Hackers began breaking into Guild Wars 2 accounts just one day after the MMOG went live.
Guild Wars 2 is seemingly off to a great start, racking in positive reviews and pushing players into overflow shards due to the high volume of traffic. The latter is simply GW2 speak for the queuing system which tosses players into an overflow server when the primary map or world has reached its peak capacity.
In other words, Guild Wars 2 seems rather popular.
That said, that popularity rings like a dinner bell for hackers and scammers, drawing them in like flies to a picnic table. On a personal note, the account used for a hands-on evaluation of Guild Wars 2 saw a hacking attempt, so the latest report from Ars Technica isn't all that surprising. The site claims that several unknown websites – one of which is a Guild Wars 2 fan site – were recently hacked, thus spilling sensitive information leading to the compromise of more than 11,000 Guild Wars 2 accounts in mere days.
This is nothing new, however. Account hacking became somewhat of a nuisance with the original Guild Wars, forcing NCsoft to take extra precautions like forcing long passwords and setting up multiple security questions. Even my own Guild Wars account was somehow broken into and used to sell virtual goods – proving my identity and regaining access to the account was a nightmare (putting it nicely).
However according to the Ars Technica report, NCsoft officials claimed to have received around 8,500 support requests related to hacked accounts from Friday to Sunday. The publisher then received an additional 2,574 related requests on Monday. Naturally the company suggests that users not use the same password with multiple accounts.
"If you don't want your account hacked, don't use the same email address and password for Guild Wars 2 that you've used for another game or web site," officials wrote over the weekend. "Hackers have big lists of email addresses and passwords that they've harvested from malware and from security vulnerabilities in other games and web sites, and they're systematically testing Guild Wars 2 looking for matching accounts."
One of the newer security measures offered by Guild Wars 2 and developer ArenaNet is an email-based confirmation. Served up as an optional feature, users must confirm by email when they try to log into a Guild Wars 2 account. If they don't respond to the email, then they're denied access. It's definitely an annoying procedure (like using Battle.net's authenticator or Google's 2-step phone-based confirmation method), but it seemingly prevents anyone from hacking into the account unless the user's email account is compromised as well.
ArenaNet's confirmation arrives after "a wealth of anecdotal evidence" surfaced in the MMOG's first week pointing to a possible Chinese group of hackers trying to gain unauthorized access to player accounts. Even one employee of Norway-based security firm Norman ASA said she received an e-mail warning that someone used her details to attempt to log in to her Guild Wars 2 account just one day after it was created.
"It's been just over a week since the game launched, and I’ve now had 10 e-mails detailing attempts to access my account from China," the unnamed Norman employee wrote. "I live in Europe. Thankfully, creators ArenaNet make players confirm login locations via e-mail, so all these hacking attempts have failed."
Guild Wars 2 players wanting to avoid the headaches of a hacked account should use a password that's exclusive to the service. Gamers should also use the email authentication method to help secure the account.