There has been talk and rumors that the vulernability is blizzards side and all evidence points to that.
People said theres some type of exploit involving peoples session id's or something. I dont know but it sure seems like thats the case here.
I've been monitoring the D3 forums for the past week. I can give everyone here the full update and progress of things that took place:
- People getting hacked left and right
- People swear it is a session ID hack with YouTube video "proof" (I've watched them, they aren't proof other than it looks like items are getting stripped from the other player, which could be the person themself just to get attention on youtube)
- Blizzard responds saying they've only encountered compromised accounts where traditional methods were used (I.E people are logging in with UN/PW and so the players were "hacked"), and NO accounts with Mobile / Physical authenticators have been found to be hacked when it was attached PRIOR to incident. Additionally, the number of hacked accounts is extremely small, even though Blizzard does mention it is typical with new game releases that people are targeted the most in that new-release time frame.
- People continue to blame Blizzard
- Blizzard responds directly to the Session ID theory by saying it has been proven to be technically impossible to use THAT specific method, and they have no data from existing hacked accounts that supports it. Still no cases of hacked accounts where Authenticator was attached.
- Most people say well it is STILL Blizzard, and some still hold to session ID since more and more people are posting about their hacked account. It is just TOO MANY to be traditional phishing e-mails or keyloggers
That is just about it. I've not yet seen proof of an account with an Authenticator attached (Mobile / Physical - the Dial-In is not supported by D3), which leans towards other people's systems being the issue. However, I have seen a few posts that got me wondering because some people will open tickets since their items are wiped and Blizzard says no form of unauthorized access was found. I've seen a handful, so that does suggest something odd.
Also I know why some items are left and not all players are always wiped clean on an account.
They are using bots. Basically they jump into your account, friend someone you've never heard of (If you've been hacked, go ahead and check your friends list). They then join that game and throw your stuff on the ground. A bot (the friend that is now on your list) runs around, picks up your stuff and sells it. They don't remove all your stuff because they fear they will run out of time and it isn't worth taking every single item you own before you log back on and kick them off or change your password. Since it is a new game, people are generally playing "all the time".
Anyway that is my report. I'm still waiting to actually play the game, haha
EDIT:
If that person is still on your friends list, you can join the game and watch them do their thing. Since bots are doing all the work, you'll just see people join the game, drop stuff, then leave the game. It isn't recommended you take any of the items as it could lead Blizzard to trace to you and you are now in trouble. But this is how it was discovered.
EDIT EDIT:
The other method they can use is the person goes to the stash, sells all their stuff, then trades the gold to the account just standing there.