A compromised account

8/03/2024 19:06

Hello there Discord Support,
I am writing again because I haven't heard anything from support that last 4 days which worries me.

I am writing to respectfully request the reactivation of my account "spocks.friday.nights". It all started March 5th at 5:39pm when I was reached out by one my supporters via DM. The hacker account name is "Bax" and the individual sent me a website link to try out their game. The actual owner of the account is a game developer and the link did not look suspicious at the time. I personally believe it was well disguised and was aimed at people like me who develop video-games. The hacker originated in a discord I was in related to gaming development called "Vertex" (https://discord.com/invite/vertex-316959859704856586).

After I downloaded the program and ran the installer, I noticed my discord logged out then logged back in. It was going crazy and mass sending messages to everyone I was added to. The message that was being sent was the same link I clicked on trying to bait more people into the trap. I am not sure how the hacker was able to infiltrate my account as I have had 2FA activated on my account for over 2 years. Nobody would be able to sign in unless provided the authenticator code or at least I thought. The hacker was also able to charge $100 on my account for Nitro which I called the bank and asked them to reverse because I was not the person who made the charge.

I would really appreciate any clarity on the matter as I am worried to lose all of my contacts, music and pictures that were on my account. I am also worried about my privacy and safety revolving around 2FA, if it really works. I come from a small, but well known YouTube channel in the Star Trek community and a lot of my friends are already spreading the word that my account was hacked. I even kindly put out a post on twitter direct towards discord support. I miss my account and this was probably the worst birthday present I could ask for. I am attaching files that were sent from the hacker and also a picture of my account sending the suspicious link. I also want to clarify that I am not the one sending any of messages in these photos. These were screenshots on my end before my account was disabled and a screenshot from my friends perspective when he was also sent the link.

Thank you for your time and have a wonderful day.

https://imgur.com/yTOXUBu

https://imgur.com/DHMTQXA

https://imgur.com/Wr5ASue

https://imgur.com/hPMiFQa

Komentarze

Komentarze: 15

Hotaru

9/03/2024 14:01
You got token logged, he killed your discord and re-opend It to get a fresh token ( It generates one everytime you login ) This Is the proof of ownership or basically what It uses to determine that It's YOU logging In. He steals this to Instantly login to your account skipping any security you have set up because It thinks It's you.

Change your password If you still have access, that Invalidates the token. Also be wary of what else It might have done when you ran the exe, what all we know It could have Installed a keylogger or rat on your pc and he'll be able to steal even more In the future. Malware Is one hell of a headache to deal with, I fell for the same thing last month and I had to do a clean windows reinstall.

I haven't gotten a reply from support for nearly 40 days now, so be ready to wait for awhile. Sorry this happend to you.
0
Spock’s Friday Nights

9/03/2024 22:48
Hotaru Thank you for the reply. I cannot tell you how good it is to hear from a human for once. It is seriously unfortunate considering my account is 8 years old and has always been in good standing. Very poor on their part that they cannot respond as quickly as they disable accounts. It was a very well disguised scam as I delete a lot of scam messages everyday and never fall for them. This was my first hack ever and I feel like a complete idiot. The website was very believable for an indie-developer making a game. He included a full backstory, genre description, mechanic descriptions, etc. The whole 9 yards.

I really hope I can receive my account before March 18th or April 3rd as I could lose all my data since Discord thought it was a good idea to wipe the account if it has been disabled for at least 14-30 days.
0
Hotaru

10/03/2024 01:02
Spock’s Friday Nights I know what you mean haha, the support Is rough for discord these days. I hope you get a reply quicker than me, most have to wait up to 2 months when It comes to hacked accounts.

The person that stole my account sold It off on day 22, ofc the new person on It deleted every server I owned and unfriended everyone. I lost a LOT of friends that I won't be able to get back and a few fairly large servers, none of this can be reversed sadly. The best outcome of my ticket Is I get my account back, but It'll be completely filled with whatever friends the new person had added and servers. So I'll have nothing left on It, but I just want It back atleast.
0
Spock’s Friday Nights

10/03/2024 02:42
Hotaru I am really sorry to hear that. I hope you get your account back too. What happened to me was the “try my fps game” malware scam. As far as I am aware nobody has access to my account since Discord disabled it. Since they did that I cannot reset my password because it keeps telling me “This account is disabled”. It could have been a lot worse, but what worries me is how easy it was for the hacker to bypass Discord's 2FA. As for my other 2FAs for Google, Steam, etc, they're all safe. I have not wiped my PC yet because I do not have enough information on the drivers I need to make sure to install when I reinstall windows. I may do more harm than good I don't know. It really is a shame this happened since everything was in such a good place.
0
Hotaru

10/03/2024 03:48

Edytowano
Spock’s Friday Nights Sadly there's nothing they can do on their end security wise that I know of that could stop what happend to you, the token thing Is used on 99% of all platforms as a ease of access kinda thing. Like when you open youtube then you'll automatically be logged In, this Is your token logging you In automatically so you don't have to everytime. Anything that logs you In automatically when you go on It.

The person that stole my account managed to not only token log my discord but also my mail connected to It because It auto logged me In when I went to It, he changed my password and removed my phone number etc from It and locked me out of It. I managed to get It back like 30 / 60 mins later from calling support on the phone, but this could have ended a LOT worse for me.

The message I got that started this whole thing for me was from a friend of mine that I've known for 10 years, the hacker had brute forced my friends account and messaged people on his friend list ( me being one of them ).

He asked If I could try out a game he was making, the standard. It's like what you went through but more sketch, the link took me to mediafire which I Instantly got a bad feeling about. My tired ass ( I had been awake for around 30 hours at that point and It was early morning, I was just about to go to sleep ) ofc downloaded It anyways.

It killed my discord AND my browser ( which means he stole all my cookies / saved passwords on It Including my tokens for sessions I had open ( My mail being one of them ).

In the time he had my mail he managed to make a new discord account, move my mail to the new account and put his own on mine. Then he enabled 2fa on the new account he made with a throw away phone number so I couldn't get Into It to delete It.

After I got my mail back I realized that the mails I should have gotten regarding changing password and mail for my main discord wasn't there, so he had deleted the mails so I couldn't use them as proof.

I managed to restore them after about 3 hours of talking with support on the phone again and some back and fourth on mail Itself.

Which brings me to today, still waiting for a reply but as I wrote above. The account Is completely nuked and bloated with whatever the new person has done on It so far, so yeah.

Going forward I'll now never run or download anything someone else sends me, It's simply just not worth the risk. Anyone you know could have been hacked and Is trying to bait you Into doing or trying something. It's sad that It has come to this nowdays.

This also Installed a rat with a nice rootkit that kept redownloading 2 trojans everytime I got rid of them, I managed to rid the root but who knows what else might have made its way Into the system and hidden Itself. So I decided to nuke the whole machine drives Included.
0
Spock’s Friday Nights

11/03/2024 14:00
Hotaru That is a friggin mess. I am really sorry. The other day, I received a message from Discord support. It was from Clyde, informing me that my account will not be reinstated since it violated the terms of service. I have not received a response from anyone despite leaving the ticket open. It is incomprehensible that I am being penalized for someone else's scam, especially because the hacker got around 2FA, which is Discord's problem and not mine. I would imagine that if they caught me using a token logger while I was reporting a hack on my account, they would gather the evidence and attempt to establish whether or not I am the account's owner.
0
Hotaru

11/03/2024 17:47
Spock’s Friday Nights I'm sorry to hear this, I'd post another comment on It to keep It open In hope of getting a real person to reply. It's completely unacceptable the quality of support nowdays.
0
Alpha

13/03/2024 06:38
Spock’s Friday Nights
Any luck with responses?
Discord's support website has been quiet for me since March 5, but their twitter support page has responded to me twice.
0
Spock’s Friday Nights

13/03/2024 07:14
@Alpha

That's amazing. I have not gotten anything back from Discord on Twitter. I was completely ignored. As for the support website, I kept getting a reply from Clyde bot stating my account will not be reinstated. I am being punished for the actions of a hacker. I am currently remaking my server.
0
Alpha

13/03/2024 07:23
Spock’s Friday Nights
If tagging them in a post hasn't worked, perhaps you could try reaching out to them in their Direct Messages.
Could you also show/summarise the automated clyde response to me?
0
Spock’s Friday Nights

13/03/2024 08:39
I have done both. I tagged them in a post and direct messaged them as well. Nothing. This was the response I got from Clyde bot twice:

"Hello,
Your account was disabled for violating our Terms of Service or Community Guidelines. We will not reinstate the account.
Sincerely,
Discord Trust & Safety"
0
Alpha

13/03/2024 09:52

Edytowano
Spock’s Friday Nights
Sorry about Twitter.
As with the support site, it sounds like that your tickets might be auto-filtered by the system before they can reach the eyes of a team member.
Perhaps you could try making the ticket from a different support account or rephrasing your requests so that the automod doesn't filter you.
0
hexxars

9/06/2024 04:10

Edytowano
Hey! I'm also a victim of discord's autogenerated support system, and was wondering if any of you guys could lend me their number to call them.
Hotaru, you said you got your account back by actually calling support? I've tried that and was sent to voicemail immediately, no response as of a week later. Could you drop me that number? Thanks!
-1
chance joyal

30/06/2024 21:38

Edytowano
I can try to help you please DM me my username is spikesgaming123
1
Kori

5/07/2024 00:59
I got scammed too (tho it was a different type) on June 25th and so far I’ve gotten nothing but Clyde telling me to make a new account. I also did try calling but it just takes you to the voicemail so that seems futile. I hope I can get my account back sometime :<
0

Zaloguj się, aby dodać komentarz.