Patch 5.2 interview with Dave Kosak
Inside an old alt's vault
The latest patch 5.2 news
All of the latest Mists of Pandaria newsOh Noes!!!1!1!1one: I've been hax0red!
by Amanda Dean 
Feb 5th 2008 at 5:30PM
On Saturday night I noticed a guildie acting strangely. He kept switching between characters and wouldn't respond to tells from even his closest friends in the guild. Concerned about him, we gave him a call... on the phone, to see what was up. You guessed it, he was nowhere near his computer at the time. He went to log in and found his password was changed. Unfortunately, he had also forgotten the correct response to his secret question "What is your favorite activity?" The hacker kept running in and out of the Shadow Labyrinth. I checked the customer service forums and found that this was common behavior among hackers. Either there is an exploit in that instance, or hackers just really enjoy hanging out with Blackheart the Inciter. I'm leaning toward the latter.
I also found that I was not able to seek help in this matter, that a game master would only take action for the owner of the account sending a message from the (compromised) account. I did the only thing I could do: I called the guild master and asked him to kick the hacked player from the guild. (Note to self: calling the GM at 2AM is a bad thing.) Interestingly enough, the only things ninja'ed from the guild bank were of little value like stacks of uncut Golden Draenite and Netherweave Cloth. Two days, and an exhaustive list of humorous yet largely unhelpful, suggestions later, he's got his account back with a nerfed rogue, a naked shaman, and a massive list of blue-quality items on the auction house.
Of course the question arises, how did the hacker get a hold of this guy's account info in the first place. We suspect that since his home computer was indisposed, he was likely keylogged while using a local LAN center to get his WoW fix. Lesson learned and computer fixed. If you do have to play on a foreign computer, you might want to consider copying and pasting your username and password so that there is no chance for this information to be keylogged. Vrakthris posted a guide to what happens in the recovery of a compromised account on the customer service forums.
Eyonix has recently posted a reminder about account security in the official forums. The post indicates that players should always use the Blizzard launcher to start the program and to maintain updated operated systems. Eyonix asks users report suspicious links or programs.You and I can learn take away two important bits of information from this experience. First, if a guildie begins acting in a suspect manner, especially if it involves S-labs, it's probably best to contact them outside of game as quickly as possible. Also, it's definitely advisable to choose something a little less ambiguous for your secret question than "what is your favorite activity?"
EDIT: Added Blizzard's suggestions for account security.
Filed under: Analysis / Opinion, Odds and ends, WoW Rookie, Forums
Reader Comments (Page 2 of 6)
drjonesac2 Feb 5th 2008 6:17PM
This also happened to a friend of mine recently. He's on a Mac, does network and computer security for a living and never logs in on anyone else's machine (had him over IRL and would not log in on my box). Still he was hacked.
I'm wondering if there's some sort of exploit going around that involves Bliz directly. I had heard a while back about a problem with their automatic password recovery system having an exploit (I'm assuming this has been fixed.) But doing searches for hacks hasn't revealed any new hacks.
Scoottie Feb 5th 2008 6:37PM
well there is is always the brute force hack of just letting a program try random combinations of letters and numbers to try and hack stuff
Hayat Feb 7th 2008 12:06AM
likewise, I too am somewhat paranoid, and am using a Mac.
I think some hacker correctly guessed my password, but then Blizzard's anti-hacking measures kicked in and my password was reset ~.^
They never explained to me the event fully.
Hayat.
Ray Feb 5th 2008 6:20PM
I got hacked a couple of days ago, I logged in to find myself in the valley of trials, with all my equipped gear on, however my inventory contained only items I couldn't sell to a vendor...so I HS back to check my bank and it was also empty...I quickly changed my password and contacted a GM, my account has been locked ever since...I didn't have much gold on me, around 360g but I had lots of materials and items...
I did a full scan on my PC and found nothing, I'm wondering how could that hacker got a hold of my password?
Do you guys know how long would account investigation takes? I'm on the EU servers...Thanks :)
Sylythn Feb 5th 2008 6:34PM
The vast majority of hacks that I hear about, are also accompanied by an admission of sharing accounts. Every person that has access to your account and/or computer doubles your risk. I know everyone does it, and I know it's against the TOS - but that right there is the reason *I* don't give anyone access to my computer or account.
graybix Feb 5th 2008 6:27PM
so what im hearing is you should play in linux or OSX. that or dont lave alot of gold laying around.
keltian Feb 5th 2008 6:27PM
The recent surge in news of people getting their accounts hacked is really starting to terrify me. I have tried to take many measure to keep myself safe, but hearing stories of people who do the same thing yet still gets hacked makes me wonder each time I log in why my account hasn't been hacked yet. This is so crazy, who the heck is buying gold at this point, haven't people heard that by buying gold they are supporting this kind of stuff, unbelievable.
Angelus Feb 5th 2008 7:15PM
I'm with ya, I'm super freakin paranoid now. I check, double check, recheck. I log on and expect my characters to be nakid or deleted.
My guild had 4 ppl hacked in the last few weeks. It's having a pretty harsh 'sleep with a gun' effect on me. lol
bonch Feb 5th 2008 6:32PM
Lesson learned: Use a Mac.
Oldbear Feb 5th 2008 6:56PM
Read the comments - Macs get hacked too.
Cedric Feb 5th 2008 7:20PM
Use a Mac and say goodbye to Ventrilo... No thanks (I'm writing this on a Mac right now and I'm happy to have WoW on it, but no raiding possible).
innajunglestylee Feb 5th 2008 8:36PM
Cderic @ 7:20pm,
I'm in a guild currently working on Kael. Several members of our guild use Mac and Ventrillo to raid. Sure, we get razzed by the "OMG I BUILT MY OWN COMPUTER OUT OF NUTS AND STICKS" crew but it's very, very doable.
Charlie Taylor Feb 5th 2008 10:12PM
The newest Vent client for OS X is compatible with 90% of codecs out there, and has been for some months...
Dawnforge Feb 6th 2008 4:33AM
@Cedric
It's called the Speex codec. It's on par with the GSM codec. It's cross-platform.
Know it. Love it.
Daemond Feb 5th 2008 6:41PM
This just happened a couple of days ago on one of the servers I play on.
They discovered the hacker in the act because the hacked account's spouse was playing and noticed their significant other's toon in Shadow Labs... however, he was - IRL - asleep in bed.
Turns out he is the leader of his guild which has been around for some time now... the hacker cleaned out the Guild Bank and everything the poor guy had... not sure what the resolution was but, man, I can only imagine how much that would suck.
nemesiscw Feb 5th 2008 6:41PM
I have 3 friends whose account had been hacked.
The first friend got hacked while he was actually playing. At first he kept getting disconnected, which wasn't too uncommon since he was on a bad connection. But it started getting weird when he couldn't log on because he kept getting an error stating something like, "You cannot log onto an account whose transfer process has not been completed.” He immediately changed his password while trying to fight back the hacker getting to a mailbox. His 70 hunter character got transferred from Rivendare to Gorefiend by the hacker. He recently got everything back as well as a transfer back after a GM recovery.
Second friend wasn’t so lucky. He got hacked while he was at school and none of us could log into his account. We called him up and he rushed home. But it was too late. All his stuff was gone and the hacker deleted his 70 priest, taking everything on his 70 hunter, and stacks of Rare gems out of the Guild bank. He got everything back after a week or two of waiting for a GM recovery… everything except for enchantments and slotted gems on his gear. Instead of SL, the hacker went in and out of Dire Maul…
Third friend got his 70 hunter and 70 warrior hacked while none of us were on. Took everything just he did with the second friend. Now, what’s weird is that after a couple days of this, he got hacked again. (His password was changed) Right now, his character is in the process of being recovered. The GMs, as of now, only gave back his soulbound stuff on his hunter. No word yet on the warrior or the other missing loot.
They all got hacked within the same week and they all scanned their computers with AGV and Kaspersky and they cleaned everything up right after the first friend got hacked. They even changed their passwords too…
airwalke Feb 5th 2008 6:49PM
I've had this happen as well, and I'm on a Mac. Only my girlfriend knows my password, and she was in the room when I kept getting continuously disconnected until I wisenedd up and hastily changed my password. It stopped right after that.
issacobra Feb 5th 2008 6:40PM
Info on Shadow Labs exploit:
http://forums.worldofwarcraft.com/thread.html;jsessionid=DE5B06BCA1C152770FDA71D58F054D02?topicId=3773463761&sid=1
Zeplar Feb 5th 2008 6:50PM
Do not make the mistake of thinking that just because you play on a Mac, you're safe. It is true that macs have very few viruses going around for them (mainly because it's more profitable to make a Windows virus), however they are JUST AS EASY to keylog and hack. Viruses != keyloggers. Firefox with NoScript is a very good protection, but only a good security question and regular bot checks are 100% effective.
MartinC Feb 5th 2008 6:53PM
I've heard a lot of people on Macs get hacked. Makes sense, since most Mac people are pretty computer illiterate, and probably have no idea what their computer is doing.
In fact, most of the Mac users I know I wouldn't trust anywhere near a computer.