Originally Posted by Vyper
While many virus scanners (Avast, McAfee, Norton, ect) and spyware scanners (ad-aware, spybot) will detect KNOWN keyloggers, there is no program that will detect ALL keyloggers. Even if your scan came back clean, that doesn't always mean that you aren't compromised. That said, your account being hacked does not necessarily mean that the information came from your computer either. There are millions of brute-force (guess a login-name/password and hope it works) attacks against the Blizzard servers every day. You may have just been unlucky (a weak password is usually associated with a brute force attack, if your password appears in the dictionary, or is a l33tized version of a dictionary word, it's weak).
Don't feel you have to take our word on why addons cannot steal your password, feel free to research around, there is plenty of information available on how addons work. I'll start you here:
http://www.wowwiki.com/AddOn_loading_process
In other words, our code doesn't get to run until well after you have logged in.
There are two reasons people commonly think addons are associated with a hacked account.
One is what you experienced. "I just installed this addons, and my account got hacked, it must be the addon" (Yes I recognize you aren't saying that but you get my drift). The problem with this logic is that with 10 million players, some will get their account hacked shortly after installing an addons. A few post, and there you have it.
The second is a bit more devious. I spent some time working on QuestHelper. During the time I was working on it, we started seeing sites out there claiming to host QuestHelper. When users downloaded these files, they'd find executables, which of course the sites would tell them to run (usually claiming it was an installer, which QH has never had). They were indeed installers, but not for QH (though the more clever ones installed it as well). Naturally, these people, never realizing they have been duped, then blame QH for installing keyloggers on their system. Many of the more popular addons have had a problem with this, the most common being recount.
All in all your best bet is too download addons only from this site. The WoWI team is extremely dedicated to keeping the content here safe, and they do an excellent job. Somewhere around here is a description of exactly what testing new submissions go through before they are allowed on the site, but I'm afraid I don't have that link for you. Suffice it to say it's quite rigorous.
Wall of text FTW!  |
Lol, well thank you for all the info. I know for sure, that my password is unguessable. No matter how well you know me, so im not worried about that.
The only reason i thought that it might have been the interface is just because when i informed blizzard about the situation they sent me a few quotes from their TOU and one mentioned non-authenticated third-party interfaces possibly compromising your account security. i just paired that up with the fact that just recently i downloaded the NUI interface. But, it was just an idea. Which is why i came here to ask you guys.
And as far as the executables you mentioned in some of the addons, i have quite a few, questhelper being one of them. Should i go ahead and clean all that off, and re-download from this site? Just to be safe?