Thread Tools Display Modes
07-03-10, 08:06 AM   #1
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Accounts hacked.. Banned... Cry...

I never thought it would happen to me. Never. I am an IT professional. I don't visit disreputable websites. I don't download torrents. I don't use hacked or cracked software or run key generators.

6 years of toons on 2 accounts gone overnight.

What worries me the absolute MOST is I don't know how it happened, so I don't know how to prevent it from happening again. My password was an odd string of characters.

I know we have all heard stories like this before, and probably most people sneered thinking - "you did something wrong". Well, if I did, I certainly don't know what it is.

This is very upsetting. It is like a "violation" of my personal space really. Sure it sucks that even if I get "some" of my characters back I probably won't get everything. Sure I lost close to 100,000 gold, which may not be much now, but it was earned pre-Lich King for the most part which makes it a little harder.

Thanks for reading my rant. I can't bring myself to play the 1 of my 2 accounts that is still not "banned" for gold selling - just looking at all those level 1 bots on all those realms makes me sick. Names like "wjkeeksdsdfd" and such - ugh it hurts.
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
07-03-10, 08:48 AM   #2
Taryble
A Molten Giant
 
Taryble's Avatar
Join Date: Jan 2009
Posts: 811
Oh, ouch man! That sucks. I thought the same thing before I got hacked - programmer, general geek, been using a computer since '85, yadda yadda. Arrogant about it, no virus scanner, no adbot scan, etc. Logged on one day to find an authenticator attached to my account, and all the gear from my 3 80s, my 70, and my personal guild bank gone. Changed my password immediately, downloaded a virus scanner and adbot-search-and-destroy, then called Blizzard.

Thankfully, I hadn't been used for gold-selling. Maybe they'll reinstate if you call and talk to them?
__________________
-- Taryble
  Reply With Quote
07-03-10, 09:25 AM   #3
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Thanks man - we will see. One of the accounts was banned for having a "possible keylogger". One was banned for gold selling - this was a defunct account I was not paying for that was at the BC level - they upgraded it to Lich King trial and starting gold spamming.

I do have one account that seems stable - of course all the characters, loot, etc are gone.

I just did a Spybot Search and Destroy - nothing found at all.

I hope they can get my stuff back. So many toons. Maxed fishing. Maxed cooking, engineering, enchanting - omg who wants to do THAT again lol.

AAAARGH!

Which makes me wonder - WHY did I link them to ONE battlenet account? At worst ONE account would have been compromised - now I have all three. Battlenet - not sure I am liking this now.

I ordered an authenticator - maybe that will help - if I can stomach coming back to the game.
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
07-03-10, 09:50 AM   #4
Gristadar
A Wyrmkin Dreamwalker
 
Gristadar's Avatar
Join Date: Nov 2005
Posts: 57
just a fyi, if you used the remote ah, people are getting hacked even with authenticators if they used the remote ah and then there phone was hacked, happened to some1 I know. blizz the last I heard has suspended the remote ah
  Reply With Quote
07-03-10, 10:57 AM   #5
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Originally Posted by Gristadar View Post
just a fyi, if you used the remote ah, people are getting hacked even with authenticators if they used the remote ah and then there phone was hacked, happened to some1 I know. blizz the last I heard has suspended the remote ah
Thanks for the info - no I have not loaded that. I tried calling - they have so many complaints at the moment their queue is CLOSED.

So - I email them. I logged into the one working account I have, created a new character, and submitted a ticket. I changed the email address account. I changed the password. I have run 5 different spyware / trojan hunter programs and nothing has come up.

I guess I wait. If I have to start over - I am willing to take suggestions as to what US PvP server I should start over on. UGH UGH UGH I am not looking forward to starting from zero. I have not had to worry about startup gold for an alt for 6 years lol - I don't know what it is like to not have money for bags and spells lol. I guess it will be a good experience ?? Who knows. I love the game and enjoy it. I guess I will start a hunter again - those seem to level the fastest. Or a DK I guess since they start at 55.

Can you hear the "whine" and "whimper" in my typing? Waaagh! Lol...
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
07-03-10, 11:04 AM   #6
viking355
An Aku'mai Servant
 
viking355's Avatar
Join Date: Apr 2009
Posts: 31
Just take it back, REset comp, And hope for it to never happen again, no neec crying about it.
  Reply With Quote
07-03-10, 11:11 AM   #7
PurpleWedgie
An Aku'mai Servant
Join Date: Nov 2005
Posts: 33
Originally Posted by Flarin View Post
Thanks for the info - no I have not loaded that. I tried calling - they have so many complaints at the moment their queue is CLOSED.

So - I email them. I logged into the one working account I have, created a new character, and submitted a ticket. I changed the email address account. I changed the password. I have run 5 different spyware / trojan hunter programs and nothing has come up.

I guess I wait. If I have to start over - I am willing to take suggestions as to what US PvP server I should start over on. UGH UGH UGH I am not looking forward to starting from zero. I have not had to worry about startup gold for an alt for 6 years lol - I don't know what it is like to not have money for bags and spells lol. I guess it will be a good experience ?? Who knows. I love the game and enjoy it. I guess I will start a hunter again - those seem to level the fastest. Or a DK I guess since they start at 55.

Can you hear the "whine" and "whimper" in my typing? Waaagh! Lol...
My daughter was hacked a few weeks ago (on a MAC even) but got everything back eventually. Bliz will take care of you, but it might take a week or so.
  Reply With Quote
07-03-10, 11:21 AM   #8
Jzar
A Chromatic Dragonspawn
 
Jzar's Avatar
AddOn Author - Click to view addons
Join Date: Jun 2007
Posts: 158
I'm sure you'll get your old toons back, but if you DO have to (or decide to just for a change of pace) start over, you're welcome to Spirestone Horde. I've got every professions maxed, I'll take care of your bags and spells and mounts and stuff, kind of give you a leg up man.

That sucks horribly!
  Reply With Quote
07-03-10, 11:38 AM   #9
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Originally Posted by Jzar View Post
I'm sure you'll get your old toons back, but if you DO have to (or decide to just for a change of pace) start over, you're welcome to Spirestone Horde. I've got every professions maxed, I'll take care of your bags and spells and mounts and stuff, kind of give you a leg up man.

That sucks horribly!
Very kind of you - we'll see how things work out - if I have to start over I may pay you a visit.
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
07-03-10, 12:45 PM   #10
Cairenn
Credendo Vides
 
Cairenn's Avatar
Premium Member
WoWInterface Admin
Join Date: Mar 2004
Posts: 7,134
Flarin luv, I feel for you, but take it easy sweetie, you'll be fine. My daughter was hacked a few weeks back too (yes, even us), and she got everything back. It'll take time, but you'll get it all back. Hang in there. *hug*
  Reply With Quote
07-03-10, 01:05 PM   #11
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Originally Posted by Cairenn View Post
Flarin luv, I feel for you, but take it easy sweetie, you'll be fine. My daughter was hacked a few weeks back too (yes, even us), and she got everything back. It'll take time, but you'll get it all back. Hang in there. *hug*
Thanks Cairenn! It is really strange - you think you protect yourself and somehow they get you. I really didn't click any of those phising emails, and I don't violate the ToS, but they still got me. Just makes me wonder if it was a different thing that got hacked - maybe my email address is compromised or something.

I did notice that the criminals tried to reset my password every time I changed it - since I changed my battlenet email address that has stopped. I keep logging in every hour or so to make sure my account is secure.

I am sure it will work out - but it does put a damper on my playtime for sure.
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
07-03-10, 01:07 PM   #12
ricks322
A Chromatic Dragonspawn
AddOn Author - Click to view addons
Join Date: Jun 2009
Posts: 154
Sounds like the hackers are finally getting around to using the accounts they got from the 'hole' in flash.


A good time for EVERYONE to change passwords.


I know I will right now....
  Reply With Quote
07-03-10, 01:25 PM   #13
Flarin
A Frostmaul Preserver
 
Flarin's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2006
Posts: 290
Originally Posted by ricks322 View Post
Sounds like the hackers are finally getting around to using the accounts they got from the 'hole' in flash.


A good time for EVERYONE to change passwords.


I know I will right now....

THAT - is definitely a possibility for sure. Can't hurt to change email addresses - they kept resetting my password every 10 minutes or so until I finally changed it. Drastic sure, but since I changed my email address it has stopped.
__________________

"I will crush and destroy and...ooo...shiny..."

  Reply With Quote
07-03-10, 04:34 PM   #14
ravagernl
Proceritate Corporis
Premium Member
AddOn Author - Click to view addons
Join Date: Feb 2006
Posts: 1,176
I have 9 real life friends, 6 of them studying IT at university. Two of them are writing for their final year about viruses and Trojans together.

3 of them have been hacked quadriple times(the ones that do not study at our uni). I believe that's as crazy as it could get.

I was hacked twice in the past. Once in the pre TBC era, when I was stupid enough to try... let's say blizzard would think it's against the TOS . And once last year. After that I bought an authenticator.

1. Change password to a different, non-repeating(use the password once, and never use it again after) password every week.
2. Change email address every half year.
3. Follow security updates from microsoft and/or apple.
4. Use an authenticator, and not an authenticator for blackberry/iPhone.
5. Buy a mac if you are really desperate(yup, that did work for me and my friends. Offcourse I also needed it for other purposes as well).
  Reply With Quote
07-03-10, 04:52 PM   #15
sacrife
An Onyxian Warder
 
sacrife's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2009
Posts: 384
Or. Get Noscript for firefox
__________________

  Reply With Quote
07-03-10, 05:21 PM   #16
LittleWhiteDove
A Cobalt Mageweaver
 
LittleWhiteDove's Avatar
Join Date: Feb 2005
Posts: 227
Changing your email address was an excellent idea. My husband was getting the blizzard type spam (two or three a day). He changed his battlenet account email and added an authenticator. The next day he got an email (at the old email address) advising him that someone had changed his authenticator. The message looked like it was from Blizzard but it was not. Obviously they had been trying to hack his account at the old email address and when he changed it they couldn't track the new email address. We now have disposable email addresses that we can change at random times along with the authenticators and much more complicated passwords than before.

You will get your stuff back. Blizzard is very good about that.

Hang in there - things will get better.
  Reply With Quote
07-03-10, 05:24 PM   #17
Si_
A Fallenroot Satyr
 
Si_'s Avatar
AddOn Author - Click to view addons
Join Date: Jul 2007
Posts: 23
Originally Posted by sacrife View Post
Or. Get Noscript for firefox
Yeah I dont know if I could live without Noscript anymore lol.

But seriously, My mums account got hacked and banned a few weeks ago, it was on a week old installation of Windows with a virus scanner etc installed, personally I think they got her login info from someone else who knew her info but I wont bother going into that now.

I changed the password and stuff for her and she emailed blizz, the account was restored within 2 days, luckily nothing had been stolen, I'm assuming because her highest character was 71 and didnt really have anything valuable.

My point is, you should get your account back no problems, It was not you who did all the stuff that got it banned, and I bet blizzard knows that, they'd have logs etc.
  Reply With Quote
07-03-10, 05:44 PM   #18
sacrife
An Onyxian Warder
 
sacrife's Avatar
AddOn Author - Click to view addons
Join Date: Mar 2009
Posts: 384
Keep us updated though, this turned out to be an interesting story
__________________

  Reply With Quote
07-03-10, 06:04 PM   #19
zoktar
A Cliff Giant
AddOn Compiler - Click to view compilations
Join Date: Dec 2006
Posts: 72
recently, like 3-4 weeks ago. there was a nasty java based exploit that allowed arbitrary files to execute.
ei, you could insert a keylogger via it, most people have java installed for web browsing. or it could of been any other microsoft applications that are riddled with arbtirary file execute vulnrability, including internet explorer, windows media player, msn, outlook, and service features such as remote desktop, and some other crap services that most ppl dont even use but are enabled by default to run in windows installations, i have no clue why really. im not 100% bout how the java exploit worked but im guessing since it starts up as soon as u visit a page with java it stays on even after you close your webbrowser, i think it was possible to connect to it at that point and run stuff remoteley "execute arbitrary files" but im not sure. so basicly all they need to know is your ip address and that your java has "loaded" to implement the exploit. same type of exploit existed/exists for windows media player. if i where u id look for a guide to disabled all unneeded services, if ur using java on webpages, kill it when ur done, (tho it has been fixed with update now, but it doesnt nessesarly update automaticly, i atleast had to update it manually). i dont reccomend using windows media player, outlook or internet explorer, id reccomend using windows media player classic, has no server based functions far as i know. or the video lan player, wich plays everything out of the box really. basicly beware of any applications/services that have server type functions. for these type of exploits atleast.

there are sites that keep an update on "all" new incomming exploits, could be worth finding a good one (dont have one atm), and keep an eye out for exploits wich allow arbitrary code to be executed.

owh i forgot, flash also had this type of exploit recentlyish, so update that aswell.
also i remember some java related crap was loaded even without it being "loaded".
hope that helps.
sry for the wall of text

Last edited by zoktar : 07-03-10 at 06:25 PM. Reason: corrected a thingy
  Reply With Quote
07-03-10, 08:39 PM   #20
Ither
A Firelord
 
Ither's Avatar
AddOn Author - Click to view addons
Join Date: Apr 2009
Posts: 497
I think it's funny. I have several masters degrees and a doctorate in Tech; I've never been hacked. Hell I don't even run anti-virus.

You guys have bad juju or something. Stay away from me!
__________________
  Reply With Quote

WoWInterface » General Discussion » Chit-Chat » Accounts hacked.. Banned... Cry...

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off