Accounts hacked.. Banned... Cry...

[AxnJackson11]

I was just hacked last week and I sent blizzard an email and i got the automated response saying wait for a representative to contact me again. I've also tried calling but it says their queue is full. What can I do?

[Ither]

Originally Posted by AxnJackson11 I was just hacked last week and I sent blizzard an email and i got the automated response saying wait for a representative to contact me again. I've also tried calling but it says their queue is full. What can I do?

WTF... I haven't got hacked yet and I have an authenticator.. What are you guys doing to get hacked so much?!

[Cairenn]

As has been pointed out, there are numerous ways of having your account compromised and the hackers are working at it hard core. I'm glad for you that you have never been hacked, but please be a little more understanding and a little less condescending/incredulous/insensitive of those that haven't been as fortunate.

[voodoodad]

Originally Posted by Cairenn As has been pointed out, there are numerous ways of having your account compromised and the hackers are working at it hard core. I'm glad for you that you have never been hacked, but please be a little more understanding and a little less condescending/incredulous/insensitive of those that haven't been as fortunate.

What she said.

And...

The statistical chances of any one player's account being hacked are most likely very small. There are, after all, somewhere between 15 and 20 million players world-wide. Therefore if you haven't been hacked then you're part of the lucky majority. Having doctorates and masters degrees in the long run doesn't mean a thing. Most people who get hacked didn't "do" anything. Simply surfing the internet has become a dangerous proposition even when you're extremely careful and never click anything you think might be harmful.

In my opinion, saying a player "did" something that got them hacked is comparable (in an extreme way, I know) to saying a rape victim "asked" for it by wearing a short skirt.

[anahok]

Very one is going on about how bad Battle.net is or how they dunno how people hacked...

There's several things: if they know your Battle.net email, it's possible they hacked your email. Many people use email that isn't on their own server... If the server gets knocked into and some one comes across that information, etc., they could also, possibly, use that. Maybe there's an email somewhere some one forgot about -- I dunno... I know that, recently, a lot of people's Hotmails have been hacked and their accounts slaughtered.

In all cases I know of, I've heard the people fight for it, give over LOGS, have testimonials out, etc... They're usually more lenient after you buy an authenticator then pursue the fixing of your account, but that might just be because the people I know that got hacked were very persistent. haha

I really hope OP has the same luck everyone I know has had... Some one was labeled as a gold seller on their account recently for making 400k off of just AH transactions... It's a very hard thing to get your gold back. Just gotta be firm about it. <3

[MoonWitch]

If it makes you feel better:
IT Security professional here.

Got hacked, not a single evil trace on my machine, no shared data etc etc
Got everything back..
3 weeks later, same thing.

Blizzard told me to reformat my machine before unlocking my account. Told em I did, which I didn't. Got an authenticator and now - it's all ok.

Honestly, I strongly feel that at this point - quite a few of the hacks now are a marketing fear method to sell a tun more of those authenticators :P (Note: my account has been nicely safe for several months.)

[Sythalin]

Getting hacked sucks. One of our guildies had it happen while a bunch of us were online. He hopped into vent and let us know that if his toon was online that it wasn't him. The character was and our GM immediately /gkicked him to protect our bank while the rest of us threw in petitions on our buddy's behalf. It took a couple weeks, but he got his stuff back. I'm sure you will too.

[Flarin]

I really appreciate the kind words and - more than you all know - the honest stories of other people that have had this happen to. Of course I feel terrible that you were violated, but it does soften the blow a bit - I am not the only one.

Called my brother today - sure enough - he was hacked as well a couple weeks ago - he is in the process of getting everything back now. He had much more lost - T10.5 on 4 characters and 10s of 1000s of gold.

I waited on the phone for about 25 minutes before getting someone live. They said since I had put a petition in-game that the issue was escalated which is all he had the power to do. He was very polite and said he had helped 100s of people with the same problem in the last several DAYS.

I am now at the mercy of Blizzard - waiting for an email.

My brother's experience was 1st the accounts and characters came back. Then he had to petition for his gear which he is waiting for on 1 account, his other account everything came back in mail.

So I wait. I still have 1 account I can play on. Started a character and will just wait.

Authenticator will arrive next week - that seems to be the key to protection - if you do not have one - GET ONE. You cannot hide from the scammers forever.

[MoonWitch]

Flarin,

Don't despair. The 1st hack was in the weekend, on a saturday, I had all my stuff back about 5 hrs after I created a ticket

2nd time was a little slower, but I got a lapdance from the GM, so it was worth it. :P And the hacker got bumped offline mid herb farming. I had all the herbs left :P (Made about 1kg of the herbs the hacker farmed but hadn't been able to send off.)

[Sythalin]

You're welcome on Thunderlord (Alliance side). Few of us have Horde as well. Just started a hunter and lock on horde.

[Sepioth]

Sorry to hear of your troubles .. been there about 2 years ago.

Got an email saying my password was changed on my account. Was at work so logged into my WoW account on Blizzard and was denied because password was wrong. This was before battle.net and I did it through an iPhone

I immeditally sent a password request hoping to recoved but it failed several times ... stupid slow iPhone .

I was lucky though cause I immedietlly sent an e-mail to blizzard and they locked my account right then. Everything was safe on all my characters. After a few days of their investigations I was let back into my account.

While I was waiting I ordered one of the authentictors. BEST thing I could have done. These gadgets should be sent to EVERY WoW account for FREEE ... imagine the headaches it would prevent at the Blizzard call center.

If you want you can also get a mobile authenticator instead of the passkey version. It does the exact same thing for a small fee (free to iPhone/touch users)

Just don't worry too much .. it happens to the best of us.

Wishing you luck on a speedy recovery

[Bluspacecow]

Originally Posted by Gristadar just a fyi, if you used the remote ah, people are getting hacked even with authenticators if they used the remote ah and then there phone was hacked, happened to some1 I know. blizz the last I heard has suspended the remote ah

Citation please.

I know the remote AH service did go down at the last few days or so. There's also a sticky in the CS forums about paid services being down as something appears to be wrong with their payment system somewhere.

Bit off topic here sorry

[Bluspacecow]

Going to be multi-quoting a lot of these posts as I can see there's a few things I can add/ misconceptions I can clear up from my time on the Official CS Forums. Spending time on the official forums am I insane ?? Yes I think so sometimes

Warning this post is going to be extremely verbose as 1) I have a lot ot say and 2) I'm a verbose type of guy who enjoys explaining things as clearly as I can and 3) Please see my tag under my name over on the left there "Verbose energizer bunny" (at least until Caireen changes it)

Originally Posted by Flarin I just did a Spybot Search and Destroy - nothing found at all.

There are certain programs that are more effective then others for getting rid of keyloggers/malware.

Unfortunately some are about as effective slapping your computer with a wet napkin. The best advice here is to use several of them. I've never been comprimised so my best advice is to visit the CS forums for suggestions on exactly what to use.

My suggestions would be Avast & Malwarebytes as well as a scan with Combofix. Again ask around on the CS forums for the ones best to use.

Originally Posted by Flarin Which makes me wonder - WHY did I link them to ONE battlenet account? At worst ONE account would have been compromised - now I have all three. Battlenet - not sure I am liking this now.

Concerns about consolidation aside the real advantage of battle.net is you are now able to easily change your login name. All you need to do is change the email address and the email you use to log into wow changes. Takes seconds.

You were not able to do this with the old security system.

Originally Posted by Flarin THAT - is definitely a possibility for sure. Can't hurt to change email addresses - they kept resetting my password every 10 minutes or so until I finally changed it. Drastic sure, but since I changed my email address it has stopped.

This is concerning. Are you saying your email account was hacked as well or are you saying it's stopped because you changed your battle.net email address.

Because if your main email account has been hacked you might want to look into that as well.There would be more important stuff linked to that then wow EG ebay stuff as well as your online banking details.

Originally Posted by mrruben5 1. Change password to a different, non-repeating(use the password once, and never use it again after) password every week. 2. Change email address every half year.

It takes a few minutes to change your battle.net email address. Thereby invalidating one piece of information the hackers use to get into your account.

It used to be if they had your account name they had it forever and could keep hacking you that way. Change the b.net email address as well and they don't have the login nor the password to get in.

With most good email providers you can also set it up to also check emails on other email accounts. That way you can link in the old battle.net emails into your main email and not have to waste time checking dozens of other email addresses for emails.

Originally Posted by MoonWitch Honestly, I strongly feel that at this point - quite a few of the hacks now are a marketing fear method to sell a tun more of those authenticators :P (Note: my account has been nicely safe for several months.)

Moonwitch I don't think that Blizzard makes a profit on the authenticators. Let me explain my logic.

First off Blizzard do not make the authenticators. They buy them off Vasco. Bear this in mind when talking about making a profit of authenticators - you would need to factor in the cost for Blizzard to buy them and if they get them delivered to them or they get a third party to get them shipped to the customer.

Secondly been forum posters on the CS forums whose day job is company security. Who have on behalf of professional and corporate clients have
ordered authenticators at a similar quantity that Blizzard would possibly buy them at. The cheapest I've seen is about $8.50 for approx. 10,000 of them. I do not believe Blizzard buy more then that at once as if they don't sell they effectively have "dead stock" (ie stock in their storage space they can't sell yet but take up storage space anyway)

Finally how much does it cost Blizzard to restore an account ? Ticket queues are currently 10 days. There's a lot of logs Blizzard has to go through and there is usually at least two staff members involved - the one who gets the original tickets as well as the special person (*) who has to do the restoring.

If it costs more to restore the account then whatever money they would lose by taking a cut in profits from authenticator sales what direction would you take ?

Personally I would take the maybe $5 or $6 cut in profits per authenticator then have to deal with the possibly greater cost to the business of having company resources tied up restoring the account.

EDIT (*) Want to use this word here : http://en.wikipedia.org/wiki/Spe******t But the silly word filter keeps censoring it !!!!

[Bluspacecow]

Originally Posted by Flarin I waited on the phone for about 25 minutes before getting someone live. They said since I had put a petition in-game that the issue was escalated which is all he had the power to do. He was very polite and said he had helped 100s of people with the same problem in the last several DAYS.

Restoration times are running at about 10 days at the moment as I understand it.

They have logs of everything you do in game. You kill a squirrel on the way to westfall and not only do they have what time of day and what day it happened but also your exact coordinates to 3 decimal places,what weapon you used,what sex the squirrel the was,how much HP it had,what attack you used to kill it,how much damage was done on it,what direction you were facing as well as what color underpants you were wearing at the time.

These logs take a long time to go through and Blizzard like to be exactly correct about what they restore. Patience is required in this.

What you can do if you nearing the end of that 9-10 days is to make a polite thread on the CS forums and ask politely for an update. If you're very lucky one of the forum CS reps there can check into your account for you and give you an update but it depends on the rep policing the forums at the time. Bear in mind this is not a way to fast track the queue as the reps in that forum can only deal with in game issues. But the saying is true - you catch more flles with honey and I'm sure if your post is poiite enough you will get the help you are after

Lastly once you have this all done make sure you run regular scans with the 3 products I've listed above (IE Avast, Malwarebytes. Combo Fix) . Also keep them updated as new exploits come out fairly regularly. With Combofix bear in mind there are specific instructions for using it and if you don't follow them correctly you can break things on your computer. Be very careful using it.

After all the price for freedom is constant vigilance.

Yes there is an exploit for the authenticator - I understand MalwareBytes has a fix for it already. In any which case search for an "emcore.dll" file on your computer to confirm if you have it or not. Ask around on the CS forums or on worldofraids.com for particulars on how it works. It's pretty rare and specialized but still possible. This doesn't make authenticators useless however.

Here's a few useful links for you :

http://forums.worldofwarcraft.com/th...18909866&sid=1
http://forums.worldofwarcraft.com/th...02231244&sid=1

[markv]

For those that own a cell phone you might be able to simply download the authenticator for your model in question, as blizzard has it released for several models of phones.

http://mobile.blizzard.com/ca-en/t40...E-APPLICATIONS

You can go through the list there and find what you're looking for.

Get an authenticator. Get a flash block plugin for your web browser. Don't use IE. Also if you are using Adobe for a PDF reader you might look at making sure it's updated as PDFs can support flash and one of the ways sites have been snagging people is injecting PDF downloads on to people. Personally I don't use Adobe for a PDF reader.

Chances are a virus scanner won't find the keylogger in question if you have one on your machine. There are so many customized versions of that stuff floating around that most AV companies can't even hope to catch them all, and the heuristic algorithms can only do so much.

[sakurakira]

Originally Posted by voodoodad Simply surfing the internet has become a dangerous proposition even when you're extremely careful and never click anything you think might be harmful.

I'm very sorry for you OP, and for the others who have posted with their stories.

I have pretty much all security options I can think of, and still I worry simply because of the above statement. It boggles my mind when I read things about the dwindling concerns about privacy in our modern culture, a mindset that increases the odd of incidents like this, or (more importantly) ID theft.

I've known several people whose accounts were hijacked and I could never understand how they could just go back to playing WoW normally as if nothing had happened. The worse thing to me is not that items/money/characters were destroyed (since those can be returned by Blizzard), it's that the account was compromised and possibly contributed to other accounts being compromised by adding to the gold spamming (because we know they wouldn't do it if it didn't work).

[break19]

Been there dude. I'm no IT guy, but I've been on the net for over a decade now.

I was the first person, in the places I hung out, with a super-fast 33.6k modem. Everyone was jealous. I mean, such high speeds..

I, too, was hacked, somehow, recently. My wow account wasn't even active when it happened. I was in the SC2 beta, when one day, SC2 asked me for an authenticator code.. "oh.. crap.. wtf?"

My PW, too, was a string of random alphanumerics.. By the time I'd gotten the situation resolved, they'd reactivated my account, and stripped one of my characters.

But, on the bright side, at least for me, I got a free month of wow out of it. They'd reactivated my account with a gamecard, and it was good for a month.

After the free month, I resubbed. lol

But yea.. it sucks.. On a more personal note, the violation part I can deal with.... a decade ago, I would likely have been on the wrong side of this issue... tho my motives were never malicious, they certainly werent pure, either....

[Led ++]

I'm sure it's Blizzard themselves hacking peoples account just so they sell more Authenticators.

Just kidding btw.

But it's kind of frustrating seeing how many people get hacked these days.

[Flarin]

Originally Posted by markv For those that own a cell phone you might be able to simply download the authenticator for your model in question, as blizzard has it released for several models of phones. http://mobile.blizzard.com/ca-en/t40...E-APPLICATIONS You can go through the list there and find what you're looking for. Get an authenticator. Get a flash block plugin for your web browser. Don't use IE. Also if you are using Adobe for a PDF reader you might look at making sure it's updated as PDFs can support flash and one of the ways sites have been snagging people is injecting PDF downloads on to people. Personally I don't use Adobe for a PDF reader. Chances are a virus scanner won't find the keylogger in question if you have one on your machine. There are so many customized versions of that stuff floating around that most AV companies can't even hope to catch them all, and the heuristic algorithms can only do so much.

Nothing for the Blackberry 8830 and Verizon. I will be getting a Droid in the fall once our IT deems it "secure" for Microsoft Exchange, so that will be more convenient than a dongle I have to remember to carry when I travel.

Still no word from Blizz - I am sure they are busy. The ticket in game says "has been escalated" - not sure exactly what that means, but I am sure I am in the queue.

[Cairenn]

Escalated is good. Means it's in the process of getting fixed.