Guild Wars 2

Hello. It was said that the possibility to have an account fully restored (after a hacker’s attack for example) and thus character rollbacks will become possible. I have two questions regarding this:

1. When are we to expect this to happen? Any approximate date?
2. Will this be retroactive? As in, if it becomes possible in say a month from now, will people who have been already hacked and lost rather valuable items be able to have their characters rolled back?

Thanks a lot in advance.

Has this service been taken into use already? or am I too, proverbially “screwed” on this since my account got hacked yesterday?

The system is not out yet.

Still? A month ago it was apparently going to roll out “pretty soon”.
Whatsup with that, Gaile?

I am actually holding off logging in until the account restoration is in place. I don’t wanna draw attention to myself from hackers, before the implementation of the new restoration feature.

Most likely, the ARS will roll out with a foreward-looking timeframe, so “From this date and forward, we will be able to assist with full-account restorations.” This is instead of “We can go back to a month before the service was initiated and restore an account based on that date.”

Am I to take it that based off Gaile Gray’s post that I may as well not bother waiting for account restoration as my account was hacked too long ago and I wont be eligible for it?

Pardon my posting here but I made a mistake when I bought the game for one of my daughters, I sent the confirmation e-mail to the address by one letter. As this e-mail was as of then not created not claimed I had my daughter create it so that she might be able to get her code and start playing, however the e-mail never came through(as it wasn’t yet created) and I, in a fit of stupidity, did not write the code down. Is there anyway the code can be re-sent to the e-mail so that my daughter and I can run the game together? Thank you in advance.

Dragonsbane.1562:

Pardon my posting here but I made a mistake when I bought the game for one of my daughters, I sent the confirmation e-mail to the address by one letter. As this e-mail was as of then not created not claimed I had my daughter create it so that she might be able to get her code and start playing, however the e-mail never came through(as it wasn’t yet created) and I, in a fit of stupidity, did not write the code down. Is there anyway the code can be re-sent to the e-mail so that my daughter and I can run the game together? Thank you in advance.

Contact support (file a ticket).

“Yes, account restorations are very close to being rolled out for all players. There will be qualifiers and requirements, of course, so not every account will be rolled back upon request. (For instance, restorations are only for compromised accounts.)
We’ll have more information in the next few days.

If your ticket says something different, could you please give me the number so I can review the messaging?"

Hi Gaile could I get confirmation about this or whatever details are currently available on the subject, my support ticket ID is as follows.

#121201-001793

Support has told me the complete opposite, and that’s about where it ends.

Will this restoration system be retroactive, if so from what point onward, what will the restoration system effect?

Should I be following through with the Billing department or sitting tight hoping that this system will come by some time in the future.

(Throwing this up here since I couldn’t get a reply prior.)

Thanks for your time.

I’d like an answer on this too considering I’ve been compromised twice in a week, if it happens a third time with all the precautions I’ve taken + the mobile authenticator (though I could’ve sworn I added it prior to being compromised the second time) it’ll be clear that the problem isn’t on my end.

I woke up at 5am, started downloading the latest GW2 patch. I logged in to the message i am logged into another location
immediately went to support and saw someone from china logged in 7 hours ago. I tried to kick them off but the link to kick them didnt work. By the time support blocked it, changed passwords and sorted everything out, i logged into naked characters, even ,my low toons, lvl 3-9 had all their copper stolen. all the bags were destroyed, karma was used, everything totally ruined

i have mobile authenticator, anti virus, firewall, blah blah, i have also been playing MMOs for over 10 years and never had a problem

support just told me “We understand that you may have become attached to the characters that are missing items, so to get you back on your feet and playing once more we would suggest seeking out the ‘Renown Heart’ NPCs that have had their tasks completed. They tend to provide useful gear for small amounts of Karma.”

i dont have copper to teleport…i dont have karma…
i have checked my computer again, there is no keyloggers or spyware, the hacker must have gotten the info from the GW2 website. they wont do anything at all to help. and i believe it is their website that is compromised, not my pc, since i never had this problem ever in 10 years. and many people have attacks ‘authenticator issue’ hard to imagine all those people have bad computer security. people dont just hack every persons account looking for people who play GW2. they are getting details from somewhere. they are getting info from gw2. gw2 support, gm, and the security is a joke

im glad i didnt have a legendary weapon, because they wont even replace my 8 slot bag

people, we need to push for more security, and some kind of reimbursment or character, servers have records, there is no reason they cant reverse it, or at least some kind of compensation, they sell gold on the website. but i refuse to spend any money when it can all be taken away and thats just tough luck. from their compromised website at that

As I was reading this I thought “Wow this guy should have bought an authenticator.”
Even with that though you got hacked which I find odd in how they could. I’m not questioning you, hackers and thieves will innovate.
What is most disconcerning is ANets policy. As I keep hearing these stories its not an issue of being unable to, its an issue of them not wanting to.

Its akin to going to the police and reporting a theft and them saying “We arent going to investigate this because, well you still have a job right? You could go to some pawn shops to buy some things cheap to replace what you lost.”

At the very least you would think ANet would be wanting to look into a case of an authenticator person getting hacked and talk with you about it.

OP: Do you have a strong password? Are you using the same password that you used for GW1? Not trying to criticize, I am just trying to help. Its really a shame that Anet can not roll your stats back before the hack. There should be something that they can do besides telling you go to the Karma vendors to get you on your feet.

Password was letter numbers and mixed upper lowercase, never played GW1,
im an IT supervisor, my pc is pretty tight,
really annoyed, so many other games will roll back a day.
the mobile authenticator is a joke, i think it should ask for verification everytime but it doesnt. almost all my emails, game, youtube accounts all have different passwords, and as i said over 10 years playing online, and doing many online activities, never had an issue. anet security seems to be lacking something

That´s a hard thing to accept.
I played “some other game” in a private server for some time, and guess what, EVEN in a private server, the GM´s could restore lost itens…
I can´t understand why they can´t here.

It all has to do with the game economy. Since gold is tied so tightly to gems and RMT, restoring the items and coin of hacked accounts would upset the balance. It’d be akin to printing money for you every time someone was mugged.

Another glorious side effect of our monetized game.

Maz.8604:

It all has to do with the game economy. Since gold is tied so tightly to gems and RMT, restoring the items and coin of hacked accounts would upset the balance. It’d be akin to printing money for you every time someone was mugged.

Another glorious side effect of our monetized game.

If that actually mattered to ArenaNet, they could look in the mail database to see where the money was sent and delete it from there. Justice and zero-sum exchange.

But it’s gonna be labor-intensive. Even if rolling back a hacked account only took 5-10 minutes, that’s a lot of labor $$. In the first couple weeks alone, over 30000 accounts were hacked. You’re talkin in hundreds of thousands $$ in support for a company that’s doing significant layoffs and reorganization.

It’s not about printing in-game money. Cuz they can unprint it, too. But in the real world it’s not that easy.

The funny thing is that I had this happen to me on World of Warcraft. I got my account back though it was damaged. At least you got your account back, eh? I hate thieves myself and use authenticators for most of the games. It’s really weird that they got trough the authenticator for you.

No one can 100% sure never be hacked. We spend money and time to get everything, but now Arenanet tell u “sorry, we cant help u, u can buy some karma armors to use.” Seriously? If cant help, why still set support?

mulch.2586:

Maz.8604:

It all has to do with the game economy. Since gold is tied so tightly to gems and RMT, restoring the items and coin of hacked accounts would upset the balance. It’d be akin to printing money for you every time someone was mugged.

Another glorious side effect of our monetized game.

If that actually mattered to ArenaNet, they could look in the mail database to see where the money was sent and delete it from there. Justice and zero-sum exchange.

But it’s gonna be labor-intensive. Even if rolling back a hacked account only took 5-10 minutes, that’s a lot of labor $$. In the first couple weeks alone, over 30000 accounts were hacked. You’re talkin in hundreds of thousands $$ in support for a company that’s doing significant layoffs and reorganization.

It’s not about printing in-game money. Cuz they can unprint it, too. But in the real world it’s not that easy.

You’re about 50%. It has more to do with scale. By the time the investigation is wrapped up, items have been melted down, moved, sold. Coin has been dispersed. Its not a simple matter of tracking it and deleting it. Its not physical currency. That money has also moved into the hands of legitimate players through legitamite business. Removing it would hit more people than a single hacked player. ArenaNet is playing the odds. That and as you say, labor.

The only reason they won’t magically recreate dupes of his stuff so his experience isn’t further impacted is because of how it would imbalance their revenue source.

It’s really depressing to see accounts hacked and get a bad response from ANet. When I played PWI and had my account hacked, the support was very responsive. I was able to call them and get my ticket through faster, and they constantly kept in contact with me. They were even able to give me back all my items, minus the money. That was a free to play game. I would expect better things of a buy to play game, especially one with the Guild Wars name.

Step 1: Hacker sold everything for the gold/silver/copper.
Step 2: Hacker transferred money to another account, either by mail or TP.

Both of those are databases owned by ArenaNet. If it were about the in-game economy, they could follow the money and zap it. But each case would take time and labor, just like to reconcile your accounts IRL. And if they restored it, you gotta know the hackers would just come back and take it again and again.

These things happen when you buy gold. Next time don’t contact them through the same computer you play on.

funny, 80% was soulbound and could only be sold to vendors, so i doubt alot of it would affect anyone. some was actual gold, but hey if they could just give back the gear, soul bind it all so it wouldnt affect anyone, that would be ok, and ‘at least i got my accound back’ but not much use to have a level 80 character who doesnt have armor, a weapon to fight with, or enough silver to rez at the nearest waypoint

They’re working on the ART (Account Restoration Tool). By the time it goes live, it will only be able to help those people hacked moving forward. Gaile has confirmed this in the Account Issues forum repeatedly. This is a major priority for them, and although it is a huge labor cost and development time cost, they are doing this to help people like you. So don’t think you have to rally the armies against ANet or some such; they’ve already heard, and are already well underway with the solution.

That said, it doesn’t matter what you do in real life. Passwords can and will be cracked. No matter what you say, your security measures were at fault here. If there were a security breach of ANet even insofar as a single account could be stolen from their databases, they are bound by law to come out and tell us. As such a statement has not been made, I am confident that your claim that “it must have come from the GW2 site” is illegitimate.

Furthermore, the hacker got into both your email address and your GW2 account. The only way he could achieve both is if you had poor security measures on both, reused passwords, used simple passwords, have a keylogger, accidentally logged into some phishing website designed to look like the GW2 website (I’ve seen some fancy ones), or so forth. The best thing you can do is change all of your passwords, change your email address if you can, and be more careful moving forward. Good luck.

Xaaz.8472:

These things happen when you buy gold. Next time don’t contact them through the same computer you play on.

1, i didnt buy gold
2, i have 3 pc’s, one is for games only, one is for msn/surfing and one is purely for d/l

as stated before, played online over 10 years, never had a problem, my games pc’s only interaction with internet is only a game login hitting the server. it doesnt even have an IE installed. the game it self is d/l’d on a seperate pc, installed, scanned, then transfered by usb and copied on to the games pc.

VincentBalmont.3489:

Xaaz.8472:

These things happen when you buy gold. Next time don’t contact them through the same computer you play on.

1, i didnt buy gold
2, i have 3 pc’s, one is for games only, one is for msn/surfing and one is purely for d/l

as stated before, played online over 10 years, never had a problem, my games pc’s only interaction with internet is only a game login hitting the server. it doesnt even have an IE installed. the game it self is d/l’d on a seperate pc, installed, scanned, then transfered by usb and copied on to the games pc.

From what they’ve said, their system is vulnerable to large scale brute force attacks, where hackers cycle thru millions of potential passwords.
How they by-pass the mobile-phone authenticator? — that aspect is disturbing.

Rising Dusk.2408:

That said, it doesn’t matter what you do in real life. Passwords can and will be cracked. No matter what you say, your security measures were at fault here. If there were a security breach of ANet even insofar as a single account could be stolen from their databases, they are bound by law to come out and tell us. As such a statement has not been made, I am confident that your claim that “it must have come from the GW2 site” is illegitimate.

Furthermore, the hacker got into both your email address and your GW2 account. The only way he could achieve both is if you had poor security measures on both, reused passwords, used simple passwords, have a keylogger, accidentally logged into some phishing website designed to look like the GW2 website (I’ve seen some fancy ones), or so forth. The best thing you can do is change all of your passwords, change your email address if you can, and be more careful moving forward. Good luck.

i understand what you are saying, but how does someone come to know i even have a gw2 account? since my game is on a different pc to my websurfing one. u think they just hack peoples computers hoping that person has a gw2 account? if my pc is hacked then why not just go for my bank account? they must get the account info from anet site. just like the hundreds of people who have ‘authorize login attemps’ they are not hacking everyone in the world looking for gw2 accounts, they know who has them and they try to hack them. they can only get the info from hacking the server or website.

It happened to me in GW1 as well. All my elite stuff (over 40 armour sets, including 2 obsidian sets) were all gone.

It was a most horrible experience and also there the response was simple: Anet doesn’t have the tools in place to deal with this sort of thing. It’s probably too expensive for them. At some point there were quite a few accounts that got hacked in a specific period of time. That is also suspicious when that happens.

But as I said, no support from Anet other than my naked characters. If they had deleted toons, they wouldn’t have been able to restore them either.

Seeing now that a few people here have been hacked I think I am glad I am no longer playing. Once is bad enough and even though they said they were looking into better support for GW2 when it happened to me in GW1, I can now see that nothing has changed in this respect.

Cause let’s be honest. Sure, someone can have an easy password to crack, but it’s not always on the player side where the problem is. Also on the company side things can happen. And just for that, they should have something in place. But I guess it’s all about the big numbers. If only a few percent of accounts get hacked, it’s not worth the investment to them.

And for mobile phone authenticators…how safe are they? There’s no security on mobile phones like on pc’s I guess so I always prefer the physical ones

The only thing you can really do is vote with your wallet unfortunetly. Ask Anet for a refund of your game. They delete your characters but at this point you have nothing to lose from them it seems. At the very least you’ll get your $60 back.

VincentBalmont.3489:

i understand what you are saying, but how does someone come to know i even have a gw2 account? since my game is on a different pc to my websurfing one. u think they just hack peoples computers hoping that person has a gw2 account? if my pc is hacked then why not just go for my bank account? they must get the account info from anet site. just like the hundreds of people who have ‘authorize login attemps’ they are not hacking everyone in the world looking for gw2 accounts, they know who has them and they try to hack them. they can only get the info from hacking the server or website.

Just because you game on a different PC than your websurfing one doesn’t mean you are any less susceptible to hacking. While I don’t know much about how hackers know who has a GW2 account and who doesn’t, it’s entirely possible that they got into another one of your computers and used packet sniffing tools to determine that.

It could be any number of things. Hackers in general get lists of email addresses from countless fansites and such that have database breaches and then cycle through those accounts with brute-force password crackers and the ilk to acquire accounts. They also have lists of passwords that they try for every account and so on. Of all of the possibilities, the one that pits ANet at fault is the least likely. Please, I implore you to explore other avenues, make sure you’re using an email address and password unique to GW2, and make sure that your password is not reused anywhere. Use a different and difficult password for each of your email account and game account. There’s really nothing else I or anyone can suggest.

I will say this in conclusion: Many times, users think they don’t have a security breach somewhere, and they really do. More often than not, it’s you using your email account on another website, or using your password for another website, and that website having a database breach.

Maz.8604:

It all has to do with the game economy. Since gold is tied so tightly to gems and RMT, restoring the items and coin of hacked accounts would upset the balance. It’d be akin to printing money for you every time someone was mugged.

Another glorious side effect of our monetized game.

I’d be inclined to agree if the economy was actually balanced. It’s complete chaos at the moment, and virtually owned by goldsellers and bots. There’s no balance to upset.

Restoring his stuff wouldn’t upset anything except the person who actually had to do a little bit of work to help out a customer…

The authenticator requests the code every time your location (IP) changes. If someone logged in from China, it would have required the code. If you had your email verified, it would have required an email verification.

To bypass email authentication, you would have had to accepted it or they also have access to your email.

To bypass an authenticator, you were either subjected to a real time man in the middle attack at some point (which is extremely rare and can be used to bypass even physical authenticators), they proxy’d through your computer (not possible, unless you’re in China), they cloned your device running the authenticator (especially if you’re emulating it), they got access to your unique authenticator code, you didn’t set up the authenticator properly or it can be bypassed server side.

A majority of the time, when someone claims that…

i have mobile authenticator, anti virus, firewall, blah blah, i have also been playing MMOs for over 10 years and never had a problem

… they end up lying about it, especially when they say they are an IT (security) professional. If it was entirely ArenaNet’s fault, and you could hack someone’s account without ever phishing them in any way, then you’d know about it. Hundreds of people would be hacked every day and the forums would be filled with it, as seen in Rift.

Assuming you actually have an authenticator attached to your account, chances are you have a keylogger and have had one since before you added an authenticator to your account or the device with the authenticator is compromised (windows phone). Note that anti-virus software will not detect cleanly written, custom made, keyloggers/viruses as long as they don’t do anything extreme. It would have to be GW2 specific, so it would have originated from a fansite, which is also the easiest way to phish account information.

As for restoring accounts, they have rolled back accounts in the past for special cases.

Here’s hoping the ART can stick the tongue out in hackers’ faces.

Although I do hope it will develop into something more than just ‘rolling back accounts’ as some people like myself do not wish for the account to be rolled back, just a couple of items restored. Which reminds me, will this system roll back the entire account? or can you specify it to just roll a certain character back?

On the subject, could it not be possible to block IPs from certain Countries accessing your account based on the region of registration?

Mirta.5029:

The funny thing is that I had this happen to me on World of Warcraft. I got my account back though it was damaged. At least you got your account back, eh? I hate thieves myself and use authenticators for most of the games. It’s really weird that they got trough the authenticator for you.

It’s already been noted in the other thread “Commander/High Ranked Hacked” thread. Even with Mobile authenticator(which should make it ridiculously hard to hack) we are still getting hacked. Email authentication doesn’t help either. I wish a user could at least block IP’s outside the US.

I got hacked to despite all this…can see the transactions still in my AH history and they deleted my Main to add insult. Some how they changed my email without my authorization(never got the email warning)…Anet is still investigating this piece.

Haven’t played since nor do I think I will knowing that they currently have no way to fix/stop this.

@Gaile I only want to know one thing and that whats this mean from the other thread

If anyone recieved the email from Gaile, it is legit and whatnot (i feared it wasn’t initially, before i even got to read her comment) but you must follow the exact instructions in it, or else it seems the offer falls.

So don’t try to get a backup, don’t try to save valuables in case something bad happens, don’t try anything…just leave it be…Or you’ll end up wishing you didn’t even get your hopes up in the first place.

Cause it sounds like something was done for these people??

Gaile, I would like to know what this quote meant…cause it sounds like these people were helped. I may be misreading but after that post by Karpuz they all seemed to stop posting.

Gaile Gray.6028:

Update: This evening, I emailed a few of the people who were mentioned in the early comments in this forum thread.
I will update you on this situation when I have more details, but we are making forward progress!

Karpuz.5409:

If anyone recieved the email from Gaile, it is legit and whatnot (i feared it wasn’t initially, before i even got to read her comment) but you must follow the exact instructions in it, or else it seems the offer falls.
So don’t try to get a backup, don’t try to save valuables in case something bad happens, don’t try anything…just leave it be…Or you’ll end up wishing you didn’t even get your hopes up in the first place.

mulch.2586:

From what they’ve said, their system is vulnerable to large scale brute force attacks, where hackers cycle thru millions of potential passwords.

You probably meant invulnerable.

Gahzirra.8639:

It’s already been noted in the other thread “Commander/High Ranked Hacked” thread. Even with Mobile authenticator(which should make it ridiculously hard to hack) we are still getting hacked.

Many people stating they were hacked say that it happened instantly the moment they logged in, that indeed indicates that a local trojan intercepts the authenticator. In this case the user also stated that he wasn’t asked for the additional key each time, that means he checked the box that remembers your current network, and that may contain a lot of nodes. I’d completely remove this option and the option to save the password anyway. Also, just because you’re an IT expert doesn’t mean you don’t get hacked, I’m working in that business too and I caught a trojan once. Some people also probably simply make false claims to pretend it’s not their fault, especially if they used third party software for example, they’d never admit that of course. ANet can reconstruct what happened partially from their logs though and they’ll eventually figure out what really happened. And finally, if somebody makes too much information public, e.g. on Facebook, social engineering may lead to further attacks. High ranked players are usually also very active on reddit and other forums, you can gather information from their posts and profiles and so on.