It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Backfired I guess thanks to 2FA:

http://oi68.tinypic.com/2emgcus.jpg

Not sure what he wants.
This seems to be a weekly occurrence now. Most likely caused by delayed implementation of 2FA as compared to steam.
avatar
Shadowstalker16: This seems to be a weekly occurrence now. Most likely caused by delayed implementation of 2FA as compared to steam.
No, it's a weekly occurrence for two reasons:

1. 2FA is implemented and works
2. People reuse passwords.
avatar
Shadowstalker16: This seems to be a weekly occurrence now. Most likely caused by delayed implementation of 2FA as compared to steam.
avatar
Randalator: No, it's a weekly occurrence for two reasons:

1. 2FA is implemented and works
2. People reuse passwords.
Yes, I just enabled it. I meant people still not using it, because its a fairly recent addition as compared to steam (which they would otherwise try first because there are more people there).
I still struggle to understand why hackers would even waste time on hacking a GOG account .It's not like the games are so hard to get your hands on*wink wink* :D.They should concentrate on the big guys that put draconian DRM into the games and ignore this site.Guess new low's in the world of hacking have been discovered :).Cheers
avatar
deja65: I still struggle to understand why hackers would even waste time on hacking a GOG account .It's not like the games are so hard to get your hands on*wink wink* :D.
Because they are not after games but after keys for reselling.
avatar
deja65: I still struggle to understand why hackers would even waste time on hacking a GOG account .It's not like the games are so hard to get your hands on*wink wink* :D.
avatar
Randalator: Because they are not after games but after keys for reselling.
Oohh yes, i totaly forgot that our keys are open for business if someone drops in :D.We should cover them with a blanket just to be sure ;).
Still nothing for me... Why am I being ignored by the Russian hackers? Still not enough games? I'm trying my best but noooo, nothing seem to be enough for them...
Post edited September 19, 2016 by timppu
avatar
Randalator: Because they are not after games but after keys for reselling.
avatar
deja65: Oohh yes, i totaly forgot that our keys are open for business if someone drops in :D.We should cover them with a blanket just to be sure ;).
Are they?

Keys which we had purchased but not claimed?
avatar
timppu: Still nothing for me... Why am I being ignored by the Russian hackers? Still not enough games? I'm trying my best but noooo, nothing seem to be enough for them...
Yea, I don't get it. You're so much closer to them :D
avatar
timppu: Still nothing for me... Why am I being ignored by the Russian hackers? Still not enough games? I'm trying my best but noooo, nothing seem to be enough for them...
Guess you must have some strong password then! :D
Post edited September 19, 2016 by EZX
avatar
lukaszthegreat: Keys which we had purchased but not claimed?
As far as I understand it they use the hacked account to buy gift key with stolen credit cards. Then they sell the them on sites like G2A. They do that, because you can't buy gifts with newly created accounts.
avatar
lukaszthegreat: Keys which we had purchased but not claimed?
avatar
PaterAlf: As far as I understand it they use the hacked account to buy gift key with stolen credit cards. Then they sell the them on sites like G2A. They do that, because you can't buy gifts with newly created accounts.
Uh, didn't know that bolded part. Still, is it what actually happens or is that a guess?

I'm thinking it doesn't make much sense. Suppose a hacker does get in someone's account and makes such a purchase. First of all, as soon as GOG receives notice of a hacked account it would be trivial to invalidate all its purchases. Keys go expired in a second. And seeing as its merchandise is all digital there's not even the possibility it'll be "[in transit | already delivered]" and thus out of GOG's reach.

So we have to assume these hackers can only provide short-lived or already expired keys; and not just we but all those stores must assume it as well. Why would they buy them in that case? If they're being fooled that will only happen once, and if they're knowingly selling dirty keys they might as well not buy anything and just generate a code that resembles a GOG key themselves.

Maybe you know something that wasn't clear to me, or maybe those sellers are both dirty and stupid. Does anybody have more info in this matter?
avatar
joppo: Uh, didn't know that bolded part. Still, is it what actually happens or is that a guess?
From GOG's FAQ:
"There are some restrictions for purchasing gifts on new accounts, depending on the payment method used. For credit/debit and PayPal purchases, you need to have at least $10 (or its equivalent in your selected currency) worth of purchases made at least 3 months ago. Alternative payment methods, such as paysafecard, are not affected by these restrictions."

avatar
joppo: I'm thinking it doesn't make much sense. Suppose a hacker does get in someone's account and makes such a purchase. First of all, as soon as GOG receives notice of a hacked account it would be trivial to invalidate all its purchases. Keys go expired in a second. And seeing as its merchandise is all digital there's not even the possibility it'll be "[in transit | already delivered]" and thus out of GOG's reach.

So we have to assume these hackers can only provide short-lived or already expired keys; and not just we but all those stores must assume it as well. Why would they buy them in that case? If they're being fooled that will only happen once, and if they're knowingly selling dirty keys they might as well not buy anything and just generate a code that resembles a GOG key themselves.
Resellers like G2A don't care where the keys come from. They don't buy them from seller, but are a market place instead. You can directly sell your keys there and they only get a certain percentage of the money for providing the platform.

And most people whose credit card data is stolen don't recognize it right away. The criminals normally have some weeks before the keys get invalidated. It's more than enough time to sell them and get away with the money. When a reseller gets reports about fraud and bans the account, they simply create a new one and continue the same way.
avatar
PaterAlf: From GOG's FAQ:
"There are some restrictions for purchasing gifts on new accounts, depending on the payment method used. For credit/debit and PayPal purchases, you need to have at least $10 (or its equivalent in your selected currency) worth of purchases made at least 3 months ago. Alternative payment methods, such as paysafecard, are not affected by these restrictions."
That's definitely different from when I created my account. I obviously did not notice when they introduced this (very justifiable) rule. Thanks.

avatar
PaterAlf: Resellers like G2A don't care where the keys come from. They don't buy them from seller, but are a market place instead. You can directly sell your keys there and they only get a certain percentage of the money for providing the platform.
I see... It works because the way G2A operates is different from what I was thinking of.

avatar
PaterAlf: And most people whose credit card data is stolen don't recognize it right away. The criminals normally have some weeks
Well yes, but surely a GOG user wouldn't take that long to notice a break-in. Even if the thief doesn't change the account's email and password they still would notice due to purchase receipt emails from GOG.

Edit: clarification.
Post edited September 19, 2016 by joppo