Diablo 3 Account Hacked? You Need A Warrant To Find Out How

Warning! This post is very long and details what consumers can expect going through the proper channels for account resolution. The short gist of it is that you cannot find out what happened to your account without a federal warrant. You will be lied to regarding account information; customer support is now a contradictory PR haven providing nothing more than rollbacks and misinformation. Continue reading at your own discretion.

By now you may have heard about all the compromised account claims for Diablo III. It's been a widespread issue. According to Blizzard a small percentage of Diablo III accounts have been compromised. According to gold farmers, about 10,000 accounts have been infiltrated the traditional method and countless others have been infiltrated from non-traditional methods. Well, if you fit into the latter category, you won't be able to find out how those non-traditional methods were used to infiltrate your account without a federal warrant.

According to Blizzard customer service representative Torrencius, when pressured about how an account was compromised, he issues the following stonewalling response...

We can see IP addresses, I apologize that we are not at liberty to provide the specific IP addess information through this method of contact. I can't promise that it will be able to be provided, by you can definitely request information like that from custodianofrecords@blizzard.com. In these cases, for legal reasons, it is unlikely specific IP addresses would be able to be released without a warrant or some kind of legal or law enforcement related request.

I'm sure many of you are curious what Custodian of Records has to say about the matter, because by all means if your account has been breached I'd like to think that anyone with an ounce of self-respect would want to prevent the occurrence from happening again. And as the old saying goes, if you know not to kick a horse in the gonads, then the horse won't kick you in the face.

However, with Blizzard that doesn't seem to be the case. Players whose accounts have been compromised since Diablo III went live back in mid-May have been left completely in the dark about their accounts being infiltrated, including writers from Ars Technica, Eurogamer and Examiner. Instead, Blizzard has been doling out PR-safe responses displacing the blame on consumers: It must have been a keylogger. It was "traditional". You must have been hitting up some pr0n on 4Chan. You were fondling your hard drive wrong. You visited a fansite and got your PC impregnated with malware. You weren't using an authenticator.

Everything you can think of to blame consumers is pretty much what everyone has been fed. And yes, some accounts have been infiltrated via traditional means, but this doesn't discount that more information should be shed on the issue.

Furthering this kind of condescending behavior, you're about to read a first-hand result of what it's like dealing with the Custodian of Records (who, might I add, sounds like someone out of the Diablo lore). This guy, just as a warning, is a prick. Read what Game Master Strybur, Custodian of Records says to a consumer trying to inquire about how his account was infiltrated...

Greetings,

Are we refusing to go deeper into certain questions? Well, it depends on the questions being asked, but absolutely. There are many topics of discussion that involve internal or confidential information that we are simply not going to discuss with individuals outside of the company.

As per the previous responses, we provided you with the appropriate channel to contact if you wish to attempt to acquire such records legally, and it was even mentioned that we are unable to guarantee any kind of timely response and/or whether or not they will disclose them to an individual customer. It's all based on the information that you seek and if it is information that we will disclose to customers or not. If you sent the e-mail and requested it, then the only thing left to do is wait until they respond. To the best of my knowledge, there is no way to expedite the request per se from a support or customer standpoint.

After that cheerful exchange, Mr. Prick goes on to twaddle about a number of things under the PR-safe guise. I'm not going to bother posting all the drivel about how it was the consumer's fault and the appropriate steps to fix security for the end-user. Instead, the purpose of this article is to find out what happens when you try to find out how your account was infiltrated. And Mr. Prick decides to completely evade HOW the account was intilrated, saying...

I wouldn't be able to answer that for you as I don't have access to your computer, your phone, your e-mail, or the many other ways that the hackers compromise the security of an account (and rightfully so). While I can give you general advice on steps to take to minimize the risk of a recurrence, security ultimately comes down to the individual customer. Just like if we were ever compromised we'd have to notify all of our customers and the hackers would be going after credit cards and billing info as compared to virtual property in a video game. As for some possible things to consider...

Approach any use of the internet as a possible vulnerability.

[lists possible dangers of the internet...]

In conclusion, I couldn't tell how they did it, but there are steps that can be taken regardless to prevent a recurrence and I just went through what I would have done.

Ahahaha...oh yeah, teh interwebz R bad.

Sherlock here lists all the ways the consumer could have been infiltrated from doing menial tasks on the PC but completely foregoes the questioning of HOW the account was infiltrated and used in Diablo III for nefarious purposes.

Seriously, by all means people, if someone logs in from Incheon, South Korea directly after someone logged out from Indianapolis, Minnesota, it should have set off red flags all over the freaking place. Any idiot looking at the logs should at least have been able to verify this right? If it were a compromised case of "traditional means"....right?!

Anyways, the Custodian of Douchery is asked a few more questions...pretty much all the questions we asked before in every other article regarding account infiltration of Diablo III. When approached with the possibility that it could have been a breach or glitch, Strybur states...

It may have been a little vague, but it was answered in the very first response. If we didn't detect a form of unauthorized access ("breach" as you put it) to the account, then we wouldn't have offerred a limited compromise rollback to begin with. I can see how it may not have been overly clear in the response, but the offer is on the table if you want to use it.

Oh okay, well that clears it up. We can assume anyone who has had their account compromised was obviously infiltrated by some nefarious individual. You just won't ever be able to find out how unless you've got some legal heavyweights backing you. In other words, Blizzard doesn't have to tell you Jack-spit about how all your characters lost their stuff or ended up being deleted in some cases.

The rest of the questions follow through as indicated...

Q: Since the account was probably compromised, how often did they login?
A: That is information that we are unable to disclose to customers.

Q: How long did they stay logged in on the account?
A: That is information that we are unable to disclose to customers.

Q: How many wrong password tries were inserted?
A: That is information that we are unable to disclose to customers.

Q: Where did they log in from? (country)
A: That is information that we are unable to disclose to customers.

Q: Whats being done to prevent stuff like this from happening?
A: For what steps you can take to prevent a recurrence, I already went through those steps above. As far as our end goes, I'm unable to disclose account actions taken against other accounts. Each case is addressed though and if it was compromised, we work to get it back to the legitimate owner; and if it was purely exploitive then we take the appropriate account actions.

Let's say for a moment that we start disclosing such details and answering those types of questions for our players. What's to say that those details don't end up getting to the hackers. The internet is a dangerous place indeed and anytime information is released to someone outside of a company it has the risk of going viral. If such information was released, the hackers would start using it to figure out ways to avoid detection and compromise even more accounts.

Needless to say, some details such as login histories, where they are accessing the account from, how long they were on, etc. is not something that will be disclosed because the hackers will no what we are able to detect and they will work on coming up with new ways to get around.

That last part is straight-up insulting. This idiot doesn't seem to understand that people are already being compromised. This idiot also contradicts Game Master Cerville who mentions that they did check the account for malicious entry but couldn't find it, proving that this kind of information is not as confidential or out of reach as they indicate.

You know what's even more embarrassing? One of the mule accounts owned by a gold farmer was "hacked"...a mule account, which was used to farm gold. It was infiltrated. If you can stop yourself from laughing at the irony, this was one of the reasons why the other Chinese gold farmer asked Blizzard to update the Warden security protocol because even some gold farmer accounts are at risk and they want to weed out the competition. Awesome, right?

Diablo III is shaping up to be like the hacking playground equivalent to that prison-dimension in the Jet Li movie 'The One', attracting countless criminals from all over the world.

Anyways, with the RMAH opening it's imperative to practice safe playing habits. And sorry for this article being so long but I just feel that gamers need to be aware that Blizzard is not on your side, and they don't care about you they care about your money. Heck, one Game Master going by the handle of Thantelus actually suggested a hack victim go to the forums to seek help from players. Don't believe me? Check out his response below and gasp at the ignorance...

I definitely appreciate your enthusiasm and passion for the issue, and was wondering if you wouldn't mind going to the forums and posting your feedback there. The Game Master staff has no way of changing in-game content, and due to some legal reasons we are no longer able to take suggestions from players and pass them along. The reason we asked for you to go to the forums with any suggestions is that is the only way in which the players are able to voice their concerns to the folks that have the power to make the changes: the developers.

There, you might find common ground with other players that feel the same way! It is important to note, however, that the best posts don?t simply point out something 'wrong'; they also propose a way to resolve it. Things like, "Nerf this class," is less likely to catch the developers eye than, "This class?s ability X is too effective; and what you should do to fix it is Y." This is how BoA gear started, barber shops, even Faction and Race changes. You may not see a direct reply, but it is still the best way to reach the design team who can make changes directly to the game. Where?s the best place to go for your specific feedback? In this case, most likely the General forums. Here?s a direct link there:
http://us.battle.net/wow/en/forum

Take note that this above fool just copy and pasted a response from a World of Warcraft case and plastered it into the e-mail response for a Diablo III case. Awesome job, Blizzard. The situation was later rectified by Game Master Xyrnath, who tried to assuage the customer by saying...

I am sorry to hear of the trouble that you had with this situaiton but am glad to see that it appears to have been resolved. You have some good suggestions that I will go ahead and pass on though when or if any such things can be implemented would be up to the developers.

I am also glad to see that you have read and followed the tips that we have provided for such situaitons inlcuding getting an authenticator. Though no security can be truly empenetrable it is the next best thing to that.

If you have any other questions or concerns feel free to let us know. =D

Regards,
Game Master Xyrnath
Blizzard Entertainment
www.blizzard.com/support

I'm sure a lot of White Knights will jump to the defense of Blizzard "There are millions of people out there with problems, customer support must be overwhelmed!" True that, but Blizzard was the one who decided to make the game always-on and decided to introduce the RMAH. If they didn't foresee this kind of madness then they were unquestionably blinded by greed.

This isn't a Blizzard bashing post, it's a eye-opener post. This is a warning to any and every future victim of RMAH scams, hacking, account misappropriation and infiltration. Hackers will not subside; dupers will not quit; exploiters will not rest. You are now responsible for your own account and real-life financial safety playing Diablo III because as shown above, the Blizzard support staff is in disarray and running on PR fumes. Their main goal now is to protect the company's resources at all costs.