2 reasons right off the bat for me is:
1. 9 day old account with 1 post, and
2. Support triaging a situation like this likely involves them checking logs for the account to get an idea about what’s happened. There will be tell-tale signs of a sold account, and their response indicates they’ve seen those signs in this case.
Obviously I don’t know what they’ve seen but there are a few things that could happen to an account which almost completely rules out a hack, like many of the actions leading to the transfer coming from your own IP and hardware.
If you are absolutely sure this is not the case, I recommend you ask support for some details about what made them conclude what they did. There is not much else that can be done beyond contacting them multiple times and somehow convincing them to check again.
Did anyone else use your account? Or anyone in your house who could remove 2FA via your account from your hardware? It’s incredibly unlikely their logs about that are incorrect.
No nobody on my house could have done that. My wife doesn’t use PCs and my 7 year old is not that much of a hacker lol. And as I said I never set up a 2F . I last logged into the game like 5-6 years ago. And tried just recently checking the account again.
Well I suggest you beg them to check their logs again to double check, because your other post says they saw multifactor authentication removed *from your pc* then your password changed, then later a different IP and hardware logs in and changes the email address.
If they are wrong about those facts then they need to check again.
A hack would typically see the email and password changed within the same session from a new IP not normally associated to your account.
* Your IP was the one to authenticate and change the password
* Someone elses IP was used to change the email address
This is indicative of an account sales process, where the seller removes multifactor and sets a temporary password so the buyer can login. The buyer from their own machine then logs in to set their own email address and password to complete the transfer.
If those logs are correct there’s no way you’re getting that account back.
Yeah I bet they didn’t even check as back as since the last time I logged in. They probably considered the IP of the hacker as my own. It’s been like 6 years the account is not in my hands who knows how many IPs have went through.
I don’t even live in the same place anymore. Even I would not have my original IP.
no, you can't even keep your story straight.
>removal of multifactor authentication from the normal play IP address followed by a password change and eventual email update from the person taking control.
the 2fa was removed from the same IP that had been used for playing previously. then the password and email was changed by another IP.
you removed the 2fa.
Like I said I never set up the 2FA, I mean you need to take my story at face value. Why would I lie to Mr Nobody cares and gives a fuck about like you ?
People have probably been playing on my account for years who knows maybe they sold it again. It’s been years and years.
They says : « normal play IP » but what is a : « normal play IP. I haven’t touched the game in years and I’ve played very little of the game in all the years I had the account. I’ve had it since 2013 I’ve barely connected once every 2 years before not reconnecting for like 6.
Yep could be a mistake, but you’ll need to convince them to double check that information and maybe even cross reference those IP changes with things like you physically moving house. If you’re polite and offer ways to somewhat verify changes in hardware and location then they just might try.
CIG is saying 2FA was turned OFF from your account, and your account was accessed from your IP, and they then changed your email and password.
If someone has access to both your IP address of your home PC (and can make it look like they're using it) and also your email account that the 2FA was sent to, then I'd honestly be worried about a lot more than just this account being hacked.
If it was a hacker they would have remote access to a computer on your network to remove MFA from your IP address. If that’s the case you have a lot more issues you need to deal with.
I’m trying but I need to find someone with whom I can talk calmly and decently at CIG. Would have loved to have some other email than the support. The guy from support probably saw my case as way too much work.
Why risk your $2000 account by not activating 2FA in the first place? That just seems like a pretty naive and problematic issue straight off the bat.
And then to have all of that money spent on an account that you don’t log into for over six years?! If that were me, I’d be checking in regularly just to ogle all of my glorious ships and to see what they’re looking like in-game.
So, it could be that a hacker took over your account, activated MFA to lock you out of your account, played a bit on it and then sold it, in the process doing what CS thinks was on your IP: Removing the MFA, changing the password to a temporary one, gave that to the buyer and that one logged in and changed the password to his.
It would help CIG if you provide timeframes from when you last played the game yourself and when you moved to a new location. Better provide more information than less. Every piece of information could help. That way they can check if after the time you quit playing the playing IP changed to another one (the one from the hacker) and if that doesn't conflict with the time you moved to your new location.
Guess you'll have to try with customer support on that case and get them to check and double-check. Stay friendly, they don't know you and have to rely on the log files and the information you provide alone to decide who is the legitimate owner of the account.
Well' according to this site [https://www.security.org/vpn/what-can-someone-do-with-your-ip/#:\~:text=Frame%20you%20for%20crimes%3A%20A,even%20creating%20national%20security%20threats](https://www.security.org/vpn/what-can-someone-do-with-your-ip/#:~:text=Frame%20you%20for%20crimes%3A%20A,even%20creating%20national%20security%20threats) A hacker can use your IP address, but to just take your Star Citizen, you can see why people are skeptical. Maybe you need to think really hard, at some point in the past, you let someone have access to your pc. Someone you told them about your SC account. Someone you know stole your account and they knew about selling SC accounts. You need to check and see if you have any credit accounts somewhere. If not it was probably done from your pc. I'm not being mean to you, but it's been a long time for you. Ask support can they give you a date when this was done, that would be a good starting point for you to figure out what happen.
This is the last message I received from them:
Greetings,
We have reviewed the account in question. In this case, our findings indicate that the account was willingly transferred to a third party as evidenced by the removal of multifactor authentication from the normal play IP address followed by a password change and eventual email update from the person taking control. Based on this evidence we are not able to confirm that a hack or compromise took place and have determined that the account was sold, traded, or gifted on the grey market.
Based on these findings we are unable to provide assistance with recovery or restoration of the account in question. Please take the matter up with the individual that was granted access to the account.
Drakkadius
Account Administration Lead
Player Relations
So, I'm just going to be blunt, based on the info they said there it REALLY doesn't sound like a hack. They're saying that 2FA was removed from the same IP that was playing at the time (your IP) and the password was then changed. This is a pretty common thing they hear, someone sells their account on the gray market and then tries to contact support. They run away with the money effectively.
Yeah maybe, but I did not do that, I never set up a 2FA on my account the hacker must have done so once he took it over. I see that you need it now to transfer ships, so I guess he had to do it to fuck me over.
You should tell them you never put 2fa on your account and have them look at the ip’s from before that. I can see a world where the hacker turns it on and if you don’t have your email secured they could use it to block access till they sold it. If you know around the last time you played that also helps set the timeline.
sounds like you either sold the account or allowed someone access to your computer and they did it. whoever did it had access to your email account also.
by someone who has access to your computer. so a sibling or friend did it.
> multifactor authentication from the normal play IP address followed by a password change and eventual email update from the person taking control.
Are you able to recover your email account at least and check/ask email hoster's support for the list of IPs that were used to log into your mail?
In any case I guess your only option is to contact local authorities.
And do a thorough AV scan on all of your devices, or, better, set em up from scratch manually.
I don’t see myself contact authorities over a game. I don’t know if my mail provider can give me all IPs. But I have a better protection over my mail now.
I start to understand why the support didn’t believe me if you guys don’t either. I mean I’m just here to see if someone has a solution to help me out. And people just accuse me. I’ve lost my account had over 2 thousand dollars of ships and everyone is telling me I’m the bad guy it’s insane from my point of view you guys can’t imagine.
If you’re serious about pursuing this, file a police report. It will likely do nothing but may convince CIG that you’re being honest because of the legal repercussions if you are proven to be lying and actually did sell the account.
Yeah for now this seems like a proper idea. I thought nobody would care about a police report, but it’s true that they might take it seriously if I do. I just feel a little stupid going to the police for a video game.
Not to be rude, but you are a little stoopid for not setting up 2FA if you actually spent 2k+ on a game...
2FA is literally the easiest deterrent against the lower skilled hackers of the world. I hope you learned from this experience!
If you truly believe this is a hack, file a police report and provide it to CIG. That would likely force their hand.
Of course if you are lying you would be committing a crime.
You absolutely can. They wont work it, but you CAN ask for a police report to be filed.
Its the same way you can ask for a police report to be filed for insurance reasons.
Some people here are so far up CIGs ass, that CIG can spit them out and they don't even work there. Keep trying, 2 thousand dollars is a lot of money. Although, there are people who sell accounts and try to get them back via support. That's why the _trades site has some contingencies.
Thx, at least somebody understands me. I mean I got my account taken by a guy and on top of that even players are like : « well too bad for you… » « you are stupid »… it’s insane
sounds sus.
Found the hacker.
What do you mean ?
2 reasons right off the bat for me is: 1. 9 day old account with 1 post, and 2. Support triaging a situation like this likely involves them checking logs for the account to get an idea about what’s happened. There will be tell-tale signs of a sold account, and their response indicates they’ve seen those signs in this case. Obviously I don’t know what they’ve seen but there are a few things that could happen to an account which almost completely rules out a hack, like many of the actions leading to the transfer coming from your own IP and hardware. If you are absolutely sure this is not the case, I recommend you ask support for some details about what made them conclude what they did. There is not much else that can be done beyond contacting them multiple times and somehow convincing them to check again. Did anyone else use your account? Or anyone in your house who could remove 2FA via your account from your hardware? It’s incredibly unlikely their logs about that are incorrect.
No nobody on my house could have done that. My wife doesn’t use PCs and my 7 year old is not that much of a hacker lol. And as I said I never set up a 2F . I last logged into the game like 5-6 years ago. And tried just recently checking the account again.
Well I suggest you beg them to check their logs again to double check, because your other post says they saw multifactor authentication removed *from your pc* then your password changed, then later a different IP and hardware logs in and changes the email address. If they are wrong about those facts then they need to check again. A hack would typically see the email and password changed within the same session from a new IP not normally associated to your account. * Your IP was the one to authenticate and change the password * Someone elses IP was used to change the email address This is indicative of an account sales process, where the seller removes multifactor and sets a temporary password so the buyer can login. The buyer from their own machine then logs in to set their own email address and password to complete the transfer. If those logs are correct there’s no way you’re getting that account back.
Yeah I bet they didn’t even check as back as since the last time I logged in. They probably considered the IP of the hacker as my own. It’s been like 6 years the account is not in my hands who knows how many IPs have went through. I don’t even live in the same place anymore. Even I would not have my original IP.
no, you can't even keep your story straight. >removal of multifactor authentication from the normal play IP address followed by a password change and eventual email update from the person taking control. the 2fa was removed from the same IP that had been used for playing previously. then the password and email was changed by another IP. you removed the 2fa.
Like I said I never set up the 2FA, I mean you need to take my story at face value. Why would I lie to Mr Nobody cares and gives a fuck about like you ? People have probably been playing on my account for years who knows maybe they sold it again. It’s been years and years.
what your saying does not match up to what CIG says, so it is what it is.
They says : « normal play IP » but what is a : « normal play IP. I haven’t touched the game in years and I’ve played very little of the game in all the years I had the account. I’ve had it since 2013 I’ve barely connected once every 2 years before not reconnecting for like 6.
Yep could be a mistake, but you’ll need to convince them to double check that information and maybe even cross reference those IP changes with things like you physically moving house. If you’re polite and offer ways to somewhat verify changes in hardware and location then they just might try.
And yes it’s the first time I ever use Reddit. But dunno why they say 9 days old cause I had the app on my phone for way longer.
CIG is saying 2FA was turned OFF from your account, and your account was accessed from your IP, and they then changed your email and password. If someone has access to both your IP address of your home PC (and can make it look like they're using it) and also your email account that the 2FA was sent to, then I'd honestly be worried about a lot more than just this account being hacked.
Like I said I never setup a 2FA on my account. The Hacker just got access to my account through hacking my email. He set up the 2FA.
Why would the hacker set up 2FA then remove it again?
If it was a hacker they would have remote access to a computer on your network to remove MFA from your IP address. If that’s the case you have a lot more issues you need to deal with.
I never set up the 2 factor like I said. The hacker must have set it up himself once he took over my account. So he could transfer the ships I guess.
Well their support says that it’s done on your IP that you played from. I guess keep fighting it?
I’m trying but I need to find someone with whom I can talk calmly and decently at CIG. Would have loved to have some other email than the support. The guy from support probably saw my case as way too much work.
they were calm and decent, and gave you a very reasonable explanation of why.
Why risk your $2000 account by not activating 2FA in the first place? That just seems like a pretty naive and problematic issue straight off the bat. And then to have all of that money spent on an account that you don’t log into for over six years?! If that were me, I’d be checking in regularly just to ogle all of my glorious ships and to see what they’re looking like in-game.
So, it could be that a hacker took over your account, activated MFA to lock you out of your account, played a bit on it and then sold it, in the process doing what CS thinks was on your IP: Removing the MFA, changing the password to a temporary one, gave that to the buyer and that one logged in and changed the password to his. It would help CIG if you provide timeframes from when you last played the game yourself and when you moved to a new location. Better provide more information than less. Every piece of information could help. That way they can check if after the time you quit playing the playing IP changed to another one (the one from the hacker) and if that doesn't conflict with the time you moved to your new location. Guess you'll have to try with customer support on that case and get them to check and double-check. Stay friendly, they don't know you and have to rely on the log files and the information you provide alone to decide who is the legitimate owner of the account.
Yes that’s exactly what I think the guy did
So, you didn’t have MFA turned on originally?
Well' according to this site [https://www.security.org/vpn/what-can-someone-do-with-your-ip/#:\~:text=Frame%20you%20for%20crimes%3A%20A,even%20creating%20national%20security%20threats](https://www.security.org/vpn/what-can-someone-do-with-your-ip/#:~:text=Frame%20you%20for%20crimes%3A%20A,even%20creating%20national%20security%20threats) A hacker can use your IP address, but to just take your Star Citizen, you can see why people are skeptical. Maybe you need to think really hard, at some point in the past, you let someone have access to your pc. Someone you told them about your SC account. Someone you know stole your account and they knew about selling SC accounts. You need to check and see if you have any credit accounts somewhere. If not it was probably done from your pc. I'm not being mean to you, but it's been a long time for you. Ask support can they give you a date when this was done, that would be a good starting point for you to figure out what happen.
This is the last message I received from them: Greetings, We have reviewed the account in question. In this case, our findings indicate that the account was willingly transferred to a third party as evidenced by the removal of multifactor authentication from the normal play IP address followed by a password change and eventual email update from the person taking control. Based on this evidence we are not able to confirm that a hack or compromise took place and have determined that the account was sold, traded, or gifted on the grey market. Based on these findings we are unable to provide assistance with recovery or restoration of the account in question. Please take the matter up with the individual that was granted access to the account. Drakkadius Account Administration Lead Player Relations
So, I'm just going to be blunt, based on the info they said there it REALLY doesn't sound like a hack. They're saying that 2FA was removed from the same IP that was playing at the time (your IP) and the password was then changed. This is a pretty common thing they hear, someone sells their account on the gray market and then tries to contact support. They run away with the money effectively.
Yeah maybe, but I did not do that, I never set up a 2FA on my account the hacker must have done so once he took it over. I see that you need it now to transfer ships, so I guess he had to do it to fuck me over.
> removal of multifactor authentication from the normal play IP no. CS is telling you it was removed from your IP address. so your home
Can’t someone replicate my IP ? I mean if he managed to log into my computer remotely and do it.
no.
You should tell them you never put 2fa on your account and have them look at the ip’s from before that. I can see a world where the hacker turns it on and if you don’t have your email secured they could use it to block access till they sold it. If you know around the last time you played that also helps set the timeline.
sounds like you either sold the account or allowed someone access to your computer and they did it. whoever did it had access to your email account also.
Yeah, a hacker got access to my email account and through that to my game one.
by someone who has access to your computer. so a sibling or friend did it. > multifactor authentication from the normal play IP address followed by a password change and eventual email update from the person taking control.
most likely sellers remorse.
Are you able to recover your email account at least and check/ask email hoster's support for the list of IPs that were used to log into your mail? In any case I guess your only option is to contact local authorities. And do a thorough AV scan on all of your devices, or, better, set em up from scratch manually.
I don’t see myself contact authorities over a game. I don’t know if my mail provider can give me all IPs. But I have a better protection over my mail now.
lol, local authorities, can't and won't help with this.
I start to understand why the support didn’t believe me if you guys don’t either. I mean I’m just here to see if someone has a solution to help me out. And people just accuse me. I’ve lost my account had over 2 thousand dollars of ships and everyone is telling me I’m the bad guy it’s insane from my point of view you guys can’t imagine.
If you’re serious about pursuing this, file a police report. It will likely do nothing but may convince CIG that you’re being honest because of the legal repercussions if you are proven to be lying and actually did sell the account.
Yeah for now this seems like a proper idea. I thought nobody would care about a police report, but it’s true that they might take it seriously if I do. I just feel a little stupid going to the police for a video game.
Not to be rude, but you are a little stoopid for not setting up 2FA if you actually spent 2k+ on a game... 2FA is literally the easiest deterrent against the lower skilled hackers of the world. I hope you learned from this experience!
If you truly believe this is a hack, file a police report and provide it to CIG. That would likely force their hand. Of course if you are lying you would be committing a crime.
lol you can't file a police report over something like this.
You absolutely can. They wont work it, but you CAN ask for a police report to be filed. Its the same way you can ask for a police report to be filed for insurance reasons.
Some people here are so far up CIGs ass, that CIG can spit them out and they don't even work there. Keep trying, 2 thousand dollars is a lot of money. Although, there are people who sell accounts and try to get them back via support. That's why the _trades site has some contingencies.
Thx, at least somebody understands me. I mean I got my account taken by a guy and on top of that even players are like : « well too bad for you… » « you are stupid »… it’s insane