?...

This is really weird, that this can happen to an online game in 2017.

And there is really a simple solution for this:

When I login to my eso account on the web from an another IP address than usual, I receive a code to my e-mail, to verify that it is really me logging in.
Why is this not the same for logging in to the game itself (directly or trough steam)? Then the hacker could even know my login name and login password, but would not be able to login to the game and steal my stuff. In case that such a thing is already in the place, it seems not to work as intended, it needs to be double checked asap.
Every change to the eso account on the web - account recovery, change of login details, etc. (which might be the way the hacker got in) should require a code sent to the owner`s e-mail account, to verify, that it is really the account owner doing this change, not some hacker.


ZOS could you pls implement this asap?

@ZOS_GinaBruno @ZOS_KaiSchober @ZOS_JessicaFolsom

guys, dear community managers, we very much appreciate your replies to all other treads here on the forums, but could you please reply also here and ask the respective managers, to approve this fix asap?

Then no other hacks will ever happen!!



With hope for better eso login procedure soon
Altemriel

altemriel

ok, so update: I was instructed by a forum admin to sent a support ticket with this issue and ask the support to highlight this issue to the respective managers, that the forum admins are not able to do it (weird, but ok).

I will do it today, I will keep you updated

altemriel

ok, so update, as the forum admins suggested, I have made a support ticket with this issue and asked them to escalate this to the respective managers for fix:



they have already replied, so wish us good luck !!

Tandor

Is it the case then that Steam players don't get the same email verification code from ESO that direct ESO ZOS customers get if logging in from a different IP address? I assume they would still get a Steam email verification request if they were logging in to the player's Steam account from a different IP address (or for that matter a different computer on the same IP address as often happens with me). If the player has the ESO account linked to his Steam account I'm not clear on how a hacker can log into ESO without having to be logged into Steam, plus it appears that not all the affected players are playing through Steam so I'm not entirely convinced that this is the root of the problem. However, if your ticket does get escalated then let's hope the situation is more fully investigated than it may have been thus far, as it is far from clear in my view where the particular issue has arisen especially given it's narrow geographical application on multiple occasions.

altemriel

Tandor wrote: »

Is it the case then that Steam players don't get the same email verification code from ESO that direct ESO ZOS customers get if logging in from a different IP address? I assume they would still get a Steam email verification request if they were logging in to the player's Steam account from a different IP address (or for that matter a different computer on the same IP address as often happens with me). If the player has the ESO account linked to his Steam account I'm not clear on how a hacker can log into ESO without having to be logged into Steam, plus it appears that not all the affected players are playing through Steam so I'm not entirely convinced that this is the root of the problem. However, if your ticket does get escalated then let's hope the situation is more fully investigated than it may have been thus far, as it is far from clear in my view where the particular issue has arisen especially given it's narrow geographical application on multiple occasions.

yes, we don`t know how the hacks happened, we can only speculate.

maybe it is:
- somehow connected to logging in to the game trough steam, but steam access was not hacked, only the eso account
- maybe it has something to do with account recovery on the eso account
- maybe even somebody from the guild is doing it somehow, a bad rogue spy so to say (hopefully not)
- but all of the affected guildies told me, that they have proper antivirus installed, have not shared any account info with anyone, generally behave securely on the internet and in the game

so we really don`t know what the cause of the hack was.

let`s hope, that this time, the support ticket will be taken more seriously - really escalated to the respective managers and investigated more thoroughly and a that a fix will come soon (and let`s also hope for a miracle from the side of ZOS, that they will unban the affected accounts, which were mistakenly banned and return everything what was stolen)

Tandor

Given that they're all from the same country, do they use the same ISP? The same addons? The same localised system files and supporting/miscellaneous software? There are just so many possibilities here, and the affected players and ZOS are both likely to know far more about what is going on than the rest of us.

altemriel

Tandor wrote: »

Given that they're all from the same country, do they use the same ISP? The same addons? The same localised system files and supporting/miscellaneous software? There are just so many possibilities here, and the affected players and ZOS are both likely to know far more about what is going on than the rest of us.

ISP? what do you mean by that abbreviation pls?

yes, we can only speculate. Hopefuly ZOS will investigate it more and then come with some official response, so that also other players can then prevent any further hacks to happen to them

magictucktuck

are you sure they did not buy the account or something? and it was taken back? because it does not add up that you have over a thousand cp and just lose the account, they must have been doing something fishy, or bought gold but got scammed and gave their info out ?


and ZOS just lets the new person play the account? i just don't see that happening. we just don't know the whole story and i feel like something is not right with the "story"