My WOW Account Was Hacked

[Pyrophoric]

Originally Posted by daffybint I also had my account hacked in August of last year and it totally put me off playing for a week. There did not seem to be any point in playing to get nice gear only for someone to sell it all and transfer the money to another toon. I bought myself an Authenticator from the Blizzard European store the moment they became available and it was wonderful. Until that is, one Friday evening at 5:30 UK time. I got home from work, switched on my computer went to log into wow and on the Authenticator code screen, pressed the button on the unit to generate the code and nothing happened. Pressed again several times only to find out the unit was dead. Tech support was closed and i had to wait the whole weekend without wow to contact Blizzard to get my the Authenticator removed from my account. This took over 3 weeks to get removed as i had to send in proof of the Authenticator code, the original WOW code registered to the account (i had loaned it to a friend to get them interested so had to wait 3 days for them to bring it back in) and a copy of my passport to prove it was me. I understand that the Authenticator is designed with increased security in mind, but when they do not ask for this information to add the unit to your account, how can they confirm you were the one to add it in the first place. My unit (5 months later) now shows a software error on the display but Blizzard will not replace it as the warranty period is only 1 month. The unit died 3 months after purchase. Much as i like the idea, i am worried that if someone buys an Authenticator, then hacks an account and adds the authenticator to the hacked account it would be near impossible for the original owner of the account to get it back and the Authenticator removed due to the hoops Blizzard makes you go through. Even after my "bad luck" with the Authenticator, i still love the idea of the iPhone / iPod app and once available in the UK will consider purchasing one, due to it not relying on its own battery power. I was advised by Blizzard, that the best way to keep your password safe and secure from the Keyloggers, is to have a txt document of some description (Word / Notepad) with the password stored in it and copy and paste the password each time you go to play. All the key logger gets is Ctrl+C and Ctrl+V. I hope this does not put you off buying the Authenticator as i truly believe that it is wonderful for those that want the extra security, but i just wanted to share my experience of what can potentially happen when things go wrong. Simon

Three weeks seems insane. That's just about long enough for me to become uninterested again. By the time it would be fixed, I would be off playing something else and not return for 6-12 months.

I am nervous about being hacked myself. When I put so much time into something, I want to protect myself. However, I still don't understand how people are being hacked all the time.

If you stick to a set list of addons and dont follow any weird WoW links, how can you get hacked?

[p3lim]

I got hacked last night (around 21:00 Paris time).
Now im unable to do anything, he/she changed my mail, pw, everything, even removed my account from the battle.net account I own.

Blizzard doesnt answer my mail, gm's don't belive my guild mates, the phone numbers to the norwegian blizzard support seems to be dead.

Ive already removed the keylogger I found on my harddrive though, and Ive ordered an authenticator.

In other words, no more updates of my addons in a while.

[Cairenn]

Ugh p3lim, that sucks!

[Pyrophoric]

Originally Posted by p3lim I got hacked last night (around 21:00 Paris time). Now im unable to do anything, he/she changed my mail, pw, everything, even removed my account from the battle.net account I own. Blizzard doesnt answer my mail, gm's don't belive my guild mates, the phone numbers to the norwegian blizzard support seems to be dead. Ive already removed the keylogger I found on my harddrive though, and Ive ordered an authenticator. In other words, no more updates of my addons in a while.

Sorry to hear that.

Do you know how you got the keylogger?

[Maul]

Originally Posted by p3lim I got hacked last night (around 21:00 Paris time). Now im unable to do anything, he/she changed my mail, pw, everything, even removed my account from the battle.net account I own. Blizzard doesnt answer my mail, gm's don't belive my guild mates, the phone numbers to the norwegian blizzard support seems to be dead. Ive already removed the keylogger I found on my harddrive though, and Ive ordered an authenticator. In other words, no more updates of my addons in a while.

Sorry to hear that

As far as how, some anti-virus companies don't regard gaming related viruses as anything high priority. Viruses that can affect finances or financial loss due to downtime, business or personal, is what they focus on. My first recomendation is to get a gamer-friendly AV program. AVG, Avast! and Malwarebytes are a few (I use Avast! myself)

However, hackers also push hard on the phishing side of things. I use [email protected] as my public addon support email. It gets hammered with phishing attempts. My WoW accounts are associated with an email I mainly use for personal stuff, like friends and family. The phishing attempts are quite good on the surface. They appear to be legit Blizzard emails saying your account is about to be closed and you better log in at some bogus link to enter all your info to verify your identity. The first time I got one of these phishing emails I almost took the bait until I realized that the email was not sent to my WoW account one. Blizzard always emails your regestered email.

The business of hacking accounts is very large. It is an industry, not by some unscrupulous geeks who get a thrill of beating security, but by low life get-a-buck-by-any-means people. It is an underground industry that attacks on many fronts. You know those illicit gold selling and power leveling services. They get their invetories from hacked accounts. People may remember when WoW began, they were in-game farmers. Not really true anymore. They now hack accounts and sell the gold back to the players. And if you buy from them, they will leverage what info they know of you to try and hack your account.

Sorry about the wall of text Just trying to give some info on how this happens. It happens because 1) The hackers are very, very aggressive. 2) Some of the popular AV software out there is slow to ID gaming-targeted viruses. 3) Players unwittingly give away account info, complete or partial.

All I have to say really is get an authenticator. If you have an IPhone, you can get a free one as an IPhone app. Otherwise the cost of the authenticator is minimal compared to the experience of being hacked.

[Xrystal]

Originally Posted by Pyrophoric Three weeks seems insane. That's just about long enough for me to become uninterested again. By the time it would be fixed, I would be off playing something else and not return for 6-12 months. I am nervous about being hacked myself. When I put so much time into something, I want to protect myself. However, I still don't understand how people are being hacked all the time. If you stick to a set list of addons and dont follow any weird WoW links, how can you get hacked?

That was how long it took for blizzard to fix one of my guild mates that had got hacked. In his case they emptied the guild bank (he was an officer), his own bank on each character, then transferred them all to another server. It understandably took them awhile to track it all down. But within a week of that happening 2 other officers also got hacked. The common denominator were they were officers and used wowmatrix. Blizz suggested not using it so everyone in guild stopped using it and ordered the authenticator. Wow matrix came back into play a while back now but they now know to come to the sites themselves and we haven't had a hack attempt since ... that we are aware of.

[Pyrophoric]

That sucks, well at least things we fixed after time.

Went ahead and bought my authenticators.

[Yhor]

Originally Posted by Maul Sorry to hear that As far as how, some anti-virus companies don't regard gaming related viruses as anything high priority. Viruses that can affect finances or financial loss due to downtime, business or personal, is what they focus on. My first recomendation is to get a gamer-friendly AV program. AVG, Avast! and Malwarebytes are a few (I use Avast! myself) However, hackers also push hard on the phishing side of things. I use [email protected] as my public addon support email. It gets hammered with phishing attempts. My WoW accounts are associated with an email I mainly use for personal stuff, like friends and family. The phishing attempts are quite good on the surface. They appear to be legit Blizzard emails saying your account is about to be closed and you better log in at some bogus link to enter all your info to verify your identity. The first time I got one of these phishing emails I almost took the bait until I realized that the email was not sent to my WoW account one. Blizzard always emails your regestered email. The business of hacking accounts is very large. It is an industry, not by some unscrupulous geeks who get a thrill of beating security, but by low life get-a-buck-by-any-means people. It is an underground industry that attacks on many fronts. You know those illicit gold selling and power leveling services. They get their invetories from hacked accounts. People may remember when WoW began, they were in-game farmers. Not really true anymore. They now hack accounts and sell the gold back to the players. And if you buy from them, they will leverage what info they know of you to try and hack your account. <snip>

My friend's kid got hacked the other day, so I ask what he did to get hacked. His answer was "it must have been some addon site or something". I explained how unlikely that is, and asked for permission to "check for viruses"... I was allowed and the first thing I did was check his browser history. I found several of the gold-farming addresses and power leveling services in his browser. Then I asked if he used the same or a similar password... well you know he said no. He reversed it, meaning his username was his pass (they had his email from registration), and all they had to figure out was his real password. With the right program, brute force is pretty easy given a few known variables.

Avast found nothing malicious though, as well as Kaspersky. I can't say with 100% certainty that he was hacked from brute force, but it certainly seems like that to me.

So my day was given cheer for having someone to call noob and laugh at, irl. Don't buy gold, people, it really doesn't get you ahead at all (and this is not an accusation or a generalization towards those who have been hacked, it's only one experience that is probably not isolated at all).