Near-instant account breach
I installed Minion last night, updated a few addons, logged in and out of WoW and went to bed. This morning, my battle.net creds were cleared, all of my toons had been logged into and my account was on temporary ban. Checking last login times indicates that it was less than three hours after I installed and used Minion. I'm livid. I should note that I would be less willing to point fingers if this hadn't happened on a fresh windows install on which I have only installed Symantec Endpoint, Firefox, WoW, Curse Client, and Minion. Everything else was installed over a week ago. Seriously, what the hell is going on here?
|
Quote:
|
You most certainly did not get infected by using Minion. That's a guarantee.
I find it hard to believe that wow hackers will change overnight.. they have never hacked a wow account via a freshly infected machine. Keyloggers have always sat on an infected machine for several months before an account gets hacked into. |
I would agree with Petrah, generally if your account info is stolen, you don't know about it until some time later.
Either this is a case of coincidental bad timing (e.g. your info was stolen 6+ months ago and thye only JUST used the info and now to you it looks like something other than it is.); or this was some kind of very personal attack in which case you may want to look more closely at someone who may have had access to your pc, your wifi, or check for any physical key-loggers plugged into your machine. And of course, contact Blizzard support A.S.A.P. and let them know what happened, and make sure you have changed your password. |
Quote:
|
Quote:
HOWEVER. The last thing I did before all of this happened was install minion. 3 hours later, boom, account hack. |
Quote:
dont download third party programs. unless you know fer sure where its coming from. http://forums.worldofwarcraft.com/th...32280066&sid=1 http://forums.wow-europe.com/thread....02690401&sid=1 |
If you need to prove that Minion got your account credentials sent to someone else, you can go and open up the .jar files in a zip file manager(they are actually zip files renamed to .jar), and read through the code.
There is no way Minion gained your account credentials. Ask any java programmer, they will tell you the same. Unless you downloaded Minion from a different site other then minion.mmoui.com, that is. |
Make sure to update your flash and adobe acrobat reader. Right now most keyloggers are taking advantage of people who have the older versions with the exploits to get their keylogger to you. Some hacked sites will start a pdf download that is infected, others display infected flash ads or site elements. So I would go to adobe.com and update flash and reader asap.
Also Minion will never have you enter your wow account login info. Heck it doesnt even run when WoW is running. Like others said its java and you can look at the source code your self. Make sure your virus/malware scanner is up to date and do a full scan. If it finds anything post all the information here so we can help you figure out where it came from. Update: The latest scam going around is this: http://www.wow.com/2010/03/31/new-sc...gets-launcher/ |
If you had a fresh install of Operating System ,WOW and other addons...Then I would look deeper into your old comp for the hacking code,Virus or keylogger...
|
Did you change your password before reinstalling your OS?
It is rare that account data is acted upon immediately. Often times there are month-long gaps or more before your account is actually broken into. Changing passwords frequently goes a long way to act as a stop-gap. I find it extremely unlikely that any program you installed would lead to your account being compromised overnight. That being said I'm looking into the integrity of the components. |
Quote:
The only other pc I have every used for WoW is my mac. This is my work computer and it is so aggressively locked down, it's laughable. Process scans have turned up no keyloggers. Also, I have never shared any information on anything with anyone and have never corresponded about my account online, even with Blizzard employees, until today. Taking all this into account, I find it more than an odd coincidence that I install this software and suddenly I am hacked. Also, I should note that MMOUI minion does have a creds page in the options. I filled this in. Update: I should also note that, despite suggestions to do so, I can't look at any of the minion source code because I wiped it, Curse, and my WoW install off of the PC. I'm not planning on putting anything else on the PC for a while. Update 2: My account was reset at the battle.net level prior to any unauthorized access. I'm not sure if this is somehow significant. |
Quote:
|
Quote:
|
Shirik is going over the source code on our server. However we haven't received any other reports yet. Also malware/virus scanners would detect most keyloggers if one was some how embedded in the software.
From the information you've given to me its either you were keylogged before your os re-install and since your login cred was the same after your os install your logged info was finally used by them. Thus not being able to find anything on your end after. Or you were tricked to enter your login cred some where other than the real location (which i doubt since you seem fairly up on things but they can be tricky). Another possibility is if you use the same login/password on another site/game and that was compromised and they tried it on wow. I do agree that its strange that it happend just as you installed those above programs. But I think at this point its a big coincidence. Like I said Shirik is checking the source code of our app and we will let you know. None of the checks in place server side shows a breach in our security. |
Quote:
|
Quote:
|
Quote:
|
Quote:
|
Quote:
|
All times are GMT -6. The time now is 02:41 AM. |
vBulletin © 2024, Jelsoft Enterprises Ltd
© 2004 - 2022 MMOUI