Patch 5.3 interview with Ghostcrawler
Mystery of the Unborn Val'kyr
The latest patch 5.3 news
All of the latest Mists of Pandaria newsBreakfast Topic: Hacked
by Amanda Dean 
Feb 15th 2008 at 8:00AM
My first post on WoW Insider was about a friend of mine being hacked, this time it's about me. I woke yesterday and tried to copy a character over to the public test realm as I've been doing often lately. I got a password error. I tried to log into my account- same thing. My email had this happy little surprise for me:
Hello Amanda,
The character transfers listed below have been completed as of 2/14/2008. The character[s] listed will now appear in the new location and/or account selected and are immediately available for play!
- <character> - Level 70 Tauren Shaman - now on realm: Blade's Edge.
I recovered my password and logged into my account. Of course all of the bags on my characters were empty. I found my shaman logged into Shadow Labyrinth on a different realm with 38 minutes left on her Hearthstone cooldown. I'm very happy that although nearly-naked, my Paladin is still wielding her Lionheart Blade. My poor, dear Shaman is currently wasting away on a PvE realm. (Oh why couldn't they have moved the Pally instead?)
I'm careful with my account. I don't share my password. I don't even use AddOns. I do visit many WoW-related sites to find out the latest, greatest info for WoW Insider. I'm not sure where the keyloggercame from, but it slipped past my anti-virus measures. I found the customer service representatives to be rather curt and unhelpful. I was told that I will hear something about my account in the next week or two.
For those of you who have experienced this before, what was your experience like in retrieving your characters? Did anyone have PvP to PvE transfers reversed or refused? Did you feel as angry and violated as I do right now?
Filed under: Odds and ends, Blizzard, Breakfast Topics
Reader Comments (Page 3 of 8)
George Feb 15th 2008 1:10PM
How's that? Web browsers are hardly "safe".
Fantasies Feb 15th 2008 8:53AM
Honestly - I just got through a difficult time with this. It took roughly 2 months and none of my characters were transfered. My account got hacked and I lost 2 Tier 3 paladins and a Tier 3 Warrior and Tier 3 Druid and my Tier 6 Hunter and Tier 5 Rogue. In total they netted around 150,000-170,000 gold worth of stuff. I had to go on each character filing the tickets which was a pain and then finally after about 2-3 weeks each they were restored. Thankfully my money was restored too...I heard rumors from some people that they dont restore money...and that sometimes they do. But over all I was left with TON's of BOE's in my bag's. BoE Epics/Blues and Rare Gems from the instance grinding. They let me keep all of that and I sold it on the AH and made some extra cash. So over all from being hacked I had made about 1500g-2000g extra haha. But after that experience I switched to Ubuntu Linux and run WoW on that.
Moofles Feb 15th 2008 8:55AM
A good rule of thumb for browsing the internet is to use Firefox for its built in security. I know IE has done this recently, computers at my work have them but I still only trust Firefox because of its reliability. I've gone to many keylogger websites without anything happening. All thanks to Firefox.
Razhlok Feb 15th 2008 8:54AM
Yeah... add-ons can't be malicious. Unless you are downloading and running executable for an add-on... which should never be the case. The worst thing you can do is go to a lot of WoW-related sites using IE. Use Firefox and/or only go to sites that you know are reliable. If you are going to go to "suspect" sites, as research for your blog, then ffs use a different computer from the one you play WoW on. It also helps to occasionally change your password. I've found a keylogger on my computer before and immediately cleaned the computer and changed my WoW password.
If its any comfort, my co-worker had his account stolen (luckily it was his 2nd account) last year and all of his items were returned to him by Blizzard. That was over a year ago (before TBC).
Ahoni Feb 15th 2008 8:59AM
I'm sorry you got hacked. Maybe we can see an article on WoWInsider about how to not get hacked. Antivirus software does not handle these baddies nearly well enough. People need to be aware of that, so I'll say it again: antivirus software does not handle these keyloggers.
A good starting place is here:
http://www.raymond.cc/blog/archives/2007/09/20/how-to-beat-keyloggers-to-protect-your-identity/
Ruby Feb 15th 2008 9:01AM
But again, why Shadow Labyrinth?
Badger Feb 15th 2008 10:20AM
Hey, Ruby ... Discussion of this is on the first page. Someone actually posted a URL to another Wow Insider article where this issue was elaborated upon.
Quote the Raven Feb 15th 2008 9:00AM
Also check your home, not all hacks are written software. It's really easy to pick a lock let alone a "friend" that's left alone while you take a shower or something deciding to get back at you for dating one of his sisters, dumping her after a week, then taking his other sister out.... sorry tangent, but if you're that positive you took antivirus measures (*cough*use Mac*cough* then I'd check your premises.
Pfooti Feb 15th 2008 9:05AM
There's a fair number of chests you can get at if you use a teleport hack: open loot and reset. Since you're using a hacked client with a teleport feature, you can just get right to the chests over and over. That's what I hear at least.
Mats Feb 15th 2008 9:06AM
Pro tip: Use "Remember Username"
Even if your password is snapped up, a keylogger won't be able to see your username.
nav Feb 15th 2008 9:38AM
Useless tip, not a pro tip, I'm afraid. Had a look at the WoW directory structure, specifically what's under WTF/Accounts?
Your username.
Your keylogger wouldn't even have to log any keys to get your username.
Frank Feb 15th 2008 9:47AM
@Nav - how would a KEYLOGGER scan your directory to read file names? Keeping your username remembered is absolutely one of the best things you can do to prevent this from happening.
nav Feb 15th 2008 9:53AM
Dude, is this a joke? The keyloggers here are just bits of software, not hardware keyloggers (which wouldn't be able to do this). It's trivial to write a piece of code to dump your directory structure, and get names and contents of any files wanted (provided there's permissions, which there will be for any WoW related files if you're on the account that plays the game).
Just because it's called a keylogger doesn't mean all it does is log keys.
Mats Feb 15th 2008 2:53PM
@nav
Keylogging would need to log your keystrokes, as your password is not saved anywhere. And getting hardware keystrokes logged is the easiest and most practical way to log your username and password. Having a program first check your registery for wow folders, then go into those folders, to pick up usernames AND then log your password is a far more complex program then simply picking up your keystrokes.
Shastarian Feb 15th 2008 5:40PM
@ Mats
All it would take it an extra 3-7 lines added into the program. It owuldn't make the program "more complex" at all, it's quite easy to do, in fact.
What about a quick thing like:
dir "%PROGRAM_FILES%\World of Warcraft\WTF\Accounts" /ad
That would do a quick list of all the account names, and that was one DOS command.
Mats Feb 15th 2008 7:41PM
@Shastarian
Well, anyone with that code would fail hacking me, seeing I don't have wow store in Program files, and anyone with a non-english version of Windows would not either. On top of that the more you add in that sort of code, the easier for it is for a virus program to detect it. The smaller and less functions the keylogging program has, the better it is.
Netherscourge Feb 15th 2008 9:15AM
Getting "hacked" is usually a result of:
1. Installing Add-Ons with .exe files, instead of just dropping the files into the Interface Folder yourself. Sure, using the .exe files is faster - but you can't trust anyone anymore. You might be installing all sorts of Trojans and never know about it until it's too late.
2. Having a very weak password. Stuff like "1,2,3,4,5" isn't really a good idea. (Gosh! That's the same combination on my luggage!)
3. Registering on WoW fansites using the exact same Account Name and Password you use for your WoW game. Contrary to popular belief, your Account Name and Passwords are NOT SECURE on fansites and the administrators CAN get them if they want to.
4. Not checking Windows Update or Microsoft Update at least once a week for new security releases and patches will eventually kill you. Every month Microsoft releases Malicious Software security patches to stay a step ahead of hackers. I suggest you check for them regularly - or enable Automatic Updates in your control panel and your PC will check for updates automatically.
matt.millermd Feb 15th 2008 9:23AM
Thank you for the useful information!
I would also highly reccomend you don't get a false sense of security with Firefox. All the reccomendations just make it a bigger and bigger target, and it's just as bad as IE for vulnerablilites. (Use whichever you like, but make sure to up the security!)
Doffencrag Feb 15th 2008 9:48AM
"(Gosh! That's the same combination on my luggage!)"
Love the Spaceballs reference!
Charlie Taylor Feb 15th 2008 9:58AM
"(Gosh! That's the same combination on my luggage!)"
Only an idiot would use that combination!