On Monday a fellow Guild member received several emails indicating that there had been potential unauthorised access to their Guild Wars 2 account. When they logged in it soon became apparent that their account had been compromised and that all their in-game gold had been stolen. Naturally they posted in the official forums and notified ArenaNet by email. The forum post soon had several responses from players who had also suffered similar account hacking. However, it wasn’t long before the thread was deleted. A little later ArenaNet directly responded to the matter with a sympathetic but unhelpful email. Effectively if your account has been breached then you are on your own.
Obviously this incident has been a major point of discussion within our Guild. As a result some interesting facts have emerged. It would appear that the affected player was not using a weak password. Extensive malware scans have not shown any keyloggers or other such rogue software on their PC. Due to their remote rural home location it is unlikely that anyone has compromised their wireless network (unless it was a sheep). There is also the curious fact that although their bags and bank were cleared of any items of value, others were left in their place. There were numerous vials of blood for example. The question was also raised as to why the thief had not deleted all the alts associated with the account? On Tuesday the following email was received. It certainly sheds some light onto the situation.
So it would appear that gold theft has now become gold ransoming. A lot of people within our Guild were truly shocked by this. What I found disturbing is that if the thieves bother to do this, it must mean that some people actually do attempt to get their gold back and provide other players account details. This sorry situation is a timely reminder to constantly review your online security, be it for Guild Wars 2 or any other application. Google Authenticator does offers another tier of security. It can be a minor inconvenience having to use the app but it is incidents such as this that remind you exactly what is at stake. Gold farming, the unauthorised selling of in-game currency and hacking are not problems that are going to go away over night and in the meantime players simply cannot afford to be complacent.