There I am minding my own business, running my bots, when I stumble into a Jah rune. Elated that I'm 1 rune away from an Enigma and have a bunch of Ists saved up to possibly get a Ber to complete it.
I make a game to trade, and a seemingly nice fellow joins, saying he's getting ready to quit//give away free stuff, if all I'll do is join some forums to talk about diablo 3, since he just got a fan site (supposedly) up and running.
**-- I should have known right there, stopped what I was doing, and continued what I was doing, yes, don't remind me --**
Anyway, he gives me the url, which is under the ___.1x.net free domain service. There's some shoddy java plugin, I click "run anyway" (and that's presumably when he got backdoor access, sigh), and even try to help him figure it out, as I own my own legitimate, paid-for domain, as he empties one account out (luckily he didn't get to the rune mule I was logged in on or I'd really have nothing left to my char's).
In the end, after a lot of name calling, and hindsight of "I should have known better", I do some digging.
Apparently, to get that domain name under 1x.net, he had to register at least some legit info - or has compromised someone's account there.
the 1x.net WHOIS returned a name, address (in canada!), and an email address.
Using that I was able to track down an apparent facebook of the guy (or at least someone of the same name, claiming to live in the same city).
Now all that's left is what to do.
First I'm going to try to verify that domain name was him, and not a compromised account.
Presuming that gets done, I'm taking suggestions on things to do -- and yes, ordering pizzas to that address is the bare minimum.
Why do we park in a driveway, and drive on a parkway? - Gallagher