Blizzard lays down the science on gold selling

by Matthew Rossi Feb 23rd 2008 at 11:31AM

It may seem like it didn't need to be said, but they're saying it anyway: gold buyers are financing the hacking of accounts and the selling off of people's gear. Since we at WoW Insider have seen a lot of these cases (have even had them happen to some of us) we know how profoundly irritating and even emotionally painful it can be to have all of your work on a character or characters gone in a heartbeat, much less seeing them transfered to other servers and even in some cases having their names changed. Blizzard points out power leveling services as a particular culprit in this trade, saying "Through our normal support processes and the assistance of players, we also find that many accounts that have been shared with power-leveling services are then hacked into months later, and all of the items on the account are stripped and sold off. Basically, players have paid money to these companies, sometimes large amounts, and they're then targeted by these same companies down the road."

Now, this doesn't mean that you shouldn't still be careful with add-ons you download or keep a good anti-virus program on your computer, as we know there are many malicious trojans out there targeting World of Warcraft players. But just as clearly, if you use a power leveling service or buy gold, not only are you funding account hacking, you're in danger of seeing your own account hacked as well.

Tags: gold-selling, power-leveling

Filed under: Analysis / Opinion, Blizzard, Economy, Leveling

Reader Comments (Page 1 of 2)

warhound Feb 23rd 2008 11:37AM

I just got hacked two weeks ago and I have never shared my password or username with anyone and I have the username on remember so I dont type it to avoid keyloggers though it still happened and now my account is still closed due to all the paperwork you have to do to recover it.

energyvortex Feb 24th 2008 9:00PM

Players that choose to shortcut the system by either buying gold or using leveling services deserve what they get if they get hacked after sharing their account info. This is in the Internets people. Ya can't trust anyone.

What they need to do is to add another menu choice to the game. Right below 'Report Spam', they need to add 'Report Gold Seller'. All these level 1 jackasses spamming in the capital cities would get insta-flagged on the GM's radar screen and they'd be booted and banned that much faster.

Verit Feb 24th 2008 3:14PM

I think the major point here too is that people who use these services encourage the use of distributed attacks that affect realm performance - that is hacked machines (outside of the game) are being used to induce lag to dupe items.

Also that all of this encourages inflation (where gold is worth less, harder to get - but items cost more and more)

Def Wolf Feb 23rd 2008 11:51AM

This happened to a guild-mate a week ago. The hacker took all of his chars' stuff and cleaned out our guild bank except for the gold. Luckily we have a set limit of how much can be withdrawn. I was able to report to a GM and everyone got everything back a few days later.

Dan Feb 23rd 2008 12:04PM

Umm, didn't you post this same thing yesterday? Different link but the page content is the same.

http://www.wowinsider.com/2008/02/22/anti-gold-seller-faq-page-goes-up-at-the-official-eu-site/

ryno106 Feb 23rd 2008 12:42PM

shhhh, he's trying to make a post count...

Matthew Rossi Feb 23rd 2008 12:46PM

No, no need for a post count, I'm mostly a columnist here. I just plain missed it and messed up. Ah well, nothing like the internet to rub your face in your mistakes.

Justin Feb 23rd 2008 1:19PM

This is the reason I could never be a blogger... All people do is talk $*it

Dan Feb 23rd 2008 1:33PM

It's ok Matthew, your warrior columns more than make up for momentary lapses of attention :)

Ironhide Feb 23rd 2008 12:48PM

3 things you need to use. Firefox, ClamAV for windows and NoScript Addon for Firefox..

The keyloggers are installed by browsing a site with javascript that downloads and installs the keylogger without you realising it. The script is often installed deliberately on the site, or its installed on a hacked site through cross-site scripting or 0 pixel IFRAME's.

The NoScript addon for firefox works by default denying javascript to run. You get to choose which scripts run, and which domains can run scripts. I deny scripts from domains i dont know or trust.

This isnt 100% effective, but it will help out alot.

Secondly, be very careful the addons you use in WoW itself.

I recommend ClamAV because most of the big name virus vendors are crap, they dont detect alot of things. No vendor is going to detect everything and the bad guys have alot of keyloggers no one will detect, but I have found ClamAV to be the best.

I work in the security field, specifically application securty and the above are the precautions I take. Your never going to be 100% safe, but you can make yourself alot less of a simple target.

Eternalpayn Feb 23rd 2008 12:49PM

That EU though, so a lot of people probably ignored it. :P
Honestly, I'm not so sure it's people buying gold that this is happening to. I'm thinking that it is an exploit in addons, actually. I believe I read that lots of people using CentralUI are having this problem, and people who only use Curse for addons. I have heard it from WoWAce people, however, which is why I haven't updated in forever. I am thinking that there is a Lua exploit that allows these hackers access to your registry, or possibly just to another program that has access to it. My guess is that it was uploaded on to Curse as an addon, and put inside a working addon itself. Also, I believe it was put onto Addon programs this way as well. That's just my theory, however.

Mats Feb 23rd 2008 1:09PM

I think you should downgrade that to a hypothesis. I don't think non-executable files will be able to do any of those things, however the self extractable exe files one downloads, they might be a big problem.

Ironhide Feb 23rd 2008 1:22PM

I am willing to buy into that theory, Lua is a scripting language, I am sure you could do some interestingly devious things with it.

The real issue is javascript on websites, even ones you trust.

Aichon Feb 23rd 2008 7:19PM

Lua might be a scripting language, but until it gets turned into a machine-readable format (a process called "interpretation"), it can't do anything at all. WoW converts it into a machine-readable format on the fly as you start up the game or whenever you reload your UI. Up until then, the Lua code is no more dangerous than any other text file on your computer.

The whole way that Lua is used in WoW effectively sandboxes it so that none of the Lua code itself can actually impact or interact with the rest of your computer. Now, as was mentioned, executable files that come with the addons could be problematic, or maybe even other sorts of files that get packaged with the addons that you download, but the addons themselves, that is, the .lua and .xml files, are entirely harmless by their very nature.

Verit Feb 24th 2008 4:00PM

Rest assured - just because LUA is a scripting language doesn't mean someone couldn't exploit a private API internal to WoW - even one that isn't accessible from the public API's. How? Using a process called fuzzing. All they need to do is find a method LUA that causes a buffer overrun in the application. A good chunk of javascript exploits in IE and Firefox (and Acrobat) have used this - and javascript is just a scripting language just like LUA.

WoW Insider Show

Subscribe via iTunes for our latest show.

Hot Topics

Upcoming Events

Event	Date
Love Is In the Air	2/2 - 2/15
Blackrock Foundry Normal and Heroic open	2/3
Darkmoon Faire	2/8 - 2/15
Blackrock Foundry Mythic opens	2/10
Lunar Festival	2/16 - 3/2
Blackrock Foundry LFR wing 1 opens	2/17
Blackrock Foundry LFR wing 2 opens	2/24
Darkmoon Faire	3/1 - 3/8
Blackrock Foundry LFR wing 3 opens	3/10
Blackrock Foundry LFR wing 4 opens	3/24