I also suspected it was a sessionid hack based on the news as tradesite for poe2 seems to function slightly differently compared to poe1, poe2 seems to be able to instantly update listings the moment the item is in a stash compared to 1 needing an instance change
after inspecting the direct whisper button it seems to use an inline onclick event handler which triggers a javascript function. with this, there is a risk of cross site scripting also known as XSS in which the attacker can inject scripts into websites. for example, the seller's name can be used to execute a script. it's possible that GGG isn't properly validating the parameters of the whisper function client-side. though this is just a potential way of users getting hacked i have no proof or evidence at all so take it with a grain of salt. another thing is that the teleport to party button could trigger an API request and if the API endpoints are insecure without proper authentication and if it relies on a player's session cookies i believe this could be another potential of a way user's get their account hacked? idk. what a lot of people have been brushing over even though they've pointed fingers at 3rd party programs is that loot filters could be a potential vulnerability too.
I'm not knowledgeable enough about your subject matter to be able to converse with you about it but whatever you said is really cool and it'll take me some time to understand it. Hopefully lootfilters are not an issue. I'm currently using Fubgun's. xd
@@Uberjager I thought about this but I'm sure their Cyber sec team is aware of potential vulnerabilities and trying to fix it now. My insight could be wrong which might hinder them by leading them to a red herring.
What a shame. Thanks for bringing more attention to this. Sorry you had to be one of the martyrs. Hopefully we can get back in the swing of things with a patch to this, some balances changes, and new reset from GGG.
I don't honestly care too much tbh I've been looking for a reason to stop playing but the game has been addictive so it was super hard to do so. HAHA this might actually be a good thing.
@@Uberjager torchlight new league on 9 look like a good reason to stop playing this small variety build poe and economy breakdown for now and you can do poe1 new league after torchlight too xd
@@safsdafsa3530 I got really bored of torchlight after the first season and haven't played it since. Doesn't help that the friend I play POE with doesn't like it.
Never so many people have been hacked in Poe 1 and now so many people are being hacked in Poe 2. Of course its is GGG fault and there is vulnerability somewhere.
session ID's can't be hacked to access your account, this is disproven by the Exilence dev who worked on the POE wesbite session ID and cookie code for years. Don't listen to this garbage, he sold off his goods for real cash and is putting up smokes and mirrors in an attempt to garner sympathy. Bro has wanted to quit for 4 days now and found himself an easy and profitable getaway vehicle.
@@UmrAl-Tawil4422 Haven't had a problem in POE1. I'd play SSF if it weren't for the fact that trade existing accelerates my progression so I can try weird builds. Can't really do that in SSF tbh.
@@friednoodles4935 What are you yapping about?? That's the most conspirationist thing I've heard LOL. And yes sessionID is a real thing, I've even had a strange interaction today, traded with a guy, waited 10 seconds in trade window,then after a couple mins I got dmed a rmt message like " do you want to buy currency"? I mean that typical bot rmt comment
I'm stoic about everything. We get 80 years of existence in a universe that spans infinitely into time. We all go through the process of gaining and striving for things and then ultimately losing everything. Its just how life is.
This is probably because of the login to the trading site. For some reason, it asks for a login every half hour or even more often, even though you click the remember me checkbox.
the trade website has an HTTPS encryption, you're completely safe to use it. Also the reason we're being logged out is because they turned on traffic limits with cloudflare, the next time it loads you'll see that cloudflare is the one asking you to verify yourself, so that bots can't scour the website basically. Don't listen to a word of what this dude says, he still has his gear which is HIGHLY unlikely to be left behind by a real hacker. He offloaded his currency and is playing it off as a hack for god knows what reason.
GGG did this so the trade site wouldnt go offline constantly from too many people searching at once. Before they did this, the trade site was unusable.
They didn't take gear, only currency (weird tho). Anyway. I've been bored of POE since like the wrap up video and only popped in for abit just to complete the pathfinder (didn't want to leave it hanging without a completed build). Sent an email to support and detailed my observations. Hope GGG can get this fixed for the rest of you guys who are still playing.
@@Uberjager yes, how weird that they would not follow the recent trend of hackings and take everything of value ;) Ooh I very much doubt you sent GGG support an email, that would give them probable cause to search your logs now wouldn't it? They might discover someone has been a naughty little boy and has been offloading his currency to RMT websites, am I right?
@@Uberjager I don't know who you're trying to convince here, you kept deleting my source regarding the truth behind your "hack" through sessionID, clearly a guilty conscience. Then you post this weak ass video of a listing of your item.. the guy who paypaled you the money for it is going to be pissed when he finds out you got him banned lmfao.
@friednoodles4935 are you stupid? You can't post links on RUclips. They get auto removed. It has nothing to do with me. Take it up with the website. Its not me.
@Uberjager yeah unfortunately for the hackers I'm very poor xD. Ggg need to fix this asap though this is extremely bad from what I've heard they are just targeting people by seeing what they are selling on the trade site Also this friednoodles guy accusing u of rmt is fucking hilarious what a bozo LOL
this happened to my friend too. he allegedly has a unique password for poe2, so there was no possibility of using an exisitng password from a data breach elsewhere. they took his mirror service item and most of his net worth
Nah I'm bored of POE for now might just buy Stalker 2 and give that a shot. Actually I have a whole bunch of work to do so... maybe Stalker 2 sometime in March lmao.
nope. The only two ways I have accessed POE2 is through 2 ways: 1. Steam 2. www.pathofexile.com/trade2/search/poe2/Standard/ Very likely sessionID is being compromised through ingame interactions and they're using it to access accounts.
@@Uberjager Your sessionID cant be compromised and used to access your account. If that were the case, every rich crafter in the game would have been hacked ages ago. Anyone with 2 functioning braincells would reach that conclusion, only reason you're pushing this narrative is that you blatantly RMTd your items since you were going to quit anyways.
@@GE_Photon_Lord Lol, you reply on your 2nd account and remove my comment. This is honestly hilarious to watch. I hope you look forward to making a new channel when you want to start uploading again!
Steam. Also this is a brand new computer (I bought right before EA) and the only thing installed is a browser and some games. I don't think my computer is compromised. I have far more valuable IRL things that I would be worrying about in that case (investments etc.).
@@Uberjager I've been avoiding Stalker 2, much like Stalker 1 when it came out.... a year later it was reaching its potential of being amazing....so hopefully its still on Game Pass later this year lol
Bruh this is so fuckin sad, spending days and nights to get that all, and loose it all in one day, i don`t even know how you record it very calmly, this is really sad, good luck with your new beginnings. Fate has brought you an unexpected gift for the new year..... Stay strong man. GL
xdd its just pixels. Everything I consider valuable in life isn't online. Anyway its great that it happened to me. I can document the issue in ways most other players can't and help shed some light onto this issue.
i think the question shouldn't be why play poe2, but rather why play poe2 through steam. how much easier is it to hack someone playing from actual client download rather than through steam?
this is scary since I do a lot of trading especially those chinese players or maybe bots where they will instantly not even a second respond to my trade I hope I dont get hacked
dude just made bank or legit is a victim, we will never know. i hope you made bank. most likely is the case considering they left a ton of value on your account.
People can’t seem to comprehend that people are getting hacked without using RMT or any third party app. I hope these people get hacked so they can learn a lesson. PS: before this happened another streamer I subscribed to had this happened to him, and he also said that he did NOT have any third party app or used RMT. However, GGG has refused to accept that their game has been compromised.
Ive honestly been waiting for this to happen tbh because I've meticulously eliminated all other possibilities for an account breach. And because I have everything documented its pretty clear there's a vulnerability in the game that is being expoited.
I mean its quite possible that only a person like you would be stupid enough to make a video complaining about getting hacked after selling currency via RMT. Stop assuming everyone is as dumb as you lmao.
@@Uberjager Ooh except you pretend to know anything about sessionID from the bullshit reddit threads you've been reading (despite the dev of Exilence disproving these statements) thought that would be a great scapegoat to make you sound smart and took advantage of the rampant RMT ongoing to cash out. We get it, it's tempting, there's no need to dress it up and pretend like you're some victim. Yeah I don't buy it. The people who truly got hacked lost every valuable item they had, what a coincidence you still have a build to come back to and farm a little more cheeky dollaroonis eh?
@@Uberjager i mean you do seem pretty brainless, you think anyone is going to believe theyre going to take your currency, a shitty temporalis that is worth 20-30div, and not take all your other valuables? when people being hacked are being cleaned out LOL you can fool the d4 casuals who are too stupid to understand, but everyone with a brain who plays this game knows you just liquidated some, and made a video to hop on for views lol
@@Uberjager deleted my comment because it made you look dumb eh? Shame on you. You might have the D4 andies fooled, but you're not fooling anyone with this. I can only hope GGG looks into your logs and bans you indefinitely for offloading EA currency on those who don't know any better.
@@Uberjager lidl brosef wants to earn cash and jump on hacking hype train at the same time lmao. you did a real sloppy job faking a crime scene lidl bro, better delete the video like you deleted this guys second comment make sure you actually make it believable next time
I also suspected it was a sessionid hack based on the news as tradesite for poe2 seems to function slightly differently compared to poe1, poe2 seems to be able to instantly update listings the moment the item is in a stash compared to 1 needing an instance change
after inspecting the direct whisper button it seems to use an inline onclick event handler which triggers a javascript function. with this, there is a risk of cross site scripting also known as XSS in which the attacker can inject scripts into websites. for example, the seller's name can be used to execute a script. it's possible that GGG isn't properly validating the parameters of the whisper function client-side. though this is just a potential way of users getting hacked i have no proof or evidence at all so take it with a grain of salt.
another thing is that the teleport to party button could trigger an API request and if the API endpoints are insecure without proper authentication and if it relies on a player's session cookies i believe this could be another potential of a way user's get their account hacked? idk.
what a lot of people have been brushing over even though they've pointed fingers at 3rd party programs is that loot filters could be a potential vulnerability too.
I'm not knowledgeable enough about your subject matter to be able to converse with you about it but whatever you said is really cool and it'll take me some time to understand it.
Hopefully lootfilters are not an issue. I'm currently using Fubgun's. xd
@Uberjager basically the trade website's whisper function and the party teleport button has the highest potential of where a vulnerability is.
@@andoryus Ever thought to put your inputs n the technical feedback on the forums? GGG might find them helpful.
@@Uberjager I thought about this but I'm sure their Cyber sec team is aware of potential vulnerabilities and trying to fix it now. My insight could be wrong which might hinder them by leading them to a red herring.
@@andoryus ah gotcha thanks for sharing though, learnt something new!
What a shame. Thanks for bringing more attention to this. Sorry you had to be one of the martyrs. Hopefully we can get back in the swing of things with a patch to this, some balances changes, and new reset from GGG.
I don't honestly care too much tbh I've been looking for a reason to stop playing but the game has been addictive so it was super hard to do so.
HAHA this might actually be a good thing.
@@Uberjager torchlight new league on 9 look like a good reason to stop playing this small variety build poe and economy breakdown for now and you can do poe1 new league after torchlight too xd
@@safsdafsa3530 I got really bored of torchlight after the first season and haven't played it since. Doesn't help that the friend I play POE with doesn't like it.
thats a cute avatar!
@@dr.drakeramoray789 Not mine I hope Lol
i think it has something to do with the pause funktion when you disconnect. it leaves the session open which makes it vulnerable to takeovers
Never so many people have been hacked in Poe 1 and now so many people are being hacked in Poe 2. Of course its is GGG fault and there is vulnerability somewhere.
Can u define 'pretty dubilous trade' ??
feel bad for u :(
Yes it's through sessionID, that's why I play SSF for now.
xdd I'm just going to play Stalker 2.
Finally out of the POE jail cell.
SSF all the way and no 3rd party site logins and l haven't had a problem in 10 years
session ID's can't be hacked to access your account, this is disproven by the Exilence dev who worked on the POE wesbite session ID and cookie code for years. Don't listen to this garbage, he sold off his goods for real cash and is putting up smokes and mirrors in an attempt to garner sympathy. Bro has wanted to quit for 4 days now and found himself an easy and profitable getaway vehicle.
@@UmrAl-Tawil4422 Haven't had a problem in POE1.
I'd play SSF if it weren't for the fact that trade existing accelerates my progression so I can try weird builds.
Can't really do that in SSF tbh.
@@friednoodles4935 What are you yapping about?? That's the most conspirationist thing I've heard LOL.
And yes sessionID is a real thing, I've even had a strange interaction today, traded with a guy, waited 10 seconds in trade window,then after a couple mins I got dmed a rmt message like " do you want to buy currency"? I mean that typical bot rmt comment
wait--- you create a complex password... and then you... wrote... it down?! dont do that again plz.
I just described the equivalent of it, its not what I did exactly. Lol
surprisingly you're quite stoic about this spate of events, well done
I'm stoic about everything. We get 80 years of existence in a universe that spans infinitely into time.
We all go through the process of gaining and striving for things and then ultimately losing everything. Its just how life is.
@@Uberjager have you tried ravenswatch?
This is probably because of the login to the trading site. For some reason, it asks for a login every half hour or even more often, even though you click the remember me checkbox.
@@ВладК-ш7м Yeah I noticed that as well.
the trade website has an HTTPS encryption, you're completely safe to use it. Also the reason we're being logged out is because they turned on traffic limits with cloudflare, the next time it loads you'll see that cloudflare is the one asking you to verify yourself, so that bots can't scour the website basically. Don't listen to a word of what this dude says, he still has his gear which is HIGHLY unlikely to be left behind by a real hacker. He offloaded his currency and is playing it off as a hack for god knows what reason.
@@GE_Photon_Lord
ruclips.net/video/a9R-i9qP4p4/видео.html
XDDD
GGG did this so the trade site wouldnt go offline constantly from too many people searching at once. Before they did this, the trade site was unusable.
@@JtotheDoubleL just put auction house in game. Multiple problems solved
Oh my god! You had insane gear
They didn't take gear, only currency (weird tho).
Anyway. I've been bored of POE since like the wrap up video and only popped in for abit just to complete the pathfinder (didn't want to leave it hanging without a completed build).
Sent an email to support and detailed my observations. Hope GGG can get this fixed for the rest of you guys who are still playing.
@@Uberjager yes, how weird that they would not follow the recent trend of hackings and take everything of value ;)
Ooh I very much doubt you sent GGG support an email, that would give them probable cause to search your logs now wouldn't it? They might discover someone has been a naughty little boy and has been offloading his currency to RMT websites, am I right?
@@friednoodles4935
happy to have them search my logs. LOL.
ruclips.net/video/a9R-i9qP4p4/видео.html
@@Uberjager I don't know who you're trying to convince here, you kept deleting my source regarding the truth behind your "hack" through sessionID, clearly a guilty conscience. Then you post this weak ass video of a listing of your item.. the guy who paypaled you the money for it is going to be pissed when he finds out you got him banned lmfao.
@friednoodles4935 are you stupid?
You can't post links on RUclips. They get auto removed. It has nothing to do with me.
Take it up with the website. Its not me.
wtf monkas i guess i shouldnt list anything expensive to avoid being a hack target
I meaaaaan its EA on a video game.
Just have fun? Can always quit when it stop being fun.
@Uberjager yeah unfortunately for the hackers I'm very poor xD. Ggg need to fix this asap though this is extremely bad from what I've heard they are just targeting people by seeing what they are selling on the trade site
Also this friednoodles guy accusing u of rmt is fucking hilarious what a bozo LOL
this happened to my friend too. he allegedly has a unique password for poe2, so there was no possibility of using an exisitng password from a data breach elsewhere. they took his mirror service item and most of his net worth
Ye. THANKFULLY this is EA tho.
Like it really doesn't matter at all cuz they could wipe the server and it would make no difference to me.
@@Uberjager people still RMT big time and its money money
fuck. that’s crazy bro, hope they fix this
Holly molly 😢 it’s so sad
U comin back to ruthless to poe 1 ? Sorry to hear you got hacked :(
Nah I'm bored of POE for now might just buy Stalker 2 and give that a shot.
Actually I have a whole bunch of work to do so... maybe Stalker 2 sometime in March lmao.
do you use any overlays?
nope. The only two ways I have accessed POE2 is through 2 ways:
1. Steam
2. www.pathofexile.com/trade2/search/poe2/Standard/
Very likely sessionID is being compromised through ingame interactions and they're using it to access accounts.
@@Uberjager Your sessionID cant be compromised and used to access your account. If that were the case, every rich crafter in the game would have been hacked ages ago. Anyone with 2 functioning braincells would reach that conclusion, only reason you're pushing this narrative is that you blatantly RMTd your items since you were going to quit anyways.
@eg-a2357 Makes no sense
@@GE_Photon_Lord Lol, you reply on your 2nd account and remove my comment. This is honestly hilarious to watch. I hope you look forward to making a new channel when you want to start uploading again!
@@eg-a2357 I can't remove comments 😭😭😭
Who would do such a thing people are strange just play game have fun
FIX UR GAME GGG xd
xdd
CHRIIIIISSS
when you login on the trade website do you usually use email or steam?
Steam.
Also this is a brand new computer (I bought right before EA) and the only thing installed is a browser and some games.
I don't think my computer is compromised. I have far more valuable IRL things that I would be worrying about in that case (investments etc.).
Time for SSF I guess
@@DabuTV or Stalker 2. xd
@@Uberjager I've been avoiding Stalker 2, much like Stalker 1 when it came out.... a year later it was reaching its potential of being amazing....so hopefully its still on Game Pass later this year lol
Bruh this is so fuckin sad, spending days and nights to get that all, and loose it all in one day, i don`t even know how you record it very calmly, this is really sad, good luck with your new beginnings. Fate has brought you an unexpected gift for the new year..... Stay strong man. GL
xdd its just pixels.
Everything I consider valuable in life isn't online.
Anyway its great that it happened to me. I can document the issue in ways most other players can't and help shed some light onto this issue.
it's easy to let go of anything if you don't get emotionally involved/attached
@@TheVoyageHome i league started monk for inner peace. xddd
me too buddy. me too
i think the question shouldn't be why play poe2, but rather why play poe2 through steam. how much easier is it to hack someone playing from actual client download rather than through steam?
Cuz I don't have to key in my password and also because Steam's security is considerably better than GGG's.
this is scary since I do a lot of trading especially those chinese players or maybe bots where they will instantly not even a second respond to my trade I hope I dont get hacked
afaik "rich" players are getting targeted.
I would say stop for a month and see where it goes.
how many burgers are you going to buy with the RMT money you made from liquidating?
Enough to take your mom out for dinner for a couple of hours
@@Uberjager XDDDDD
@@Uberjager when you get banned for RMTing what game are you gonna play
@@jevrap I'm going to have alot of time so you'll not be having your mother for a while.
@@Uberjagerhahahhahahahaha top g
dude just made bank or legit is a victim, we will never know. i hope you made bank. most likely is the case considering they left a ton of value on your account.
I sent a report to GGG this morning. Soooo nah, didn't make bank.
People can’t seem to comprehend that people are getting hacked without using RMT or any third party app. I hope these people get hacked so they can learn a lesson.
PS: before this happened another streamer I subscribed to had this happened to him, and he also said that he did NOT have any third party app or used RMT. However, GGG has refused to accept that their game has been compromised.
Ive honestly been waiting for this to happen tbh because I've meticulously eliminated all other possibilities for an account breach. And because I have everything documented its pretty clear there's a vulnerability in the game that is being expoited.
Jeez that comment section is toxic af
Don't be too troubled about it. It's just one guy with 5 accounts.
lol
They didn't take your 36D flask, QOTF, various other stacks of valuable currency? Let's see your paypal transactions lil bro
I mean its quite possible that only a person like you would be stupid enough to make a video complaining about getting hacked after selling currency via RMT.
Stop assuming everyone is as dumb as you lmao.
@@Uberjager Ooh except you pretend to know anything about sessionID from the bullshit reddit threads you've been reading (despite the dev of Exilence disproving these statements) thought that would be a great scapegoat to make you sound smart and took advantage of the rampant RMT ongoing to cash out. We get it, it's tempting, there's no need to dress it up and pretend like you're some victim. Yeah I don't buy it. The people who truly got hacked lost every valuable item they had, what a coincidence you still have a build to come back to and farm a little more cheeky dollaroonis eh?
@@Uberjager i mean you do seem pretty brainless, you think anyone is going to believe theyre going to take your currency, a shitty temporalis that is worth 20-30div, and not take all your other valuables? when people being hacked are being cleaned out LOL
you can fool the d4 casuals who are too stupid to understand, but everyone with a brain who plays this game knows you just liquidated some, and made a video to hop on for views lol
@@Uberjager deleted my comment because it made you look dumb eh? Shame on you. You might have the D4 andies fooled, but you're not fooling anyone with this. I can only hope GGG looks into your logs and bans you indefinitely for offloading EA currency on those who don't know any better.
@@Uberjager lidl brosef wants to earn cash and jump on hacking hype train at the same time lmao. you did a real sloppy job faking a crime scene lidl bro, better delete the video like you deleted this guys second comment
make sure you actually make it believable next time