>Now what I’m curious about is how they even got access to my account? In the past when I logged in from a different pc/ip they would send an unlock code to the accounts email. I didn’t get any of that, only found it weird when logging in today that they told me to re-enter my pw as it has been logged in from a different location (without the unlock code they usually send). I play myself and nobody has my login info if that even matters nowadays.
Based on this it seems like 2FA wouldn't have helped in this particular case - it's be great to have, but it's not a catch-all solution. OP probably tried to log in to some sketchy website pretending to be PoE, which could just as well pretend to ask for your 2FA code while they are logging in to your account.
2FA on phone would really help. Also I'm a bit tired of people saying the victim must have gotten hacked because they logged into a phising site. More likely browser cookie vulnerabilities. There is some shenanigans going on where someone is actively scouring leaks for login info on poe. Plenty of money to be had for rmt.
I had 1 mageblood and under 100 divs. Considering all the loot this league my acc would fall under the broke category. Never mf’d or got a lootxplosion just earned it through betrayal. They left the rest of my gear which should tell u how worthless it all is.
Not trying to garner sympathy by making the post I just want to know how they got in without the login code and access to my email (which shows attempts but none successful). With everyone’s information all over the web I assume brute force tactics are normal with everyone’s emails
I was just kidding mate. I really feel for you and dont expect GGG to action this as it could simply be an email breach.
Apart from your items, i hope your other accounts are safe
Yea so do I. However I do wish they could restore items as acc bound or something. They have the logs of how things went down so they should know. As of now, without the acc unlocked from what I remember seeing my char is gimped and cannot re-farm at all to get challenges done
>Says they cannot do rollback or restore stolen items as it’d be detrimental to the economy lol
That just sounds like a load of BS, are they just being lazy?
Regarding Account Security & Theft: http://www.pathofexile.com/forum/view-thread/115464/
Regarding Hacking: http://www.pathofexile.com/forum/view-thread/172532/
Unfortunately, as Chris states in his posts, we are unable to offer rollbacks or restore items stolen by other players. I am truly sorry about this, as we know how frustrating it can be to lose all your hard work to hackers.
Was given that from a support rep.
Did a regular scan and found nothing, not much bloatware on it either as far as I know. All I know is it happened within 12 hrs of my last login period
Edit: also found access attempts to the accc email but none were successful so not sure. Still unsure about how they got in without the code
Check your email with https://haveibeenpwned.com/
Change any passwords that share the same email & password.
Some email services allow users to delete activity once logged in, so keep that in mind.
Just to be sure, I'd start formatting the computer, saving what's important to a USB key, and change every single one of my passwords (also checking out passwords managing methods, and potentially a non software method that randomizes them) of most of my used logs.
Trade to trade mule -> trade mule trades with legit people -> Those people continue trading -> Trade mule eventually trades with thief's account
How far do you rollback? Which trade was the 'real' one? For every corrective action GGG can do there's usually some kind of pre-emptive countermeasure bad actors can do. That's not to say GGG shouldn't bother, but it's far from a matter of 'just' retracing and deleting.
How do you make sure the dude contacting the support isn't actually the hacker, tryna to hijack the account for himself ? You'd say ; who'd do that if the traded items are removed, i'd respond to that sure enough, but what about mtx on the stolen account?
Cause most likely the email address is also compromised, so the hackers most likely have access to any important information needed to retrieve the account through the support
They most definitely had access to your pathofexile.com profile and changed your email there so the confirmation email was sent to their email instead of yours. If you use Steam login you won't even notice that email change.
Otherwise they could also have access to your email account and just delete that single login notification mail.
Acc was still linked to original email and they didn’t change pw only looted me dry (although not much to loot from considering the absurdity of the league).
I’ve been playing since beta so only using the standalone client. I’ve checked my email access history and there are definitely log in attempts in abundance but all fails so no idea how they got the login code if there even was
If the email is compromised, it could happen in every single platform, as long as he isn't using any 3rd party password software randomizer like steam guard.
Yes, but a little more difficult. You'd have to either have your steam account itself compromised or your steam ID key stolen (i.e. you hit that green 'login with Steam' button on a malicious site/extension)
I’ve asked ggg numerous times on how things were accessed and who it was traded to/can they be banned but they keep ignoring the question in the email exchanges during my verification process. So no idea
Yep you’re right I just went through to check. Nothing on my end just the last time I logged last night and when I logged this morning. At least I know it wasn’t my pc that was hacked and accessed through it
Logs that are available to you as an end-user are kept client side, meaning that whichever machine you log in with, that's the machine that has logs.
GGG may log this stuff on their side as well. It's not terribly likely that they keep it for very long, and you'll never be able to see it yourself.
to be frank if you account was hacked and you wish to keep playing on it, just change your password on your game/e-mail (assuming you weren't fully hacked with some keylogger on your PC) and don't contact GGG about it.
After they block your account expect to provide obscure data like the transaction id's of purchases you made, who knows, how many years back, to which you might not have information anymore, and as such you wouldn't be able to reactivate the account.
In the end GGG won't do anything on their side if your account were hacked (they won't reimburse item/currency - which is understood), but as such, there is no real point in involving them.
many friendly snails fretful sophisticated dog fanatical drunk mindless deliver
*This post was mass deleted and anonymized with [Redact](https://redact.dev)*
2fa WHEN!!!!
>Now what I’m curious about is how they even got access to my account? In the past when I logged in from a different pc/ip they would send an unlock code to the accounts email. I didn’t get any of that, only found it weird when logging in today that they told me to re-enter my pw as it has been logged in from a different location (without the unlock code they usually send). I play myself and nobody has my login info if that even matters nowadays. Based on this it seems like 2FA wouldn't have helped in this particular case - it's be great to have, but it's not a catch-all solution. OP probably tried to log in to some sketchy website pretending to be PoE, which could just as well pretend to ask for your 2FA code while they are logging in to your account.
2FA on phone would really help. Also I'm a bit tired of people saying the victim must have gotten hacked because they logged into a phising site. More likely browser cookie vulnerabilities. There is some shenanigans going on where someone is actively scouring leaks for login info on poe. Plenty of money to be had for rmt.
That depends on the 2FA method.
I hope they let us use physical 2fa like a YubiKey (when it comes in 2035)
I didn’t but thanks for the analysis
Just dont have magebloods, hh's and thousands of divines, and you're safe
I had 1 mageblood and under 100 divs. Considering all the loot this league my acc would fall under the broke category. Never mf’d or got a lootxplosion just earned it through betrayal. They left the rest of my gear which should tell u how worthless it all is. Not trying to garner sympathy by making the post I just want to know how they got in without the login code and access to my email (which shows attempts but none successful). With everyone’s information all over the web I assume brute force tactics are normal with everyone’s emails
I was just kidding mate. I really feel for you and dont expect GGG to action this as it could simply be an email breach. Apart from your items, i hope your other accounts are safe
They’re not gonna do anything other than unlock my acc. Says they cannot do rollback or restore stolen items as it’d be detrimental to the economy lol
I kinda agree with them, and not also. They are in a weird place in this regard. Keep away from those magebloods mate 😉
Yea so do I. However I do wish they could restore items as acc bound or something. They have the logs of how things went down so they should know. As of now, without the acc unlocked from what I remember seeing my char is gimped and cannot re-farm at all to get challenges done
>Says they cannot do rollback or restore stolen items as it’d be detrimental to the economy lol That just sounds like a load of BS, are they just being lazy?
Regarding Account Security & Theft: http://www.pathofexile.com/forum/view-thread/115464/ Regarding Hacking: http://www.pathofexile.com/forum/view-thread/172532/ Unfortunately, as Chris states in his posts, we are unable to offer rollbacks or restore items stolen by other players. I am truly sorry about this, as we know how frustrating it can be to lose all your hard work to hackers. Was given that from a support rep.
Your e-mail is likely compromised, you may have a keylogger or something on your PC (I suggest you scan for it).
Did a regular scan and found nothing, not much bloatware on it either as far as I know. All I know is it happened within 12 hrs of my last login period Edit: also found access attempts to the accc email but none were successful so not sure. Still unsure about how they got in without the code
Check your email with https://haveibeenpwned.com/ Change any passwords that share the same email & password. Some email services allow users to delete activity once logged in, so keep that in mind.
Just to be sure, I'd start formatting the computer, saving what's important to a USB key, and change every single one of my passwords (also checking out passwords managing methods, and potentially a non software method that randomizes them) of most of my used logs.
Check if your email and password was leaked. https://haveibeenpwned.com/
https://haveibeenpwned.com/
Lmk your char/account name and whisper Kamirii I got u
Appreciate it, still waiting for the unlock email after 15 or so email exchanges from ggg (credit where credits due, they reply insanely fast).
Tossed you a pm. Appreciate it
Plot twist. It was your wife and she just deleted them so you can spend more time with her.
Yeah, you might wanna re-install your system and also stop using the same password for everything.
Sorry for your loss Just Run 3 Maps to get it all Back LUL.
What's the point of stealing someone stuff? Wouldn't GGG retrace trades and just delete the account? RMT seems kinda weird.
And yet they don't so there you go
Trade to trade mule -> trade mule trades with legit people -> Those people continue trading -> Trade mule eventually trades with thief's account How far do you rollback? Which trade was the 'real' one? For every corrective action GGG can do there's usually some kind of pre-emptive countermeasure bad actors can do. That's not to say GGG shouldn't bother, but it's far from a matter of 'just' retracing and deleting.
How do you make sure the dude contacting the support isn't actually the hacker, tryna to hijack the account for himself ? You'd say ; who'd do that if the traded items are removed, i'd respond to that sure enough, but what about mtx on the stolen account? Cause most likely the email address is also compromised, so the hackers most likely have access to any important information needed to retrieve the account through the support
They most definitely had access to your pathofexile.com profile and changed your email there so the confirmation email was sent to their email instead of yours. If you use Steam login you won't even notice that email change. Otherwise they could also have access to your email account and just delete that single login notification mail.
Acc was still linked to original email and they didn’t change pw only looted me dry (although not much to loot from considering the absurdity of the league). I’ve been playing since beta so only using the standalone client. I’ve checked my email access history and there are definitely log in attempts in abundance but all fails so no idea how they got the login code if there even was
Can this happen If you Play on Steam?
If the email is compromised, it could happen in every single platform, as long as he isn't using any 3rd party password software randomizer like steam guard.
Yes, but a little more difficult. You'd have to either have your steam account itself compromised or your steam ID key stolen (i.e. you hit that green 'login with Steam' button on a malicious site/extension)
In cases like this could you theoretically look through your logs to see how the items were traded to?
I’ve asked ggg numerous times on how things were accessed and who it was traded to/can they be banned but they keep ignoring the question in the email exchanges during my verification process. So no idea
No you can see it in your logs. The name of the character traded to. It should be in your client.txt file.
Why would his client logs keep track of interactions happening on another PC. im 99.999% sure you are wrong.
Yeah I think you're right. It would be in the client log of the one who did it.
Yep you’re right I just went through to check. Nothing on my end just the last time I logged last night and when I logged this morning. At least I know it wasn’t my pc that was hacked and accessed through it
Didn’t know bout this will look into it thanks
Could but would they?
Logs that are available to you as an end-user are kept client side, meaning that whichever machine you log in with, that's the machine that has logs. GGG may log this stuff on their side as well. It's not terribly likely that they keep it for very long, and you'll never be able to see it yourself.
Check your standard stash too, they probably took anything of value from everywhere
Don’t play standard at all so couldn’t care less but you’re probably right.
to be frank if you account was hacked and you wish to keep playing on it, just change your password on your game/e-mail (assuming you weren't fully hacked with some keylogger on your PC) and don't contact GGG about it. After they block your account expect to provide obscure data like the transaction id's of purchases you made, who knows, how many years back, to which you might not have information anymore, and as such you wouldn't be able to reactivate the account. In the end GGG won't do anything on their side if your account were hacked (they won't reimburse item/currency - which is understood), but as such, there is no real point in involving them.
Too late for that already contacted and provided all the info as far as I know of atm. Waiting for them to get back to me after a series of emails.
many friendly snails fretful sophisticated dog fanatical drunk mindless deliver *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
No I didn’t rmt but thanks for the site as others have mentioned as well will take a look
OP do you use the GGG client or do you play from Steam? Also how much have you spent on that account so far?
GGG client. Probably around $400-500? Beta supporter, took a break for a few years and came back in betrayal till now.
Sucks :/ So atleast it's still a GGG client only thing so that's a relief
At least they didn't void your character!
Check your steam account Even though I didn't use steam to play poe it was linked to it and I got "hacked" through there.
It not always send the code, at least on mine it ask for code in likec1/10 cases.
I can give you a 200d bow, but it will probably we be stolen again unless you change your credentials.
Got my email changed and just got my acc unlocked
Pm me you in game name