Guess what... my account was hacked.
 

Yes it is true, my account was hacked. I know how too. I installed an add-on via wowmatrix and I guess it had a key logger on it. The add-on's name is Skada. Do not use this add-on or some guy named Harry will get your account information. He stole my account by; First creating a battle.net account, changing my password, then finnaly merging my wow account with his battle.net account. I have already contacted blizz on the subject but they have not emailed me back yet as of June 9 2009. I don't really see the point in hacking a game other than to piss someone off. I do have a couple of high lvl characters, but none of them are at max lvl. I searched the WoW armory and I saw that my chars. still have their items but we shall see if that remains the issue. What suks the most is that I will not be playing for the next couple of months and I can't even log in to cancel my subscription. So unless this problem is resolved by June 12th. 2009 this guy will be playing my chars for free for about 2 months. Anyone know ways to hack my account back? Well I'll look on the bright side and maybe when I get back from deployment and then I resolve the issue I'll have some 80's and better gear when I get it back, ha ha. Thanks.

Also, of course, I deleted Skada. I will also ask my guild mates to keep an eye on my chars. I have a friend in real life who is also in my guild in the game. I'm coming for you Harry.

paint4blood, it may not have been wowmatrix or skada. Don't point fingers unless you have incontrovertible proof to back it up, please. Not fair to ruin someone's reputation when you don't know for sure. :)

If you were keylogged, it could have been as long as six months ago. They almost never hit an account as soon as they get the info. It usually takes at least a couple weeks. It could very well have just been a brute force/dictionary hack, too, no keylogging involved at all.

You need to contact Blizzard's Account Support department to get the ball rolling on getting your account back. Then you need to run virus and malware checks on your system, to make sure it's clean.

Would you mind explaning the dictionary hack?

Nvm I googled the hack and I know what it is. My cousin has this hack, called rainbow, but he uses it for legitamit reasons, he even got a medal when the program did all the work.

Rainbow tables and dictionary attacks are completely different.

Rainbow tables decipher a hash, whereas a brute force dictionary attack uses plain text in an exhaustive array.

I completely agree with Cairenn, don't spread slander against a talented addon developer if you don't have hard evidence.

Well what would you think if your account got hacked right after you downloaded an add-on. Not everyone fully understands how hacking works, I sure as hell don't.

Only an idiot would hack ur account as soon as you run a keylogger.
They usually wait a few hours or days at least, so you are unsure when/where it happens etc.

Spreading false rumours without ANY evidence is just epix fail.
Get evidence then try to ruin his name.

Both Shyce and Cairenn are completely correct. Another thing you should consider before blaming an addon is that no addon developer in his right mind would include a keylogger or password hacker in his addon. Do you know how quickly and easily that would be discovered in the WoW community? All addon source code is easily and often read by thousands of lua programmers all the time.

Easy guys, he wasn't deliberately trying to ruin their name, he was just trying to warn people about something he experienced (but was attributing incorrectly). There wasn't any malicious intent that I read in his post, just ignorance (in the actual meaning of the word, not the slang usage).

I realize you were upset... a friend of mine got hacked last week and I think it was through an email phishing scam. It's a pretty painful experience. But not understanding how these things happen is exactly why you shouldn't make accusations like that. If you don't understand it, then ask... don't accuse. Reread what you said about Skada, which is an excellent damage meter by the way, written by a good programmer in very clear, understandable and efficient code. I can guarantee you Skada isn't your problem.

what to do
 

call Blizz account services at 1-800-592-5499 they will lock out your account, reset your password and restore anything that might have been stolen from your chars, usually within a week or two. Your job is to secure your computer with anti-spyware and not tell anyone your password.

On a side note, after you get your account restored I'd highly recommend either buying an authenticator, or if you have an iTouch or iPhone, downloading the authenticator app. It's nearly fool proof for protecting your account from hackers, although it is a tad bit annoying to deal with. Personally, I love the added account protection.

Thanks for sharing. It's great.

simulation credit

QFT


[Important] Key-Loggers and Computer Security:
http://forums.worldofwarcraft.com/th...78038509&sid=1

Account Compromise Info Center:
http://forums.worldofwarcraft.com/th...73308319&sid=1

Account Retrieval Tips and Suggestions:
http://forums.worldofwarcraft.com/th...62836524&sid=1

Bliizard Authenticator

It's free if you have an Iphone or Ipod, and only $6 with for the physical keychain version with shipping. Peace of mind for only six bucks? Count
me in.

I'm very sorry to hear that your account was hacked. That's never fun, and as you had high level toons (level cap or not), I can empathize with how that my feel like a lot of lost time and work.

As much as I would love to pick up the anti-WM banner with you and march on a crusade, I feel I should inform you that during my entire time using WM, I never picked up keyloggers. I am not the only WM user who has enjoyed being hack-free during my time. I know that personal experience doesn't exactly count as incontrovertable proof in WM's favor, it should at least be a reason to count WM out of the list of variables that led to this unfortunate event.

The other thing I wanted to mention (more in the nature of waving my anti-WM banner) is that knowing their "hosting" practices as I have come to understand them, I highly doubt that an add-on that "originated" from WM would have a virus. In Skada's case, it's one of the many add-ons WM nabbed from another site. I can't tell if it was nabbed from Curse or WoWI, but Skada is hosted on WoWI, and WoWI wouldn't keep an add-on if it was dirty. That should help you pull Skada out of the list of variables.

Again, I'm very sorry to you for the situation. I wish you all the best in getting it back. Oh, and... welcome to WoWI! :D

/hug
/soothe
/luck

Likewise, neither would Curse nor WoWUI.Incgamers (I wish they would get a more distinct name for that site as WoWUI is too close to WoWI). The "Big Three" do not tolerate "funny files" in the AddOns they offer for download.

simulation rachat de credit

this is a very interesting post. thanks for sharing :banana:

I apologise if this has been addressed in the thread before but....

Your average run of the mill addon can not log your keys or steal your login and password.

An addon consists of a few text files , some images and some sounds maybe.

They operate in a sandboxed enviroment so hence have no access to the outside world , can't email anything , can't send anything any where and don't even have access to your hard drive. They can read in from the saved variables and write out to the saved variables at logout/game exit but even that's limited (afaik they can't even name the file).

Also they load after you've already logged in. So even if they could send it somewhere they wouldn't have the information to send as that authentication information's gone by the time they get loaded.

Finally there's never been any concrete proof that wowmatrix has any keyloggers in it. When I say proof I mean a packet sniffer / network report showing authentication data being passed to a non blizzard domain.