Hackers out in full

Kunkali

New Member
I got an email requesting a password reset for my guild wars 2 account, and I didn't request one. Changed my email and my gw2 password as a result. Just so you all know, people's accounts are obviously already being targeted (and it's the first day of launch).

Hoping they set up some sort of authenticator system soon.
 

Losse

Member
Yeah i can't wait till authenticators, they better make some or atleast the app.l

I have gotten 4 password email reset requests so far that I didnt request.
 

Abba San

Legacy of Elijah [LoE] - Proud Grandfather
No password reset requests - but every time I log on I'm asked to authenticate my account via an email sent from Arenanet. The result is a failure, but I get to play just fine.

Anyone else getting this request?
 

Pheonix28

Slave to Christ.
I had an issue authenticating my email the first time I tried. The 2nd time the email sent and it authenticated with no issues.
 

reets

New Member
I see that email verification notice also. Tried twice so far and the link doesn't work.
 

ursen

Officer SOE/LoE/Where's "here"?
Tried about 6 times, no go, it is a known issue, along with the Guild represent bug.
 

RyanB

Legacy of Elijah Guild Leader
Saw a lot about this on reddit. First thing's first:

Change your password!!!!! Make it long, make sure it isn't the same pass you use elsewhere. If lazy, put two of your commonly used passwords together.

Ok so for details, here is what I'm seeing reported: every person who is getting password reset emails also played WoW with the same email. Is that the case here?

My understanding is that the exploit is that it is working like this:
1) People are taking a list of emails that they got elsewhere: maybe WoW breach, old GWG auctions breach, etc.
2) They are doing the password reset. No, they do not need access to your email. The reason this email is getting sent is because they get a different automatic response. IE: "bad email" or "email sent!". When they see "email sent" they know they have a valid GW2 email address, which allows them to focus their attack. If you have gotten a password reset email, you have specifically been targeted, and the hackers know that your email address is a valid GW2 login.
3) What does it mean to be targeted? It means they are brute forcing your password right now, which doesn't take super long. Or if you are on a list with your email and password combo, hope it isn't the same password. They aren't trying to get into your email address - they don't need to because it's just as easy to get your GW2 pass as it is your email pass.

This is why it is so important your GW2 password is not the same used elsewhere, LONG, and not simply dictionary words. And do not count on using a $ instead of an S - all password checkers do those substitutions.

Write it down on a sticky if you have to.
 
Last edited:

Klaatu

Member
Authentication FTW! Need it; used in WoW & SWToR; so looking fwd (less stress) to getting them. Have yet to receive an email requesting the above stated material. Always cautious! I am a Safety Guy!
 

<Calvary>

New Member
I have recieved two emails one actually looks official, open your full header if you are not sure and look at the return path, normally a dead give away.
 

RyanB

Legacy of Elijah Guild Leader
AFAIK, all the emails are official, from ANet. They're being sent because someone is requesting a password reset. The reason for the request is because it allows the attacker to see whether or not your email is a good GW2 login, and narrow down their search. Definitely a good tip to look at headers on email to see, and probably best not to allow images to be loaded in an email.

Interesting to hear some non-WoW people getting emails too. Should add - the WoW thing is just speculation due to volume of reports. ANet started a thread today specifically asking if people who have a BRAND NEW email just for GW2 have gotten the email. So it sounds like they're still not 100% on where the email lists are coming from.

Also, a good resource for folks if you wonder "how secure is my password":

http://howsecureismypassword.net

This is a good, reliable site that you can put a password string into and see how good it really is, how long it would take to brute force, and give you tips on improving. If you don't keep up with all the latest in password cracking techniques and prevention, this is a quick and easy way to get that work done for you.
 
Last edited:

Klaatu

Member
https://www.guildwars2.com/en/news/tips-for-keeping-your-guild-wars-2-account-secure/

Now that Guild Wars 2 has launched, we want to ensure your time in Tyria is as fun and safe as possible. Unfortunately, there are people out there who work hard to gain access to online game accounts in order to commit fraud. The security team at ArenaNet is working on a number of measures to help protect your account, but there are some steps you can take to make your account as secure as possible, including:
 

stardust

New Member
What do they hope to find/do with our accounts? We has NO ECTOS

It's probably a crime of opportunity -- they realize that ArenaNet is going to crack down on the brute forcing quickly, and they're trying to get some use out of their email lists. I agree, though -- the few accounts they compromise will probably just have a load of copper ore :eek:
 

ursen

Officer SOE/LoE/Where's "here"?
Um, there is a guild weakness they can exploit, which I am going to talk to Anet about. There has to be an answer to this exploit, I just need to get support going and find out what it is.
 
Top