There's supposedly an exploit that will hijack Diablo 3 accounts, allowing hackers to steal gold and goods.
Last week Blizzard released the highly-anticipated, long-awaited action-RPG game Diablo 3 for the PC. The launch was littered with problems ranging from connection issues to a bug that kicked users out of the game for donning a shield. Blizzard quickly offered an apology and thanks to its customers for their patience and tolerance, closing a rough week.
However the second week of Diablo 3's market presence has seemingly started off with a similar controversial bang. Numerous threads are now filling the Diablo 3 forums reporting that accounts have been hacked. Thieves are reportedly taking character items and liquidating gold, leading to a possible massacre once the real-world auction house opens its doors next week.
"I had my Diablo 3 account hacked today," states one player in this thread. "All my items gone and gold liquidated. Blizzard rolled it back to where I was a day and a half before. Meaning I lost around 20 hours of game time play. My password is a random combination of capitalized and uncapitalized letters, numbers, and special characters. My security question answer is also unknowable by anyone but me."
In this thread, a player with a hacked account was flamed for not using an authenticator to secure his virtual goods. However in this thread, a player claims he used an authenticator and still saw his account drained of gold and goods. In the same thread, another player even figured out who actually hacked into his account.
"The hacker's is luckllezz (George Melchers) the guy added me as a friend before I logged back in," writes iMax. "I joined his game and watched as they cleaned out 30+ players, one after another. I reported all this to Blizzard with little to no response, now I have a level 57 worthless and not able to progress. Couple this with the server issues that happened earlier, my Diablo 3 experience is going peachy!"
Another thread on the Diablo 3 forums not only reveals that a hacker somehow appeared on a player's friend list, but the player took screenshots of an actual hacking of a Level 52 Witch Doctor in progress. "I think people were hacked a while ago and hackers were just waiting for Diablo's release before they set 'Order 66' into motion," another player muses, referring to Star Wars Episode III.
Finally, this thread suggests that a Diablo 3 exploit allows session hijacking. "You will lose connection to the game," reports Frobozz as he describes what will happen when the account is hijacked. "This can result in just the 'Lost connection to server' error message or no message at all."
"A good sign that the connection loss is a hijack attempt and not just a server error is if you are also having trouble surfing the web (i.e. slow connections, or can't load pages)," he continues. "People are reporting that their IP is getting DDOSed to prevent them from relogging into Diablo 3 and thus getting a new session and stopping the attack."
So far Blizzard hasn't issued a statement through the PR channels or via the forums, so stay tuned.