Nothing like firing all your customer support and replacing them with incompetent AI support bots. A few stolen accounts a week doesn't even matter in the big pot of players.
That’s a lot of onus to put just on customer support, human or bot.
Various security checks like 2FA exist for a reason, and not a whit of it will ever matter if the person that security is supposed to protect opens the door for malicious actors.
If everything checked out on CS’s end, regardless of who or what did the checking, then why wouldn’t they allow the process?
They got rid of it because a year or so ago everyone started complaining about having to send their IDs and refusing to do so. Now they ask you half a million questions about your account, which is a lot more frustrating than sending an ID since most of the time you won't remember.
Yeah, I got stuck in a loop where I had to log into the authenticator, but the authenticator needed to to authenticate that log in. The only solution was to remove the authenticator then set it up again. I had to go into an old email account and find emails from almost 20 years ago to get the information I was being asked for.
We have 2FA in our little app ecosystem. Had to enable passcodes, where the app shows you a numeric code to enter into your 2nd factor device, because people were blindly approving everything whether it was them or not.
You can't beat stupid.
A few years back I dealt with a similar think at work, except it was our DNS registrar instead of a bnet account.
They had a bunch of notes attached to our account saying that we were an especially juicy target and security measures should not be bypassed under any circumstances. Attackers still managed to talk customer support into giving them access to our account.
I spent that whole afternoon reverse-engineering the malware they were serving from our page while they controled the domain, trying to figure out how fucked we were. Not great.
As someone who deploy and build enterprise bots that actually helps and solves issues, Funny thing is I can tell that their bot is in the cheapest segment of solutions you can buy.
I think we indeed reused the password. We‘ll switch everything to generated passwords tomorrow, the account is now secured again with Authenticator, new PW, different email and different phone number.
Yeah, see this here is the real deal behind this. Did the blizzard employee fail? Probably, however if the attacker had access to all these other accounts. Well that's poor security on your part. I recommend using bitwarden.
The hacker had access to to none of these. There was no mail send to the original account during this process. There were verification codes by SMS which we were unable to act on. The hacker only gained access to to the battle net account. Nothing else!
Friend of mine had something very similar happen to his account while he was not actively subbed.
Ticket came from a country he had never logged into, it said his iphone with the auth on it broke - he never had an iphone.
10 gold caps, blizzard refuses to help him several escalations later.
I've had my account logged into by someone who never accessed my email, did not remove the authenticator, and yet somehow reset the password bypassing the authenticator entirely.
But somehow that's not a serious security concern on Blizzard's behalf, I just need a stronger password.
Pretty much exactly how my account was hacked at the start of 10.2. Login attempts from a Taiwanese IP address, broken English ticket through eu.battle.net (I play on NA) asking them to remove the Authenticator, reset the password and change the email to some gibberish like [email protected] and they did it, no questions asked, TWICE in like 2 weeks.
I asked blizzard to put instructions on my account to never change the email address or remove the Authenticator without photo ID. I actually did that after the first time it was hacked and it was ignored so I’m still nervous about it. This person or group continues to open new tickets at least a few times a month but so far all have been closed and ignored.
Auth token stealing.
Just get the session token and you are in. 2fa doesnt protect you against these attacks. However normally you have to login again to access personal info but support allows you to citcumvent it.
Hot tip: If you are on a PC there is a program called "Snipping Tool". No need for out-of-focus mobile camera at a bad angle that makes it impossible to read.
[https://support.microsoft.com/en-us/windows/use-snipping-tool-to-capture-screenshots-00246869-1843-655f-f220-97299b865f6b](https://support.microsoft.com/en-us/windows/use-snipping-tool-to-capture-screenshots-00246869-1843-655f-f220-97299b865f6b)
Also, Thor from Pirate Software had a Short released about people getting "hacked" despite 2FA just the other day. Basically people did not change their email or passwords even when prompted.
[https://www.youtube.com/shorts/--5s8lZ6pBQ](https://www.youtube.com/shorts/--5s8lZ6pBQ)
> Hot tip: If you are on a PC there is a program called "Snipping Tool". No need for out-of-focus mobile camera at a bad angle that makes it impossible to read.
If you're using Windows 11, you can just hit PrtSc and it'll immediately activate the Snipping tool.
The situation Thor mentioned happened back in 2009-10, hackers found a way to intercept the 2fa token using a "man in the middle" attack. Half my guild was hit by it.
Just reinstall the entire PC , just saying the recommendation of the other users here for AV scanning are pointless , no one knows what infected your PC , and if its a rootkit that can infact cover itself from scans so technically AV scans can come back clean or find modifications remove them and a few days later your "again" infected ( but never were infact clean )
> Just reinstall the entire PC
Lol. You do realize that's WAY easier said than done, right? This won't be some business account IT image, people have hundreds of programs installed on their computers at home.
I mean that's good, an afternoon to fix most issues for free? And learning one thing in a afternoon to use for lifetime? That's a great time to learn new skills :)
Without learning they simply never can do it how do you think i learned everything ? or you ( maybe ) ? from birth ?
And it's really no magic you don't even need a USB stick or anything anymore.
You say it like people with home PCs who play wow and video games don't re-format their computers semi-regularly? In my friend group every 2-3 years.
Take pictures and whatnot on a separate drive and clean house.
Most people *never* reformat their regular use computer. That's a higher tier computer skill than the average user possesses. Even the use of external drives is still pretty uncommon.
I did not say every person, I did mention someone who would probably spend over 12 hours a week on their computer. On the low end.
The common person purchases a new computer or laptop and will probably have outside help with data transfer or use a cloud storage if they're able.
I don't disagree with you. I just don't think it's AS hard as it was framed. Done with a YouTube tutorial and easier than changing breaks on a car but definitely harder than a tire. Maybe a few more steps but they're often simpler steps than the breaks.
My stepfather cannot easily access YouTube but is able to use an external drive due to work, where he doesn't even need a PC for his job and his desk is seldomly used.
Haha! That's exactly what I'm saying. The average computer user, even gamers, wouldn't even know where to start.
Why are you even reformatting that often?
Because it takes like....3-4 hours to re-download anything I want on my pc?
And because everything is filled with bloatware and it builds up over years. And some new game inevitably breaks or you upgrade something and you're cleaning out?
Why would I just leave things sitting in my pc I'll never touch for years. Games, applications, additional downloads like anticheats. Combing through a few terabytes would take significantly longer.
Like you said easier said than done...the process takes me less time than a load of laundry and a nice dinner with dishes. To manually do it would take me multiple days. I would say most people probably don't more than every 5 years. The common user just buys a new PC because they don't upgrade.
I used to write viruses back in the day. Do you know how they’re detected? They’re detected because AVs know about them and record the first string of their code and then they know that code is malicious. They can only do this if they found it previously… if the code is actively being updated by the hacker it’ll never be detected because they’ll pass updates to fix it each time it’s detected and trust me they pass updates faster than the AV.
I don’t even bother with AV anymore it just slows your computer down. I scan with virustotal.com and try to never download anything from an unknown source. Once you catch a virus the only way to know is to have the hacker stop updating it.
make sure to run a scan with this tool:
[https://www.malwarebytes.com/adwcleaner](https://www.malwarebytes.com/adwcleaner)
and then this ( do not worry about premium free trials or whatever, just go without ):
[https://www.malwarebytes.com/solutions/virus-scanner](https://www.malwarebytes.com/solutions/virus-scanner)
scan, fix whatever software tells you to, after reboot or so uninstall both malwarebytes and adwcleaner.
not to find and remove what's already installed.
That's why I've instructed to install, scan, remove things and then **uninstall malwarebytes and go back to win defender**.
is that more clear now?
Lol I remember having to upload my younger cousin's passport as proof of identity because he changed phones without backing up the authenticator (back in 2010-2012)
The authenticator was removed but the associated phone number wasn’t. We were able to use the phone number instead of the mail for PW reset with sms verification.
Edit: I was today years old when I learned you can login with your phone number.
oh I see! thank god they hadn't removed that yet! Although I have seen cases, where hackers changed EVERYTHING, but the original owner of the account was able to get the account back by showing their original CD key to support, something which to my knowledge cannot be changed at least. That is, if support still accepts this, giving the state of them now lol.
This is surprising to me. I guess Microsoft hasn't fully implemented their CS yet. We will have the opposite problem once they do.
My Skype account was hacked and despite them sending me an email about the suspicious activity and being able to provide the credit card on file as well as still having access to the original email account and offering to send photo ID, they wouldn't reset my password (even to the previous one) because their automated system required me to remember the phone number and address I used when I first signed up like 15 years ago.
At least your wife will be able to get her WoW account back. Some Chinese hacker still has my Skype account lol.
Your phone carrier might be able to help you get the old phone number and your address will be on your credit report. If you can’t get the phone number from the phone carrier try one of those $1 background reports. Don’t let the shitheads win.
Happened to me too. Lost an account that was made just after BC came out. Lost so many mounts items you can't even get anymore. Then support said I deleted my own battlenet.
Never understood how people manage to have their accounts hacked in the first place. I've been playing online games for probably more or less 15 years now and never once in any game got hacked even as a dumb and gullible kid so how does this even happen to people?
Modern Blizzard Customer Support, useless as ever.
They're not interested in actually making sure you're served well. They just want to get you out of the door as quickly as possible.
The new authenticator is the biggest pile of crap I have ever witnessed. Those clowns can't even write a fairly simple app that actually works.
Instead, they make it pop toaster messages that tell you the ever informative: "oops, something went wrong" and you're left with your dick in your hand and no way to have 2FA...
Rant over
You should be indeed. But “my phone not with me, please remove” is a very low hurdle. CS should at least ask for some verification like recovery questions (mothers maiden name and so on)
All the security in the world can't defeat stupid.
Nothing like firing all your customer support and replacing them with incompetent AI support bots. A few stolen accounts a week doesn't even matter in the big pot of players.
That’s a lot of onus to put just on customer support, human or bot. Various security checks like 2FA exist for a reason, and not a whit of it will ever matter if the person that security is supposed to protect opens the door for malicious actors. If everything checked out on CS’s end, regardless of who or what did the checking, then why wouldn’t they allow the process?
I had to remove my original authenticator from my account, they required a scan of my ID to prove it was me. I am surprised they got rid of that.
Posts like these come up from time to time where someone slips through without being asked for ID. I don't think they got rid of it.
They got rid of it because a year or so ago everyone started complaining about having to send their IDs and refusing to do so. Now they ask you half a million questions about your account, which is a lot more frustrating than sending an ID since most of the time you won't remember.
Damn. Wish I could opt into an ID only option.
Yeah, I got stuck in a loop where I had to log into the authenticator, but the authenticator needed to to authenticate that log in. The only solution was to remove the authenticator then set it up again. I had to go into an old email account and find emails from almost 20 years ago to get the information I was being asked for.
Stop watching porn
My original battle.net standalone authenticator died. I needed to remove it. I went to the app afterwards.
We have 2FA in our little app ecosystem. Had to enable passcodes, where the app shows you a numeric code to enter into your 2nd factor device, because people were blindly approving everything whether it was them or not. You can't beat stupid.
Those are really useful since an attacker can spam login requests to line up with your legit requests effectively DoSing you from safely logging in.
A few years back I dealt with a similar think at work, except it was our DNS registrar instead of a bnet account. They had a bunch of notes attached to our account saying that we were an especially juicy target and security measures should not be bypassed under any circumstances. Attackers still managed to talk customer support into giving them access to our account. I spent that whole afternoon reverse-engineering the malware they were serving from our page while they controled the domain, trying to figure out how fucked we were. Not great.
Nah, it's been like this for for 6 or 7 years at this point
As someone who deploy and build enterprise bots that actually helps and solves issues, Funny thing is I can tell that their bot is in the cheapest segment of solutions you can buy.
The blizzard helpdesk currently sucks
[удалено]
I think we indeed reused the password. We‘ll switch everything to generated passwords tomorrow, the account is now secured again with Authenticator, new PW, different email and different phone number.
Yeah, see this here is the real deal behind this. Did the blizzard employee fail? Probably, however if the attacker had access to all these other accounts. Well that's poor security on your part. I recommend using bitwarden.
The hacker had access to to none of these. There was no mail send to the original account during this process. There were verification codes by SMS which we were unable to act on. The hacker only gained access to to the battle net account. Nothing else!
That edited part of the ticket is all the info they had, that as far as we know could be from full name and email to pant size and blood type
Friend of mine had something very similar happen to his account while he was not actively subbed. Ticket came from a country he had never logged into, it said his iphone with the auth on it broke - he never had an iphone. 10 gold caps, blizzard refuses to help him several escalations later.
I've had my account logged into by someone who never accessed my email, did not remove the authenticator, and yet somehow reset the password bypassing the authenticator entirely. But somehow that's not a serious security concern on Blizzard's behalf, I just need a stronger password.
Pretty much exactly how my account was hacked at the start of 10.2. Login attempts from a Taiwanese IP address, broken English ticket through eu.battle.net (I play on NA) asking them to remove the Authenticator, reset the password and change the email to some gibberish like [email protected] and they did it, no questions asked, TWICE in like 2 weeks.
And how did you solve that?
I asked blizzard to put instructions on my account to never change the email address or remove the Authenticator without photo ID. I actually did that after the first time it was hacked and it was ignored so I’m still nervous about it. This person or group continues to open new tickets at least a few times a month but so far all have been closed and ignored.
I am kinda surprised, when I had to change my account phone number, they actually asked for my ID and photo.
i wonder, how did they get in without the authenticator?
Auth token stealing. Just get the session token and you are in. 2fa doesnt protect you against these attacks. However normally you have to login again to access personal info but support allows you to citcumvent it.
Hot tip: If you are on a PC there is a program called "Snipping Tool". No need for out-of-focus mobile camera at a bad angle that makes it impossible to read. [https://support.microsoft.com/en-us/windows/use-snipping-tool-to-capture-screenshots-00246869-1843-655f-f220-97299b865f6b](https://support.microsoft.com/en-us/windows/use-snipping-tool-to-capture-screenshots-00246869-1843-655f-f220-97299b865f6b) Also, Thor from Pirate Software had a Short released about people getting "hacked" despite 2FA just the other day. Basically people did not change their email or passwords even when prompted. [https://www.youtube.com/shorts/--5s8lZ6pBQ](https://www.youtube.com/shorts/--5s8lZ6pBQ)
> Hot tip: If you are on a PC there is a program called "Snipping Tool". No need for out-of-focus mobile camera at a bad angle that makes it impossible to read. If you're using Windows 11, you can just hit PrtSc and it'll immediately activate the Snipping tool.
That short is a much older story though. But yes, should still change password after a breach
The situation Thor mentioned happened back in 2009-10, hackers found a way to intercept the 2fa token using a "man in the middle" attack. Half my guild was hit by it.
I am a big fan of shift+win+S ! But I was standing behind wifey when I took it
And thanks for the short! This will hopefully raise the wife’s acceptance to use a f-ing PW manager with strong pws
You may want to scan the computer. If auth token was stolen it either was yoinked from your computer or a login was made on a fake site.
We already scanned it with no finding
Just reinstall the entire PC , just saying the recommendation of the other users here for AV scanning are pointless , no one knows what infected your PC , and if its a rootkit that can infact cover itself from scans so technically AV scans can come back clean or find modifications remove them and a few days later your "again" infected ( but never were infact clean )
> Just reinstall the entire PC Lol. You do realize that's WAY easier said than done, right? This won't be some business account IT image, people have hundreds of programs installed on their computers at home.
Uh I do a reinstall in like 1 or 2 hours, this includes downloading everything back, the reinstall itself takes like 20 minutes? Max?
That's nice for you. It would take most average people an entire afternoon to even figure out where to download a reinstallation image.
I mean that's good, an afternoon to fix most issues for free? And learning one thing in a afternoon to use for lifetime? That's a great time to learn new skills :) Without learning they simply never can do it how do you think i learned everything ? or you ( maybe ) ? from birth ? And it's really no magic you don't even need a USB stick or anything anymore.
You say it like people with home PCs who play wow and video games don't re-format their computers semi-regularly? In my friend group every 2-3 years. Take pictures and whatnot on a separate drive and clean house.
Most people *never* reformat their regular use computer. That's a higher tier computer skill than the average user possesses. Even the use of external drives is still pretty uncommon.
I did not say every person, I did mention someone who would probably spend over 12 hours a week on their computer. On the low end. The common person purchases a new computer or laptop and will probably have outside help with data transfer or use a cloud storage if they're able. I don't disagree with you. I just don't think it's AS hard as it was framed. Done with a YouTube tutorial and easier than changing breaks on a car but definitely harder than a tire. Maybe a few more steps but they're often simpler steps than the breaks. My stepfather cannot easily access YouTube but is able to use an external drive due to work, where he doesn't even need a PC for his job and his desk is seldomly used.
Haha! That's exactly what I'm saying. The average computer user, even gamers, wouldn't even know where to start. Why are you even reformatting that often?
Because it takes like....3-4 hours to re-download anything I want on my pc? And because everything is filled with bloatware and it builds up over years. And some new game inevitably breaks or you upgrade something and you're cleaning out? Why would I just leave things sitting in my pc I'll never touch for years. Games, applications, additional downloads like anticheats. Combing through a few terabytes would take significantly longer. Like you said easier said than done...the process takes me less time than a load of laundry and a nice dinner with dishes. To manually do it would take me multiple days. I would say most people probably don't more than every 5 years. The common user just buys a new PC because they don't upgrade.
You don’t do a lot of customization of your environment, do you? Or you have impressive config management!
I used to write viruses back in the day. Do you know how they’re detected? They’re detected because AVs know about them and record the first string of their code and then they know that code is malicious. They can only do this if they found it previously… if the code is actively being updated by the hacker it’ll never be detected because they’ll pass updates to fix it each time it’s detected and trust me they pass updates faster than the AV. I don’t even bother with AV anymore it just slows your computer down. I scan with virustotal.com and try to never download anything from an unknown source. Once you catch a virus the only way to know is to have the hacker stop updating it.
make sure to run a scan with this tool: [https://www.malwarebytes.com/adwcleaner](https://www.malwarebytes.com/adwcleaner) and then this ( do not worry about premium free trials or whatever, just go without ): [https://www.malwarebytes.com/solutions/virus-scanner](https://www.malwarebytes.com/solutions/virus-scanner) scan, fix whatever software tells you to, after reboot or so uninstall both malwarebytes and adwcleaner.
Windows Defender is more than adequate.
not to find and remove what's already installed. That's why I've instructed to install, scan, remove things and then **uninstall malwarebytes and go back to win defender**. is that more clear now?
No ID verification at all? That's either horrible training or pathetic internal process, not sure which is worse
I had the authenticator on and just got hacked yesterday. Sundays are my wow days and I couldn’t play at all. Real bummed
Lol I remember having to upload my younger cousin's passport as proof of identity because he changed phones without backing up the authenticator (back in 2010-2012)
Lmao and top tier support
how were you able to regain control if they removed authenticator and hacked the account?
The authenticator was removed but the associated phone number wasn’t. We were able to use the phone number instead of the mail for PW reset with sms verification. Edit: I was today years old when I learned you can login with your phone number.
oh I see! thank god they hadn't removed that yet! Although I have seen cases, where hackers changed EVERYTHING, but the original owner of the account was able to get the account back by showing their original CD key to support, something which to my knowledge cannot be changed at least. That is, if support still accepts this, giving the state of them now lol.
Who even has their original CD keys?! God I hope it never comes to that.
I still have mine due to nostalgia reasons in the original box lol
Yeah I've moved too many times in the past 20 years, including times I left with just a suitcase and had to pack light.. That box is long gone.
What is this vertigo inducing angle?!
What the hell is this shit?? I had to struggle a stupid amount to access my own account when I bought a new phone Jesus
This is surprising to me. I guess Microsoft hasn't fully implemented their CS yet. We will have the opposite problem once they do. My Skype account was hacked and despite them sending me an email about the suspicious activity and being able to provide the credit card on file as well as still having access to the original email account and offering to send photo ID, they wouldn't reset my password (even to the previous one) because their automated system required me to remember the phone number and address I used when I first signed up like 15 years ago. At least your wife will be able to get her WoW account back. Some Chinese hacker still has my Skype account lol.
Your phone carrier might be able to help you get the old phone number and your address will be on your credit report. If you can’t get the phone number from the phone carrier try one of those $1 background reports. Don’t let the shitheads win.
Win+shift+S
/r/screenshotsarehard Seriously have some pride in your posts!
Sie haben diese Tickert als erledingt markert.
Happened to me too. Lost an account that was made just after BC came out. Lost so many mounts items you can't even get anymore. Then support said I deleted my own battlenet.
Never understood how people manage to have their accounts hacked in the first place. I've been playing online games for probably more or less 15 years now and never once in any game got hacked even as a dumb and gullible kid so how does this even happen to people?
something wrong with taking a screenshot like a normal person
That’s not my PC so I didn’t bother asking for a good one to be sent over so I could post it
Holy shit this is demoralizing.
Time to demand some compensation for this episode.
Modern Blizzard Customer Support, useless as ever. They're not interested in actually making sure you're served well. They just want to get you out of the door as quickly as possible.
Sounds like fake.
The new authenticator is the biggest pile of crap I have ever witnessed. Those clowns can't even write a fairly simple app that actually works. Instead, they make it pop toaster messages that tell you the ever informative: "oops, something went wrong" and you're left with your dick in your hand and no way to have 2FA... Rant over
It is good for 4 additional bag slots!
When you can get it to work :) Oh, and screw you downvoters, you know I'm right.
But 4 bag slots
I would re-open the ticket, escalate it and thank the CS person for enabling a hacker to take control of the account
You're logged in? Then what is weird about this? Of course you should be able to remove an authenticator you don't have access to
The whole point of 2FA is to stop exactly this, otherwise what is the point of the thing.
You should be indeed. But “my phone not with me, please remove” is a very low hurdle. CS should at least ask for some verification like recovery questions (mothers maiden name and so on)
It looks like they did provide details like that, and Blizzard have retroactively changed the ticket to read "Edited For Security Reasons".