Documentation of my experience with a hijacked account [SOLVED]

Kommentarer

152 kommentarer

  • Spock’s Friday Nights

    Hi there. I am in the same position as you. It all started March 5th at 5:39pm when I was reached out by one my supporters via DM. It was a "try my game" malware scam which I unfortunately fell for along with 10 other of my friends. I have all of the evidence of the hackers messages and people backing me up. I have not received any other message except for Clyde. I have not gotten any email from someone saying they're escalating my ticket. I assume they're getting a lot of requests and I understand, but I am afraid of my data being deleted within the 14-30 day span. I too am hoping discord sees my friends list and my server knowing how important it was to me. 

    My support ticket is #43676737. Please, help me and Alpha. This has affected a lot of people. 

    1
  • Rozianist

    I also face the same issue, my ticket were still left open even after my account has been deleted. Hacker secretly token access my account and used my account to spam post illegal content, get me disabled and deleted with possible on watchlist. (Lost 1 years worth nitro and my IRL work).

    Alpha

    Welcome to hard truth of Discord Where Discord support doesn't give a [Redacted] even you pay nitro or has no history of violating TOS, zero tolerance my [Redacted]

    1
  • Moonstone Games

    At least you got a response. I've been sitting here for over three weeks now, waiting for them to do anything. I'm in the same boat…. I even got the escalated message and talked to discord_support, all saying the same thing.

    1
  • Alpha

    Moonstone Games 

    I'm genuinely sorry that you've had to wait for such an extended period of time.

    Personally it's been quite stressful, seeing how discord was my main social platform.

    The only responses that I got were the automated one from Clyde, the escalation message from Obi, and the twitter ticket status update from discord_support. 

    I don't know if they were from actual staff or not at this stage.

    Out of curiosity, approximately when and how long did it take for you to receive your escalation message after you had replied to the automated bot message?

    2
  • Moonstone Games

    It was about 1 day after the bot message but then nothing after that.

    2
  • Alpha

    Moonstone Games 

    Same case here.

    Just really hoping that I get lucky or something…

    Have you tried bumping your ticket yet? Its been way longer than a week.

    0
  • Tcresine

    This happened to me today. Same scenario, in fact the “game” they have you open is actually ransomware and does more than access your discord. I had the guy using my browser session deleting emails from discord support as well as soundcloud trying to cover up his tracks. Once I noticed this i pulled the plug on my pc, reformatted everything. Antivirus will not detect anything unless you have something that excels in zero-day exploit protection. This is a serious issue and just goes to show how terribly insecure your discord account is if it can be manipulated through a running process. To add some icing on the cake, they continued to use my account with my linked paypal making nitro charges until my paypal called me and blocked the charges. Not a peep from discord, and my account is still active and on a rampage. At this point discord is complicit with these criminals.

    1
  • Alpha

    Tcresine 

    Yeah, not sure when they'll address the token vunerabilities or the lack of support.

    I think I got lucky and my hijacker only used a token logger/session stealer, as none of my other accounts were touched.

    I've since wiped my browsers of sensitive data, moved logins to BitWarden, switched over to session keys over mobile 2FA, and am utilising 3rd-party software to wipe and store my discord token in an encrypted location.

    1
  • Spock’s Friday Nights

    Alpha I am doing the exact same with 2FA LMAO. That's crazy. Yeah I think I got lucky too. He only stole my discord password to charge $100 on nitro using my payment method. I had the charge reversed by the bank which is why I think Discord is not giving my account back. God knows how many other people were scammed. 

    1
  • Spock’s Friday Nights

    Alpha may I ask how you're making your discord token more secure? I would love to do the same. 

    1
  • Alpha

    Spock’s Friday Nights 

    From what I have gathered, Discord stores your tokens in %appdata% within the Local Storage and Session Strorage folders, which the token loggers supposedly read from.

    I'm using a DiscordTokenProtector by andro2157 on GitHub, which wipes the Local/Session Storage folders and moves the contents to an encryped location.

    You can read more on the GitHub page, hope it helps!

     

    0
  • Tcresine

    Alpha

    It's pretty ridiculous that a company that's about to go public has this much trouble identifying and preventing privacy threats as blatant as this one, tailored and targeted to their customer base and leverages their own platform from start to finish lol.

    1
  • Alpha

    Tcresine 

    Eh, I won't pretend to understand any of the corpo stuff, but hopefully once the public is involved, flaws like security and support will be forced to be addressed.

    Other than that, there aren't really any social platforms quite like discord out there, so y'd say that they kinda are on top of the competition.

    0
  • Tcresine

    Update on my end:

    The hacker is still joyriding with my account almost 24 hours now and contacting my friends that I was able to warn in advance. I've sent screenshots they took and provided to discord support case. Haven't received a response from a human since the case was opened, security team hasn't even batted an eye at the situation if they're even aware of it. Pretty sure the security and support team at Discord are just a bunch of Carl-bots with human nick names at this point. I'd love for someone to prove me wrong lol

    0
  • Alpha

    It's been 10 days since discord support's last response to me.

    Honestly have no idea what the hijacker's doing with my account now

    Their twitter @discord_support did respond to me 13 hrs ago tho, so maybe give that a try

    0
  • Hotaru

    I'm In the same boat as you guys, though I haven't had a reply for about a month and a half now. Everyone that I know of that has had accounts hacked has gotten a reply around the 2 month mark, so worst case scenario get ready for a long wait. I lost everything on my account day 22 because the person that stole mine sold It off to someone else.

    I hope you guys manage to get a reply before I do.

    0
  • Alpha

    A month and a half?! My condolences

    Have you sent in another ticket or contacted discord on twitter yet?

    I did get a reply after I responded to Clyde, but I don't know if it was an actual person or another bot escalating my issue.

    0
  • Hotaru

    Alpha I have tried contacting them on social media since the 9th last month, I have been ghosted on twitter completely. I did get a reply on facebook but they said that they can't help with anything related to your account for security purposes, that's solely handled by the trust and safety team. 

    I have not made anymore tickets because doing so puts you In the back of the line of the queue again, so I'm just sitting and waiting for a “hopeful” reply soon. The only replies I have on my ticket are the 2 escalations from the first 2 days of It still. 

    Edit:

    The replies you get when responding Is bots, you'll know when It's a real person because It'll say their name on the right side of your ticket.

    0
  • Alpha

    Hotaru 

    Ghosted on both post tags and DMs?

    I'm honestly surprised that they have a Facebook page.

    First 2 escalations? Do you mean the initial bot response, followed by the escalation confirmation that is supposedly sent by a team member?

    0
  • Hotaru

    Alpha I got an escalation from the bot Grimmjow and then another escalation from a bot called Nelly the next day. That's about It.

    And yes they don't reply to anything, I have tried since the 9th last month on getting In contact with them on twitter but to no help. But tbh the more I research the more It wouldn't have mattered, as the social team on facebook said. The social teams have no power over peoples accounts nor can they share any info regarding actioned accounts ( as In you made a ticket for a hack or of the sort ). 

    They will just tell you to be patient and that you'll get a reply soon, by soon they mean whenever they get to your ticket In the queue. It could be 1 week and It could be 3 months It all depends on how many tickets they have to go through in that category. 

    Looking at my own reply time so far I'd say they are pretty filled up on tickets these days and even more now because of all the automatic bans that started happening a month ago.

    1
  • Alpha

    Hotaru 

    So both Grimmjow and Nelly sent you somthing along the lines of this message?

    Hello,

    Thank you for providing the information about your account.

    We’ve escalated your ticket for the team to look into further. Unfortunately, we are unable to give you an estimate time of our response or answer questions about your account, but our team is actively working on these requests.

    Please note that submitting multiple reports regarding the same issue may hamper our team's investigation into your report, and slows down how quickly we can help other users.

    Thank you for your patience and a team member will get back to you when they can.

    Sincerely,

    Discord Trust & Safety

    This was sent to me by Obi Wan Kenobi, I'm unsure if its a bot or not.

    I also saw the post that you commented on where the OP got his account back via requesting for deletion, then speaking about the actual situation to the support agent they were assigned to.

    Do you think that would be a viable course of action?

     

    0
  • Hotaru

    Alpha That's a bot reply, everyone gets these. It's just a way for them to verify your Issue and send It Into the queue system they got.

    You can confirm whether It's a real person or not by looking top right of your ticket where you have the status of your ticket etc, there will be an extra thing there that will say “Assigned to *Name*” 

    This means your ticket has been assigned to a real person, It'll say their name there too. If you don't see any “assigned to” anywhere there then there's no one that has even seen It yet.

    The message you posted Is the exact same as the first one I got, It's their default bot reply.



    To answer your other question, no. I would not recommend trying this, he was extremely lucky and managed to lie his way Into tricking support to help him. If this fails then you can kiss your account goodbye for good, I know this sucks but I would just wait It out regardless of how long It's going to take them to get back to you.

    The less tickets you make the quicker you'll get a reply, don't make anymore regarding the same Issue because you can risk your tickets getting not only put In the back of the queue but also auto flagged as solved.  

    0
  • Alpha

    Hotaru 

    That's how it works? Explains why I couldn't find the @ of Obi

    Thanks for enlightening me

    I'd really like to not wait months upon months, seeing as discord was one of my main social platforms

    Really worried about the damage that was/is being done to those on my friends list

    0
  • Hotaru

    Alpha Did you have any badges on your account?. Like Early Supporter or the likes?.

    If you had ANY badges, then he'll most likely sell It off to someone. If that happens then all your servers and people on your friend list will be wiped, that's what happend to mine after 22 days. Profile picture changed, username changed and name Itself and he deleted and nuked all my servers and friends.

    If you didn't have any badges on the account then It has no value for these kinda hackers, so they will most likely just use It to try and trick people on your friend list Into doing the same that happend to you until they find someone that has an account worth selling.


    They are looking for accounts with high value badges and accounts with credit cards connected to It to sell Nitro with your money, If you ran an exe then they most likely left some malware on the pc Itself to log what you're doing and potentially gain access to even more sensitive accounts when you login to stuff yourself on the machine. 

    But the main thing most of these aim for is just your discord, but after going through what I went through and found out with my own machine I just nuked It and clean reinstalled windows because we found a rootkit that would constantly make 2 trojans on my machine over and over regardless of how many times we removed It. 

    Did a full windows reinstall with all partitions wiped to be completely sure, you can never be too sure when It comes to people like this. It might look like your discord was the only thing you lost but you never know If more than that has been compromised In the process.

    0
  • Alpha

    Hotaru 

    No, just a running nitro subscription that I'll have to cancel if this stretches for too long.

    I wrote up another post about my findings if you're interested in that

    0
  • Hotaru

    Alpha That's good to hear, but be careful If your card Is still connected and running for renewal. If he buys Nitro and gifts It to someone ( sells It ) and you do a chargeback then you also lose your account because of ToS, I'd cancel It as soon as possible If I were you. He can see your card Info on your account, I had nitro running from a 1 month free thing ( I removed my card right afterwards again ) so when I lost access there was nothing he could use. But I took the extra step to call my bank and get my card blocked and a new one sent, when I comes to my card and money Ingeneral I can never be too sure.

    Especially after seeing how bad Discord security Is, when he has access to your account then he can download all your personal data ( ANYTHING ) you have ever typed Into discord Including your credit card details. Yes for some reason It's as easy as going to settings then “Privacy & Safety” at the bottom there's a “request data” button, click that and you get a copy of everything. 

    It Infurates me that It's that simple to steal someones data on the platform, all It requires Is access to your account for a mera 30 seconds and all your personal data Is In their hands.

    0
  • Alpha

    Hotaru 

    Yeah, I should probably get around to doing that

    I looked into it more, and the amount of control and access that tokens give you is ridiculous

    0
  • Hotaru

    Alpha I've never been a fan of tokens Ingeneral regardless of platform, 99% of everything uses It nowdays or atleast allows you to use It. ( As In It auto logs you In when you visit, that's what a tokens does It's a verification system ).

    Youtube / your mail / a lot of games, steam / epic games etc you name It they all have the option or use It by default to remember It's you everytime you open them. I always thought to myself, Is It really worth It to skip a couple seconds everytime to login to your stuff manually everytime?. All It takes Is 1 mistake and some random dude has accesss to anything he wants or made the malware steal because of the function.


    I got extremely lucky because the person that stole my discord also stole my mails session, so he was able to change my info and remove my phone number and add his own locking me out of my own mail, he had access to It he made a new discord account and moved my mail to It then added his own to my discord. 

    I managed to recover my mail after calling support and talking with them over phone for about 30 mins, I got extremely lucky. He had ofc deleted all the mails discord send you for confirmation to chance info etc, but I managed to recover them by talking with support some more a week or so after so I could use them as proof In my ticket too.

    0
  • Alpha

    I think I got luckier than you because my hijacker didn't touch my email account at all, or any of my other accounts.

    I'm in the process of submitting a ticket to cancel my nitro and for my payment methods to be removed

    its funny because clyde responded to me almost instantly

    0
  • Hotaru

    Alpha Aye If It's an easy thing that even the bots can handle then It'll be quick, or even sometimes the bots will be there Instantly for other things too. Sadly can't say the same for the actual trust and safety team though.

    0

Log ind for at efterlade en kommentar.