Guild Wars 2

I keep hearing that since GW2 China, there’s been a rise in hacked and stolen accounts. Is this true and if so, why are there more? Can stolen accounts and deleted characters and missing gold be replaced?

Anet mentioned they are banning 1000s of gold sellers every day and those gold sellers have to hack new accounts to sell thrit gold. As far as i know, compromised accounts can be reset once.

A close friend of mine had his account stolen today as well. He’s still working on sorting it all out.

Stolen accounts get one Account Rollback to a point shortly before the hack. You will get back everything you had that was in your account on that day. If you get hacked again, your account can be retrieved but you will not get another Rollback.

Well GW2 hasn’t been released in China yet, so I don’t really see how the two can be connected. If you mean since they started working on releasing it in China then you’re talking the last year or so, and it’d be pretty hard to gauge over that kind of time period.

It’s possible there has been more recently, but there’s a lot of possible explanations so without more info it’s impossible to say why. Although from what I’ve heard if there is a sharp spike in stolen accounts for a game it’s usually because a big fan site got hacked and a lot of people were using the same email and password for both that and the game.

As for replacing stolen accounts my understanding is that it can be done, although it takes a few days and Anet have to reset it to a specific point in the past so you might not get back everything. (I think it’s a bit like using System Restore on your computer, you lose all the changes since the restore point, but it’s better than the alternative.)

Posted by: Gaile Gray
Support Liaison

I’ll say this once again. Perhaps this time forum members who are posting randomly and speculatively will take this opportunity to learn about the subject from a factual standpoint:

We are closing the accounts of RMTers, cheaters, and exploiters in record numbers. On some days, 1,000 accounts are closed. That action prompts the unscrupulous people who sell gold, cheat, exploit, and bot to extend their reach to try to steal accounts. This means they are plumbing “known password” lists, sending more phishing e-mails, logging into accounts to which they had access months ago (due to poor security measures on the part of the user), and generally doing what they can to steal accounts.

This does not point to a vulnerability in the game or the servers, but the exploitation of individual levels of vulnerability being capitalized upon to steal individual accounts.

Add to that the fact that recent in-game events and the new feature build brought back players in high numbers, players who may have stepped away from the game and return to find they were hacked months ago (again, not through vulnerability on our side but through the usual game-thief processes).

From all I’ve been told — confirmed minutes ago — the alleged “big hole” in security to which you refer does not exist. We continue to be ever-diligent on matters of security, and I’ll never say “never” in reference to security. But once again, nothing points to this alleged “hole” except anecdotal evidence that can be explained by the information I provided above.

Desperate times lead to desperate measures, and cheaters, exploiters, botters, and RMTers are indeed desperate.

This is why you don’t buy powerleveling.

Stop buying gold and other services and you won’t get hacked.

Want to play safe? Play legit.

Hannelore.8153:

Stop buying gold and other services and you won’t get hacked.

Want to play safe? Play legit.

Yup. It stinks too because if everyone stopped cheating and didn’t give these people money anymore they wouldn’t sell gold in our game and no accounts would be hacked. It would be Guild Wars Utopia :P

yes i got my account hacked yesterday never had that happen on any other game. I have not heard anything back about rolling back my account as of yet. SIGH

When people stop visiting naughty websites, you’ll see a lot less people losing their accounts.

Also, don’t open any emails regarding your account. Chances are, they aren’t from Anet.

Another thing. I’ve noticed, especially recently, that gold selling whispers have been from players with actual names rather than just a bunch of random letters and numbers. It’s sad because that means it’s a probably real person’s account that got hacked, rather than just a random botter.

It’s becoming quite a problem as of late.

I suggest if you’re concerned about your account being hacked, you set up a Mobile Authenticator as an added level of account security.

Recalibar.6482:

I suggest if you’re concerned about your account being hacked, you set up a Mobile Authenticator as an added level of account security.

That’s just what my gf told me. Got it taken care of today, as did my brother and his gf. Forgot to mention that to everyone. Thanks, Recalibar.

I know someone who got hacked a week ago. Email was absolutely positively not compromised. Laptop was clean. PC was never used for anything other than Guild Wars 2: not web surfing, not email, nothing. Email authentication was on, but no email was ever received when hackers: logged in, changed password, and activated mobile authentication.

Wanze.8410:

Anet mentioned they are banning 1000s of gold sellers every day and those gold sellers have to hack new accounts to sell thrit gold. As far as i know, compromised accounts can be reset once.

So much for DR preventing Bots huh?

I just went into my Account to have a little look at this mobile authenticator and noticed that 2 hours ago I was logged in from an address in Texas. That’s a fair way from house here in Australia. I immediately disconnected it but maybe I should have taken note of the details.

zenleto.6179:

I just went into my Account to have a little look at this mobile authenticator and noticed that 2 hours ago I was logged in from an address in Texas. That’s a fair way from house here in Australia. I immediately disconnected it but maybe I should have taken note of the details.

There is an anomaly that sometimes shows the IP address of the forums in your account security page. That’s just ArenaNets forum IP address. Nothing to be concerned about.

Inculpatus cedo.9234:

zenleto.6179:

I just went into my Account to have a little look at this mobile authenticator and noticed that 2 hours ago I was logged in from an address in Texas. That’s a fair way from house here in Australia. I immediately disconnected it but maybe I should have taken note of the details.

There is an anomaly that sometimes shows the IP address of the forums in your account security page. That’s just ArenaNets forum IP address. Nothing to be concerned about.

Whew, thank you! It was only a very mild freak out, nothing was missing.

I got the app and set it upp, however when i log into the game it does not require me to input the code, anyone know why this is?

Juan.4569:

I got the app and set it upp, however when i log into the game it does not require me to input the code, anyone know why this is?

did you also set it up from the game side or only the app side?

Juan.4569:

I got the app and set it upp, however when i log into the game it does not require me to input the code, anyone know why this is?

The game will only prompt you for the code if you’re logging into the game from a different/new IP address. So if you normally only log in from home, you won’t get a prompt. But if you try and log in at a friend’s house, you’ll be prompted.

That’s one of the weaknesses of using email accounts as login credentials: email is one of the things we throw around all over the place and people sometimes can’t be bothered to make up a new password for every single site they sign up on.

Think about every website you’ve registered on and how many of those regularly update security and alert users of database intrusions; all it takes is one of them to be compromised for your email and one of the passwords (hopefully not the only one) you use to wind up on a list – and believe me, they all get compromised at one point or another, regardless of how unimportant the site may be.

As for people who got their accounts hacked but never got confirmation emails: yes, you did. The person who stole your account just deleted the confirmation email after using it, most likely to make you think your email isn’t compromised so you won’t change your password so they can do it again. Change your password, use different passwords, and use different email addresses – there’s tons of free email services out there, use them.

With the sheer number of slain RMT accounts, Anet should have brought back Dhuum for a short LS event…

“The agents of Dhuum have infiltrated Tyria, and they are slaughtering its citizens in mass! Drive them back to the Underworld where they belong, before they can do anymore damage!”

tigirius.9014:

Wanze.8410:

Anet mentioned they are banning 1000s of gold sellers every day and those gold sellers have to hack new accounts to sell thrit gold. As far as i know, compromised accounts can be reset once.

So much for DR preventing Bots huh?

I dont see where i mentioned bots or DR but i think DR definately deminishes their returns.

Hmm just had this ip when i check my account details.
64.25.32.69 (u.s.a ip.)
now i never fall for stupid phishing sites or goto untrusted sites.
so how come that ip was logged onto my account?

I’v disconnected it and changed my password but still there must be a fault anet side or a loop hole anet not spotted for them to get on that easy.

XxTAFxX.6741:

Hmm just had this ip when i check my account details.
64.25.32.69 (u.s.a ip.)
now i never fall for stupid phishing sites or goto untrusted sites.
so how come that ip was logged onto my account?

I’v disconnected it and changed my password but still there must be a fault anet side or a loop hole anet not spotted for them to get on that easy.

Would it happen to say TX, USA?

https://forum-en.gw2archive.eu/forum/game/gw2/Increased-Stolen-Accounts/first#post3962107

yeah got me panicking.
I guess it must be part of gw company then.