The Gold Road Chapter – which includes the Scribing system – and Update 42 is now available to test on the PTS! You can read the latest patch notes here: https://forums.elderscrollsonline.com/en/discussion/656454/
Maintenance for the week of April 22:
• [COMPLETE] Xbox: NA and EU megaservers for patch maintenance – April 24, 6:00AM EDT (10:00 UTC) - 12:00PM EDT (16:00 UTC)
• [COMPLETE] PlayStation®: NA and EU megaservers for patch maintenance – April 24, 6:00AM EDT (10:00 UTC) - 12:00PM EDT (16:00 UTC)
• [COMPLETE] Xbox: NA and EU megaservers for patch maintenance – April 24, 6:00AM EDT (10:00 UTC) - 12:00PM EDT (16:00 UTC)
• [COMPLETE] PlayStation®: NA and EU megaservers for patch maintenance – April 24, 6:00AM EDT (10:00 UTC) - 12:00PM EDT (16:00 UTC)
How secure are our accounts?
isT
✭✭
First of all, this is no official "whine post" and intention is not to encourage anyone to quit playing the game made by service provider, in our case ZeniMax Online studios.
Instead of that, I would really appreciate hearing from anyone who experienced hacked account. What was extent of intrusion and impact on future gaming experience? Which parts of game were interfered with (gold, items, character), and in which way? How exactly do the hackers take control of your account, and why is it even possible to happen without service provider knowing about it at all, even if lot of time has passed since it happen?
I presume my current situation is nothing too serious in extent. This is brief explanation of what happened to my account yesterday:
- on both characters I extensively play with, all but negligible amount of gold (around 150) was lost, giving total loss of approximately 300 000.
- almost all crafting mats (except those with 0 value) were gone, also some stacks of potions together with massive amount of alchemy ingredients
- several truly inestimable items were lost among others less important, just to whine a bit these were: 2x Molag Kena shoulders divines, full infused 5x Spell Cure set, Maelstrom sharpened greatsword, Maelstrom precise bow.
Now, what I did before realized it was a hacked account, and thinking it was some ui bug, was disabling addons and selecting "repair" from launcher. It was to no avail. Afterward I acknowledged it actually was hacking, especially seeing some of those lost items on "buy back" vendor options, but very few did I save that way.
Naturally, next step was contacting our service provider, which is now more than 24 hours ago, and despite several further explanations/cues included in ticket absolutely no response did I receive.
The real question here intended to service provider is does there exist any priority in order of reviewing support tickets, or is it actually the beloved (sarcasm intended) RNG system where reaction is focused on what is seen first (whether it is benign issue or account breach) by people in charge? If it is that way, there is absolutely no reason to offer subcategories in ticket opening system. It is a bitter irony that same RNG which made us run dungeons 100+ times and invest time in content we by practice of repeating can now complete blindfolded (in process making it dull), just to get desired armor set, is the same system that makes us ordinary capitalist sheep customers who cannot feel any level security by sheer ignorance of those who should by providing service at least make a "reassurance response".
I understand most of you will want to see this post as attack on ZeniMax Online studios, which is in no way my intent and instead probably everyone would benefit if it can be viewed as attempt of serious discussion about our accounts security.
p.s. does the fact that that people who hack our accounts after taking large amount of gold continue to vendor items which give them unnoticeable extra amount of gold mean they have no idea whatsoever about value of items and proves they had never played the game, or is it intended malevolence to destroy what someone who plays cares most about?
Instead of that, I would really appreciate hearing from anyone who experienced hacked account. What was extent of intrusion and impact on future gaming experience? Which parts of game were interfered with (gold, items, character), and in which way? How exactly do the hackers take control of your account, and why is it even possible to happen without service provider knowing about it at all, even if lot of time has passed since it happen?
I presume my current situation is nothing too serious in extent. This is brief explanation of what happened to my account yesterday:
- on both characters I extensively play with, all but negligible amount of gold (around 150) was lost, giving total loss of approximately 300 000.
- almost all crafting mats (except those with 0 value) were gone, also some stacks of potions together with massive amount of alchemy ingredients
- several truly inestimable items were lost among others less important, just to whine a bit these were: 2x Molag Kena shoulders divines, full infused 5x Spell Cure set, Maelstrom sharpened greatsword, Maelstrom precise bow.
Now, what I did before realized it was a hacked account, and thinking it was some ui bug, was disabling addons and selecting "repair" from launcher. It was to no avail. Afterward I acknowledged it actually was hacking, especially seeing some of those lost items on "buy back" vendor options, but very few did I save that way.
Naturally, next step was contacting our service provider, which is now more than 24 hours ago, and despite several further explanations/cues included in ticket absolutely no response did I receive.
The real question here intended to service provider is does there exist any priority in order of reviewing support tickets, or is it actually the beloved (sarcasm intended) RNG system where reaction is focused on what is seen first (whether it is benign issue or account breach) by people in charge? If it is that way, there is absolutely no reason to offer subcategories in ticket opening system. It is a bitter irony that same RNG which made us run dungeons 100+ times and invest time in content we by practice of repeating can now complete blindfolded (in process making it dull), just to get desired armor set, is the same system that makes us ordinary capitalist sheep customers who cannot feel any level security by sheer ignorance of those who should by providing service at least make a "reassurance response".
I understand most of you will want to see this post as attack on ZeniMax Online studios, which is in no way my intent and instead probably everyone would benefit if it can be viewed as attempt of serious discussion about our accounts security.
p.s. does the fact that that people who hack our accounts after taking large amount of gold continue to vendor items which give them unnoticeable extra amount of gold mean they have no idea whatsoever about value of items and proves they had never played the game, or is it intended malevolence to destroy what someone who plays cares most about?
0
-
isT✭✭Well, seeing 0 replies two days later either here or in support ticket, the answer seems pretty simple - Accounts are not secure at all.1
-
lolo_01b16_ESO✭✭✭✭✭
✭✭
You asked if anyone got hacked and noone responded, so I personally think this means the accounts are secure.Well, seeing 0 replies two days later either here or in support ticket, the answer seems pretty simple - Accounts are not secure at all.
Also I would assume that it's much easier to capture your mail account and get access to your eso accout that way, than hacking into zos systems.
But I still whish you good luck getting your stuff back
0 -
anitajoneb17_ESO✭✭✭✭✭
✭✭✭✭✭Well, seeing 0 replies two days later either here or in support ticket, the answer seems pretty simple - Accounts are not secure at all.
While I understand that you're basically seeking information, what you're asking is a complete "ESO-hacking-how-to" guide, which I don't think would be wise to post here.
Besides, no or few answers means that the problem is rare.
Sorry for you but you have to wait for ZOS to review your situation.
.Edited by anitajoneb17_ESO on January 24, 2016 12:55PM0 -
isT✭✭I was mostly referring for no answer from ZoS as most of the questions are ones they have insight in, and there is still no answer. I only made the forum post because there was no answer on ticket which is now 3 days old (and updated 4 times by additional info).
Why is resulting gaming experience after hacking a "ESO-hacking-how-to"? You make no sense, I am not asking for technical information on hacking but results of it and possible motivation behind it.0 -
isT✭✭Also, why I think accounts are not secure is because ZoS has no answer on my problem, meaning they are not aware how this happened and if they made any investigation it is not going well.
0 -
anitajoneb17_ESO✭✭✭✭✭
✭✭✭✭✭Actually for someone to log into your ESO account it requires your ID and PW.
It's very rare, so we can assume that this information is secure on server-side.
On client-side, it implies that someone got a hand on this info via your email account, a keylogger, some spyware, whatever. It's probably your computer that is not secure, rather than ESO accounts in general.
Why would people do this ?
Well, for BoE valuable items, obviously to benefit from them themselves
For BoP items, I assume it's just the joy to annoy other people, unfortunately that exists
As to 3 days being a very long time for you, I bet employees with hundreds of investigations pending on their desks would consider it a short time (especially if a week-end is included). At this stage it simply means they haven't had the time to look into it.
I'm sorry but obviously we, forumers, cannot help you much here.
1 -
KhajitFurTrader✭✭✭✭✭
✭✭Well, seeing 0 replies two days later either here or in support ticket, the answer seems pretty simple - Accounts are not secure at all.
Sorry, but it's not that simple.
ESO uses a security method called IP authorization. Every time a client tries to log in with your credentials, it sends a hash key to the login server, by which the machine it runs on can be identified. If the machine is yet unknown for your account, a code is sent to your account's email address, which must be entered into the client before it can proceed.
So, in order for an attacker to successfully compromise your account, he needed four different sets of information:- Your ESO account's logon name (which should be different from your forum account)
- Your ESO account's password (dito)
- Your email address, or its logon name, that you've registered the ESO account with
- Your email account's password
Nevertheless, you should scan your system for key loggers and/or backdoors, preferably booting it from an external boot source beforehand. Otherwise, it's possible that your account will be compromised again even after changing passwords. Do not ever willingly share your account credentials with others. Avoid logging in to your ESO account from public or other computers not belonging to you. Refrain from logging in when connected to an insecure/public (WiFi) network; use a VPN connection if possible.
The gold stolen or gained by selling items from compromised accounts is almost exclusively interesting to Real Money Traders (RMT) only, i.e. illicit organizations that sell in-game currency for real money to players. Buying and selling are bannable offenses by the Terms of Service. RMT and similar ilk have an interest to generate "click bait" in order to lure people onto prepared websites for the purpose of extracting credential information, or infecting their systems with key loggers, which then send captured credentials and other information, such as CC numbers, to central servers.1 -
isT✭✭anitajoneb17_ESO wrote: »As to 3 days being a very long time for you, I bet employees with hundreds of investigations pending on their desks would consider it a short time (especially if a week-end is included). At this stage it simply means they haven't had the time to look into it.
At one point in my original post I implied non existent priority in ticket system, and we can freely assume it might be just that considering it takes more than 3 days to react on "hacked account" case, and thousands of benevolent issues are investigated before important ones. I had myself 3 previous submitted tickets about non-important issues and all were answered same day. As most people I was ready to give "5 star" to customer support. Now, its more serious and because of it I see it as important problem, they could have at least answer me with "we are working on it" couldn't have they?
Anyways, thanks for your input, much appreciated.0 -
Elsonso✭✭✭✭✭
✭✭✭✭✭On PC/Mac, ESO is secured by a password and is very picky about the IP address and computer that is use to access the game and account management. ESO does not save the password, so it is necessary to enter it in each time. If the IP or hardware changes, ESO can ask for a confirmation code that is sent to the email account.
If you practice good security on your end, which includes unique and strong passwords for ESO and your email account, your ESO account should be fine.Also, why I think accounts are not secure is because ZoS has no answer on my problem, meaning they are not aware how this happened and if they made any investigation it is not going well.
ZOS is probably not going to answer.
In any case, I doubt there is a security issue on their end. (this is just an exercise in probability... while account systems can be hacked, the most common source of account breaches lies with the users)Edited by Elsonso on January 24, 2016 1:48PM1 -
isT✭✭KhajitFurTrader wrote: »Well, seeing 0 replies two days later either here or in support ticket, the answer seems pretty simple - Accounts are not secure at all.
Sorry, but it's not that simple.
ESO uses a security method called IP authorization. Every time a client tries to log in with your credentials, it sends a hash key to the login server, by which the machine it runs on can be identified. If the machine is yet unknown for your account, a code is sent to your account's email address, which must be entered into the client before it can proceed.
So, in order for an attacker to successfully compromise your account, he needed four different sets of information:- Your ESO account's logon name (which should be different from your forum account)
- Your ESO account's password (dito)
- Your email address, or its logon name, that you've registered the ESO account with
- Your email account's password
my "seeing 0 replies two days later..." was simply plea to get some answers, I know its not that simple
As for ESO account logon name it is indeed same as forum account name, and knowing numerous people having the same case we are all in risk I guess. For password I alwas think twice but never thought only by matching logon names it would be possible to hack an account.0 -
KhajitFurTrader✭✭✭✭✭
✭✭
It isn't, but that's one half of the information needed for successfully compromising it. The other half is a strong and unique password, which should in no possible way be guessable or deducible from personal information.As for ESO account logon name it is indeed same as forum account name, and knowing numerous people having the same case we are all in risk I guess. For password I alwas think twice but never thought only by matching logon names it would be possible to hack an account.
0 -
isT✭✭lordrichter wrote: »Also, why I think accounts are not secure is because ZoS has no answer on my problem, meaning they are not aware how this happened and if they made any investigation it is not going well.
ZOS is probably not going to answer.
In any case, I doubt there is a security issue on their end. (this is just an exercise in probability... while account systems can be hacked, the most common source of account breaches lies with the users)
I can understand that, but currently I am at dead end without reply from customer service. It's mostly "no answer" which bothers me since it is a serious issue.
What is most important to me is whether it is probable that my items will be restored (I really do not care about gold)? All were probably sold to vendor in game since some of them I return by "buy back".
0 -
isT✭✭KhajitFurTrader wrote: »
It isn't, but that's one half of the information needed for successfully compromising it. The other half is a strong and unique password, which should in no possible way be guessable or deducible from personal information.As for ESO account logon name it is indeed same as forum account name, and knowing numerous people having the same case we are all in risk I guess. For password I alwas think twice but never thought only by matching logon names it would be possible to hack an account.
Which I assure is not, it has all required elements and no connection with personal information.0 -
anitajoneb17_ESO✭✭✭✭✭
✭✭✭✭✭
What is most important to me is whether it is probable that my items will be restored (I really do not care about gold)? All were probably sold to vendor in game since some of them I return by "buy back".
Cannot speak for ZOS and don't want to raise false hopes but IMHO there's a fair chance that they'll restore your items. Be careful though that it does not happen again. I assume (again) that they don't want to make this a "standard procedure" which would open doors for abuse.
.
0 -
Elsonso✭✭✭✭✭
✭✭✭✭✭KhajitFurTrader wrote: »
It isn't, but that's one half of the information needed for successfully compromising it. The other half is a strong and unique password, which should in no possible way be guessable or deducible from personal information.As for ESO account logon name it is indeed same as forum account name, and knowing numerous people having the same case we are all in risk I guess. For password I alwas think twice but never thought only by matching logon names it would be possible to hack an account.
It might be "one half" in the sense that it is one of two things. That measure is irrelevant. The password is, for all intents and purposes, all of the security of an account. The user name is such a trivial part that it is irrelevant. Accounts are secured by strong passwords, not hidden account names.
If you have a strong password, your account name could be known by everyone on the planet and it would still be secure. If you have an absolutely cryptic account name and a password of "12345678" you will be easy to hack. This is because the account name is, by definition, public knowledge. It cannot be hidden forever. At best, it can simply be more difficult to trace back to a single person.
The reason I mention this is because I fear people that get into a false sense of security by making a "good" account name and then thinking that they can use a weaker password since the hackers need "both halves" and they have a good account name.1 -
KhajitFurTrader✭✭✭✭✭
✭✭You're right, of course, but the question was whether an, or more specific, any two accounts were more endangered by having matching logon names. Well, if the advice of always choosing strong, and most of all unique passwords is heeded, probably not. But I think that the principle of data economy should be applied to login names as well, to avoid making it all too easy for would-be attackers to come to conclusions about my "profile". E.g., my forum handle or login name should give no clues about my game login name, and neither should contain a hint about my email address or its provider. Or my real name, for that matter. The more a hypothetical attacker knows about me and my movements on the net, the easier it is for him to tailor a highly specific trap for me to fall in to.
This may be seen as overly cautious, and surly no lowly RMT would go to such lengths to make a few bucks, but they aren't the only bad guys out there -- some of them even have a budget backed by tax payers. 0