Compromised PoE Accounts: Stolen Items and Hacked Accounts - Discussion and Leads
" My english isnt great but what I meant is if theyre doing RCE they probably need to join HO first, hence random friend invites/ho visits. Am back!
|
|
|
what about me who only lost 12 exalts one chance orb and was not even at the end game when i got hacked....
|
|
|
Fairly certain the reason they are circumventing the 2FA on steam and the account lock on the standalone is by just somehow getting some sort of login token and getting into your account that way.
Someone just got into my account while I was playing, luckily I was able to log back in and insert the code fast enough before anything got stolen. |
|
|
i cannot dig in or reverse engineer nothing. i would be violating the proprietary source code (closed). that's why i said i suspect, i hope RCE is not involved but if people can access accounts without 2fa maybe they are stealing session tokens? if so how? either way its scary. if they can get that i hope is not something kernel related, and maybe the hackers know this and are just doing only 1% of what it can and can't do. i'm worried af.
|
|
|
if they steal your token they must have access to either the windows registry or the browser by using and invoking certain libraries from the OS. Bro, what are we even talking about here? (((eli5 if they can invoke kernel32.dll or other important libraries(commands) its bad. they can query whatever they like from the pc or even extend a shell (rce) or create a new one, basically a backdoor for starters))
Last edited by Rosky#1061 on Dec 29, 2024, 1:35:49 PM
|
|
|
This would go on my list of critical 10 in the list and i would be contacting my team and shut down whatever is happening and do an extended research on what's going on. In europe we have 24 hours to cover this vulnerabilities, ill contact not only valve but every necessary company. (owasp,cisa,infosec,CVE) and any entity for this mess. they get fined big. Nis2 would like a chat. (certified CyberSec. Specialist)
https://cert.europa.eu Last edited by Rosky#1061 on Dec 29, 2024, 2:03:02 PM
|
|
|
My case:
Bought mirror like 2-3 days ago, was about to take few days break. Got hacked yesterday late eu hours (my friend told me "I" logged in for 3mins and didn't respond him then logged out). Also i've had one expensive item listed (100+d) and got like 2 or 3 strange messages for it... sus, because only that item, mirror and about 30 divines were stolen, all the other stuff wasn't touched. My password was changed, no single notification came on my mail, there were no logins into mail. I wonder how in the world, in pretty much 2025 year, game that has HUGE rmt business going around, there is no 2FA... or atleast extra request for code when new location tries to login. Standalone client, no single extra extension was used/downloaded since poe 2 start. Feel a little sad knowing there is no real chance that ggg will help at all, and if i want to try new changes etc. again in next months, i have to grind all again |
|
" That might seem a bit unusual, but if you think about it, it’s likely that only the wealthiest or most invested players would take the time to comment on the official forums about the situation. This could explain why the results appear skewed. most likely way more people got hacked and either just left the game or started over |
|
|
Thanks for making this thread.
I also got hit last night. All items gone and all divines, they dident touch the exalted obs. They even recolored my stash tabs which i found strange. I wrote to GGG i even figured out what guy had posted all my items on the trade website, and wrote to them. Hope something will come out of this. Also i have 6.5k hours in poe1 nothing ever happend. So something is leaked in poe2 accounts. Last edited by Patrickagames#7194 on Dec 29, 2024, 2:17:17 PM
|
|
|
Best advice for anyone is to change your password. Also remove any 3rd party stuff you are using for POE2.
|
|
