In a funny (but not ha ha funny) twist, my Rift account was hacked last night, just hours before the Coin Lock went into effect. While the hacker did a good job of selling all my gear and items, they left 23 gold behind. Sloppy. I also have to wonder why the moved me to Gloamwood. And has anyone else noticed how odd human male feet look? Like the rest of the character is fairly well proportioned, and then you just have giant feet. These are the things you wonder about when there is nothing for you to do…
I opened a ticket and sent support an email, but I’ve yet to hear back on either. I waited around in-game for a few hours (iPhone ftw, new RPG Ash is solid old-school fun), but other than getting strange looks from people passing by and seeing me standing around in my underwear, nothing. Hopefully some good news comes today, would be a shame to lose a weekend of gaming to hackers.
Edit: Blog working it’s magic.
Just got an email from Trion support that they are looking into my account and will give me the option to either revert to an older saved copy (hopefully not too old), or return my gold once they have investigated things. More updates as they roll in.
Edit2: Account restored. Full timeline.
Hacked at 6am or so March 17th
Notified GM in-game and emailed support at 6pm March 17th.
First email from Trion received at 10:30am March 18th.
(Played the “I’m kind of a big deal” card around 10pm March 18th)
Second email (account restored) received at 2:40am March 19th.
Total gaming time lost: Thursday and Friday night.
Hardcore Casual 
So sorry to hear that. It has happened to so many people, and I understand that wait time for the support ticket to be addressed is several days. Fingers crossed for a fast response – and yes, it would be a shame to miss a weekend of gaming due to hacker scum.
Wow, sorry man. I guess Rift really IS getting popular if hacking is so rampant!
Ouch, sorry to hear that! Sods law unfortunately.
A guildmate had his account hacked a week ago. In the three days it took for Trion to respond he had gained 4 levels so he took the option of return of plat and not the rollback.
The sheer number of Rift Hacking stories I stumbled across today indicates something seriously wrong. You have been around the block a few times Syncaine so I am guessing that you probably are fairly careful with your user account details. Have you any idea how they got them? Is there a possibility of a breach on Trion’s end?
Yea the comp that Rift is on is fresh and is not used for anything but gaming, so it’s not a keylogger or anything like that, and the only suspicious emails I click on are the Hello Kitty Online account management ones I keep getting.
I think it’s just brute force hacking. Aria’s account is fine, and she plays on the older comp that is used for more than just games.
It happened to me as well, and I am also very safe. I’m a web developer for a living so I’d be pretty ashamed if I wasn’t. The password I had on rift was fairly secure, but not out of the realm of being able to be brute forced.
I leveled up 4-5 times between the time it happened and the 8 hours or so it took for them to give me the rollback or plat return option. I just took my 30p and moved on.
I saw it happen to a few people in the last 2 days before the coin lock went in. I have a feeling the plat farmers went into a frenzy since they knew their easy source of free money was going to disappear for the most part.
On a gentler note, I Forgot to mention that the reason I was able to level up 4-5 times after that (I think from 40-44 or so) is because the community around me gave me some greens and a bit of gold to get me back on my feet (Regulos server). Nice job guys :)
As a developer myself I’m puzzled why any company would allow brute force attacks any more.
Increasing the time between login attempts after every failed login is fairly easy to implement and protects even the worst “front of the dictionary” passwords from being bruteforced.
I don’t play Rift myself, but if Trion have a suggestions forum, this might be one worth making, given the trouble they have had with account theft.
I have heard although it has not been proven that a hacker can get around the coinlock by simple sending a COD email to the account they have hacked for the amount of plat the person has. Then logging into that account they click on the email and viola! Plat disappears completely circumventing the coinlock. Like I say it has not been proven to work, just a rumor.
Lol noob
With the amount of hacking going on I start thinking the breach of security must be on trion’s side. I am sysadmin and fairly versed in many aspects of security and the pattern does not looks like its client side issue
What is likely is that trion’s website got compromised (given that forum account and your in game account are linked and they using phpbb for forums). That or they compromised login servers security chain in some way. Brute forcing would not work on its own without their login being compromised and/or designed incredibly bad (no salt ,no limited attempts)
I know several people in my guild got hacked, and reports show up even on blogs like this .The scale of the issue is way beyond client side keyloggers
I’m pretty sure there’s a breach on Trion’s side. Like you I just got hacked despite a clean computer. First time in 18 years I’ve been hacked in any way and that with a unique password and utterly clean machines (every scan clear, plus different browsing machine from game machine, plus only adblocked Chrome and adblocked/noscripted Firefox). No sign of a damn thing on my machines and I never click anything or open spam etc. etc.
I love the game but not being able to play my character until they fix it (because they use rollbacks instead of restitutions) is reducing that love.
I was hacked last week and they had rolled my toon back within 6 hours of me putting a ticket in. I guess they are getting swamped.
Some advice for others: don’t use the same login and password for guildlaunch/forums/blogs as your game. I have read that hackers are attacking sites like that and running that info thru authentication servers of whichever game they are targeting.
I’m curious, Syn, are you using the Rift Junkies parser or any of the others? Everyone I know who had that parser is getting hit by this.
Nope, nothing like that here. No mods, no fan sites, no forum accounts.
I am suing KeePass to generate my passwords now. It is very secure and can generate massive completely random passwords that are fairly immune to brute force techniques. I am currently using KeePass for LOTRO since they don’t offer authenticators.
Friday evening’s update to Coin Lock also closed a security hole in the client login process that was easy to exploit. For details see my blog Trion Worlds patches security hole in Rift
Pingback: I should get hacked more often « Hardcore Casual