Sophos Cloud Optix
Players of Guild Wars 2, a massively multiplayer online role-playing game that ArenaNet launched on Tuesday, are already howling in dismay over some accounts being shut down.
There are two causes of the account lock-outs: first, ArenaNet is trying to run a civilized environment without Holocaust jokes, gay-bashing and the like, and second, gold sellers have hacked accounts to grab the goodies.
VideoGamer.com on Wednesday reported that hackers gained access to “numerous” accounts over the weekend, with players complaining in forums that in-game items had gone missing or that they had been locked out of the game altogether.
One VideoGamer staffer, Matt Nellis, also reported receiving two emails from ArenaNet that revealed that a third party had tried to get his account password reset.
ArenaNet’s support team responded on Reddit to multiple user complaints, confirming that some users’ accounts had indeed been hacked.
In this Reddit reply, the company’s support team said that they suspect gold sellers of hacking accounts:
I think you may have had your account hacked by a gold seller. As you can tell, we're nabbing them as quickly as we can. So please contact Support and they'll give you a hand in getting this account back.
A gold seller is someone who sells in-game gold for real currency.
Such merchants are unwelcome, to say the least, in these environments, where they e-sidle up to players and mutter their come-ons like drug sellers in dark alleys.
Gold sellers are, reportedly, grossly underpaid computer sweatshop workers who work 12+ hours a day to earn as little as $50/month.
It’s not just virtual gold that’s at stake: one player said on a fan site that his bank account, linked to his game account, had been bled of $150:
I got hacked today at 2:07 pm. They changed my email and bought some $150 in gems.
I knew attaching my CC was not smart but I figured it was Arena.net and it was secure and that they had a good account recovery system. (similar to blizzard) but I was very wrong.
Some are suggesting that account passwords have been phished out of players.
Another possibility is that gamers have reused passwords in multiple sites.
Password reuse is actually the most common way accounts are compromised, ArenaNet says: when a fan site database gets stolen, gold sellers will use the same passwords and try them against popular games, hoping to get lucky enough to find reuse.
ArenaNet advises players to change their passwords to something very complex, and to then refrain from using that password elsewhere.
That’s good advice for every site, of course, be it for a game site, an email account or your bank account.
Beyond suspending hacked accounts, ArenaNet has also been busy suspending users who violate their policies on user names or behavior.
The company took to Reddit to explain it suspended various users for using offensive and inappropriate names.
Some unsavory examples were culled from Reddit by Kotaku.
As far as the gamemaker’s censorship goes, it’s worth noting that ArenaNet takes great pride in being a community-oriented MMO.
Here’s a taste of how it describes the cooperative nature of its environment, from its design manifesto:
MMOs are social games. So why do they sometimes seem to work so hard to punish you for playing with other players? If I'm out hunting and another player walks by, shouldn't I welcome his help, rather than worrying that he's going to steal my kills or consume all the mobs I wanted to kill?
We think of GW2 as the first MMO that actually has a cooperative PvE experience. When I'm out hunting and suddenly there’s a huge explosion over the next hill—the ground is shaking and smoke is pouring into the sky—I'm going to want to investigate, and most other players in the area will too. Or if the sky darkens on a sunny day, and I look up and see a dragon circling overhead preparing to attack, I know I'd better fight or flee, and everyone around me knows that too.
The takeaways from these Guild Wars battles: don’t reuse passwords. Don’t respond to unsolicited email requesting your password.
And please, don’t be the community’s vermin.
Guild Wars seems like a nice place to visit. I’m glad ArenaNet is dedicated to keeping it that way.
Another great way to reduce account hacking by gold sellers would be to stop buying gold from them.
Online gamers constantly complain about the problems that gold sellers bring to a game, especially distorting the economy, yet those same gamers continue to buy gold from them.
I guess it's no different from those few that do actually buy "viagra" online.
I am now on day 4 of my account being stolen, and all I get are form letters telling me to use recovery methods which I am locked out of.
ArenaNet seems determined to blame the users. Their crashes every twenty minutes from calls to objects in their code which don't exist tell me this.
Their memory error crashes tell me this.
Their responses to my being hacked tell me this.
I believe it was their forum and their data which was stolen which allowed this to happen.
If they do not restore my account by tomorrow, I am going to cancel my credit card transaction. Let them start to feel loss and maybe they will start to feel responsibility.
Cool article, good to know the company is trying to do something. I agree though, using the same password for your games and websites is NOT a good idea. Try to memorize at least 3-5 different passwords for different things. Your personal email should be a unique password than anything else as an example… Otherwise you may lose your guild wars gold and possibly your account.