Guild Wars 2

I have an account today that has had multiple log-in attempts from china. This account has a very unique log-in and password that I have NEVER used on any other site. I read everything that happened about hacked accounts on launch, so i decided to make this account absolutely fresh.

The ONLY people with my log-in information is Arena Net. My Account was compromised.

So red post, explain how this is possible,

Keylogger? Luck?

On a serious note, that sucks mate; i assume you have submitted a ticket?

They didn’t get your account so we should be rejoicing that!!

He has raised an interesting question tho, if Anet is the only one he has ever used that email and password for how have hackers got his details?

Zerdand.5308:

He has raised an interesting question tho, if Anet is the only one he has ever used that email and password for how have hackers got his details?

Unless the user clicked on some sort of publishing link which looked to be legit. Then entered in there login details. Only other way I could think is they got a keylogger on the computer. If in fact the email adddress and password is only used for this game.

I would try scanning the computer with malwarebytes which has a free version. It does a good job of finding stuff on a computer.

Not accusing, just saying…

I can log on and post that I’m Jim Parsons in real life. Am I? How could I ever prove it?

OP: sucks that they have the info, do what I did and change the password. I like the account security tips here in the forum…haven’t had a bite since I followed the password suggestions. Didn’t change the email address either.

Hope it works out!

Which is the more likely scenario?:

a) ANet, with millions of accounts, has been compromised – but less than .001% of those millions of accounts have someone attempting to access them. And despite a multitude of laws that would severely penalize them if they tried to cover up a compromise, they are falsely pleading innocence.

b) Some random user hasn’t been smart about his/her account security and opened the door wide for nefarious individuals to compromise his/her account.

Gosh, what a tough call that is…

You can get infected by viruses even when you are good in keeping your personal data personal. So, don’t let us accuse somebody about wrong behaviour. There is no 100% in security.
Remember the problems that the Internet Explorer or Firefox had recently.

Nevertheless, if anything used is brand new, the first thing to look for would be a broken security issue on MY PC. Therefor I recommend strongly: check your system!

Its public information that “hackers” had people’s accounts, and that is by definition a compromise. So, let’s quit being silly and playing word games.

The question is were they all user caused? Yes, no doubt users do dumb things. I manage hundreds of systems with 22K users in a single city, and even on that small a scale is pretty unbelievable what people will do.

However, I know some of the people who lost their Arena accounts personally. They used unique usernames and passwords and their machines were well checked for compromise, and in at least one case the machine was brand new. There were no key loggers or a previously used account found in a database by a “hacker”.

The common thread is that during launch week, email authentication failed repeatedly for them. It did for me too, though my account was not compromised, I just lost access to it for a few hours that first Saturday.

Their account data was changed, and at no point did they get an email verification of those changes from Arena, which included the changing of their email address.

Any system which allows an email address to be changed without verifying it is broken by design.

Even if a “hacker” has your account information, if the a system like this is functioning correctly, it should send verification to your email address. That’s the entire point having that system in place.

I think Arena was just hit by a “perfect storm” of concentrated external attacks and some internal mistakes during launch week.

Regarding all those “multitude of laws…”, that’s just painfully naive.

A good example is Sony: they not only covered up a severe account system compromise, they didn’t learn anything from it and did it again. The last time they covered up even severe credit card fraud for nearly 3 weeks.

I have the same issue here 2 attempts from 2 different locations

A log-in attempt from the following location is currently awaiting your authorization.

Address: 60.223.104.127
City: Taiyuan
Region: 24
Country: CN

A log-in attempt from the following location is currently awaiting your authorization.

Address: 1.82.161.34
City: Beijing
Region: 22
Country: CN

Both in China and i live in the Netherlands . i have changed my Password allready but i find it strange that this could have happened i played many MMO but never had this experience before i hope you will be ale to fix any leaks you might have
for this scares me a bit

On Friday evening I tried to login and received the security authorization message to check my email. Whenever I received that message and checked my email there was always an email from Arenanet. This time however, there was no message from Arenanet. I retried to login for about a half an hour and kept checking my email but no message from Arenanet. I then changed my password to see if a changed password would help get me into the game. It did not. And I continued to receive the message for authorization and to check my email. Never received any email. I then disabled the security authorization. And I will keep it disabled until I receive an email from Arenanet.

My UN-authorized log-in attempt was from here:
A log-in attempt from the following location is currently awaiting your authorization.

Address: 218.222.19.194
City: Tokyo
Region: 40
Country: JP

I would strongly suggest not adding an authorization link to this e-mail. If the person doesn’t know their IP, or accidentally hits this link, it will allow this unauthorized user access. I suggest an account access point where authorizing IP address can be manually added by the account user.

Definitely NOT mine and definitely NOT the USA.

My account too had a log in from China yesterday. I did not click the authorization link. And I too have a unique PW to arenanet only.

Address: 219.144.123.2
City: Beijing
Region: 22
Country: CN

I am still able to log in, However, the gems in my account look far less than what I thought I had and I’m unsure how to check transactions on my account?

How do I check if gems were converted into gold and when?

UPDATE: Ok so I was able to change my pw, but a little upset on how it was so simple? Why was I not asked to authenticate this change through email? Is it because it’s the same pc/location I’ve always been using? If so then ok, just wondering why the person from China didn’t go ahead and update the pw on my account on their own.

Regarding that Google Authenticator app, it looks relatively new and I’m iffy about it, has anyone else here used it?

I also got an email from ArenaNet saying that someone tried to log in my account. I have never had an of my MMO accounts hacked.

I am glad that I got an email from ArenaNet letting me know that someone did try get into my account!

BUT when I try to change my password on my account setup screen, nothing happens!! How am I supposed to change my password?

And here is the info about the “person” who tried to log into my account:

9:41 am (Central Time)
A log-in attempt from the following location is currently awaiting your authorization.

Address: 182.123.240.136
City: Beijing
Region: 22
Country: CN

Just to point out, if your password for your email and your game account are different, there is no chance they can hack your account with the email authorization in place unless you have a keylogger. Just saying, for anyone worried.

Second time I’ve had someone attempt a login from china while I was using a password unique to guild wars 2.
I set up a third unique password for the account, but I fully expect a third attempt within the next three weeks, either you guys have hilarious poor protection against brute force attempts with an astounding amount of resources dedicated to obtaining accounts, or there is a hole they are exploiting.
Either way fix your kitten.

Orson.8034:

Second time I’ve had someone attempt a login from china while I was using a password unique to guild wars 2.
I set up a third unique password for the account, but I fully expect a third attempt within the next three weeks, either you guys have hilarious poor protection against brute force attempts with an astounding amount of resources dedicated to obtaining accounts, or there is a hole they are exploiting.
Either way fix your kitten.

That or you really need to run a sweep or two on your computer for keyloggers. Because, again, if there was a hole, a lot more people would be affected than just a handful. Just sayin’. <3

Haven’t run Guild Wars 2 since I swapped out my motherboard and cpu and performed a clean install of 7.

Fair point. But again, as other users have stated, if it was a hole, why aren’t more accounts being affected? I’m just saying, immediately accusing their side of things without any substantial proof isn’t going to do much.

I am having the same issue. Login attempts from Japan. =(

“A log-in attempt from the following location is currently awaiting your authorization.

Address: 114.145.101.245
City: Tokyo
Region: 40
Country: JP

This location is approximated based on information provided by your Internet Service Provider. If in doubt, deny the request and try again.”

I want to make a new e-mail just for GW2, but I have heard that as for now, you cannot change your e-mail address. Can someone confirm if this is true or not. What should i do? My passwords for my email and GW2 are obviously different. I have scanned my comp for any viruses / keyloggers it might have and nothing so far. I am kind of getting worried because its only been 2 weeks or so since i bought this game and this kind of stuff is already happening.