Thread: Guess what... my account was hacked.
View Single Post
06-09-09, 03:15 PM   #24
Tristanian
Andúril
Premium Member
AddOn Author - Click to view addons
Join Date: Nov 2007
Posts: 279
Originally Posted by derailed1973 View Post
I just bought a new computer, reactivated my account after about a year of not playing, downladed WOW and got on this web site and downloaded quest helper. Guess what your addon has a keylogger attached to it, thanks alot. And yes I was able to trace it back to the addon. I was able to play Friday and my account was hacked and switched to battle.net by Saturday. It was fun getting my account back, petitioning for a restore, cleaning out my new computer, and apologising to my guild mates for someone robbing the bank. From now on I think everyone should steer clear of this asian scamming site.
The legitimate version of Quest Helper, also hosted on WoW Interface (among other websites the author has explicitly authorized to host the addon) is free of executables or any kind of file that would resemble a keylogger. Files approved for download on WoW Interface are checked "by hand" by a few select and reliable individuals. If you downloaded Quest Helper (or at the very least a file claiming to be Quest Helper) from an unsupported or otherwise unauthorized website, where the author did not opt-in, then it is very likely that your computer was compromised.

As far as pure addons go, I will just quote honem :

Your average run of the mill addon can not log your keys or steal your login and password.

An addon consists of a few text files , some images and some sounds maybe.

They operate in a sandboxed environment so hence have no access to the outside world , can't email anything , can't send anything any where and don't even have access to your hard drive. They can read in from the saved variables and write out to the saved variables at logout/game exit but even that's limited (afaik they can't even name the file).

Also they load after you've already logged in. So even if they could send it somewhere they wouldn't have the information to send as that authentication information's gone by the time they get loaded.
Some friendly advice :

1) Never trust random links pointing to X addon on Y website you've most likely never heard about.
2) Always check (and double-check), what is it that you are actually downloading, claiming to be a WoW addon. Run a virus scan and/or a malware scan on it, if possible. Obviously official site "updaters" are excluded from this, in case you decide to trust them.
3) Never, EVER (and I can't stress this enough) run executables on your machine, claiming to be even "installers" for popular addons.
__________________
Last edited by Tristanian : 06-09-09 at 03:24 PM.
  Reply With Quote