Hack Update
My EVE account was restored just a bare two days after I discovered that it had been hacked. It would have been one but for a snafu with Customer Service (They didn't see my typed reply the first time, since it came after a bunch of stuff I quoted. Sigh.)
In the meantime, I downloaded and ran Avira and ran a system scan. I found no less than four intrusions, one of which was a JAVA trojan. All of them were banished to a place where all the hair is blonde, and all the ears are rounded. (Mind you, I have nothing AGAINST blondes as such, but life without red hair is, well, unthinkable).
Ouch. I have avoided using virus scanners for years, because they have this tendency to kick in at awkward times and make your frame rate go to that place we were talking about in the previous paragraph. And it worked, mostly because I never opened things or clicked on buttons that I shouldn't have. I never sent my browser into those bad neighborhoods, either. Life, apparently, has got more complicated.
My corp was hit along with me, since I had just received some new corp roles, due to becoming Skyforger's US Time Zone POS Manager. So the corp wallet got hit for about 2 billion, and my wallet for about 1 billion. All of this was restored with my personal account.
I'm impressed by the speed with which CCP realized that I'd been hacked. In less that 24 hours from my last login, the deed had been done and detected, and my account frozen. They did not mention to me how they figured this out, but I can make a few guesses. Large ISK transfers probably raise a flag, as does a change in login IP address. IP addresses can roughly be correlated to geographic location, so that's probably another flag. All of these flags prompt further investigation: where did the money go? Is there any prior connection between these characters? And so on.
The most bizarre thing is that the EVE version of Toldain was put up for sale on the EVE official forums. Cheeky! I guess that was in case I didn't catch on all that fast. I had email in my inbox from a potential buyer from my own alliance when I got back in game. I had to explain to him that I had been hacked, and he offered condolences.
I am lucky, I think, that I had just done a clone jump to Gallente space before I got hacked. There wasn't all that much that was valuable in my hangar. Still there was stuff that could have been sold instantly and the money siphoned off. That didn't happen. Instead, my toon was flown roughly 20 jumps to the site of a Skyforger corporate office, which was where I found it when I logged in. Fortunately, there wasn't much there in the corp hangar to be stolen. I guess that's what they were looking for.
After changing the passwords for all the games I play, I logged back on. Ginta was busy running a scan on his machine and changing his passwords, having been inspired by my situation. There was an alarmed evemail from our CEO asking me why I had taken so much money out of the corp wallet. However, out of game Eperor had sent me email saying he had realized I had been hacked, so no worries, and please get the corp funds reinstated when you petition. Which is what happened. It was gratifying to find out that my corpmates were so ready to believe that I had been hacked, rather than thinking me a thief.
Hmmm, but this is EVE. Should I be insulted that they don't think I'm a pirate? Is that disrespect? I'll have to think on it.
Labels: eve online, hacking