Skip to Content
8-06-2008 @ 4:26AM
"If this person had "hacked themselves", as many of you are wont to accuse, somehow I doubt that the conversations which I have had and have witnessed involving them would have had quite the same tenor that they have-- to wit: the distress, upset, and frantic nature of their first response would have had to have been entirely feigned, with an acting ability beyond that of most, to have seemed as genuine as that which I perceived."The person who was hacked while an Authenticator was active on the account is entirely credible, but appears to have misinterpreted the circumstances. You may also note that they on their own guild forum thread indicated that they wished it possible to remove the first article until the issue was investigated.Anyone who accuses this person self-hacking is stretching it, even though a possibility, the following quoted from the WoW CSF forum firmly indicates that this did not happen."The account was almost certainly accessed by sources besides the normal owner, though I'm afraid the details on that are more than I can provide."My original assertion holds, the Authenticator did not fail, the Blizzard team did not fail, the owner of the account either had their Authenticator key keylogged, or their Authenticator fob kept in an unsafe place so it was accessible to someone else .. however I am leaning towards keylogged on the basis of Belfaire's statement I just quoted. Shumei it is good you join in to support your guildie ... the credibility gap is with the original reporter, Mike Schramm, and unfounded assumptions that the Blizzard Authenticator device or Blizzard staff failed. Even the Header of this second followup article still uses the words "Authenticator Failure". Mike's point is still valid -"but just in case you thought using the Authenticator make you impervious to hacking, know that it doesn't" - but its the human element at work, not a device or system failure.Lesson to learn ? have a clean system to attach your Authenticator to your account.
8-06-2008 @ 4:31AM
Sorry needed clarity ... "the owner of the account either had their Authenticator key keylogged" .. I meant to say Authenticator serial number not "key"
8-06-2008 @ 7:05AM
I'm fairly sure that Authenticator keys are single-use and they expire in 60 seconds. So wouldn't the attacker have to be using some type of man in the middle attack to prevent the credentials from reaching the login server if he was keylogging? In addition, there is no discernible pattern to the codes, since it is a list of codes, not an algorithm.The more likely answer, as you said, is physical security failure. It could have been a combination of both -- a keylogger to steal login/pass, and "borrowing" the Authenticator for the code. Still only a guess though...
First time? A confirmation email will be sent to you after submitting.
Members enter your username and password.
Enter your AOL or AIM screenname and password.
Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.
When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.
To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.