Account security mythbusting, part 3
by Michael Sacco 
Dec 31st 2008 at 1:00PM
A really common myth nowadays is that there's been a huge influx of compromises and Blizzard can't stop them.
MYTH: Blizzard is losing the war against gold farmers and hackers, which is why we see these new server messages.
Okay, you might have a valid concern. After all, if Blizzard is suddenly asking people to take extra security steps, that must mean that things are going poorly on the account security front.
Thing is, Blizzard's been asking players to take these very steps for years. A lot of players simply ignore them or don't know that they exist. The reason for bringing these steps to such public places as the front page of WorldofWarcraft.com or the server welcome message may be any number of things:
- There's a new and public source of account compromises, such as a major website having a keylogger trojan injected into it.
- The Support department knows that Wrath has brought a lot of players either to the game or back to the game and wants to avoid loads of new compromises by arming the public with the knowledge they need to combat them.
- It's a good way to make people aware of the Authenticator, which means less work for Support and less stress for players.
Alternatively, it could be all three.
They've stated that there's been a rise in account compromises, and this is usually due to the first bulleted reason up there. I saw it plenty while I was at Blizzard--some bad code would end up on a major site, people would visit the site and get compromised. Blizzard can't do much about what goes on on other sites, which is unfortunate, but they can tell you how to avoid the issues they're likely to cause.
If Blizzard had the account security situation under control, you're thinking to yourself, they wouldn't need to take steps like they've taken recently. This isn't an unreasonable viewpoint if you're unfamiliar with gold farmer tactics. Let's examine this a bit.
- Gold farmers used to simply trade gold to the players that bought gold from them after receiving payment out of game.
- Blizzard started to develop methods to stop these kinds of transactions.
- Gold farmers started using the Auction House to send the gold to their buyers by having the buyer set up an auction for a cheap item for the amount of gold they've bought.
- Blizzard introduces an AH payment mail delay to help track and prevent these kinds of transactions.
This exchange is the equivalent of building a better mousetrap. Eventually, farmers build a better mouse. Sometimes they're quiet and lay low for a very long time, but eventually an effective new method of compromising accounts or performing illicit activities in-game becomes widespread and Blizzard needs to combat it.
What all that means is that compromise numbers will rise and fall with the times, and the best thing you can do about it is follow Blizzard's advice.
Myth Status: BUSTED.
MYTH: Blizzard is losing the war against gold farmers and hackers, which is why we see these new server messages.
Okay, you might have a valid concern. After all, if Blizzard is suddenly asking people to take extra security steps, that must mean that things are going poorly on the account security front.
Thing is, Blizzard's been asking players to take these very steps for years. A lot of players simply ignore them or don't know that they exist. The reason for bringing these steps to such public places as the front page of WorldofWarcraft.com or the server welcome message may be any number of things:
- There's a new and public source of account compromises, such as a major website having a keylogger trojan injected into it.
- The Support department knows that Wrath has brought a lot of players either to the game or back to the game and wants to avoid loads of new compromises by arming the public with the knowledge they need to combat them.
- It's a good way to make people aware of the Authenticator, which means less work for Support and less stress for players.
Alternatively, it could be all three.
They've stated that there's been a rise in account compromises, and this is usually due to the first bulleted reason up there. I saw it plenty while I was at Blizzard--some bad code would end up on a major site, people would visit the site and get compromised. Blizzard can't do much about what goes on on other sites, which is unfortunate, but they can tell you how to avoid the issues they're likely to cause.
If Blizzard had the account security situation under control, you're thinking to yourself, they wouldn't need to take steps like they've taken recently. This isn't an unreasonable viewpoint if you're unfamiliar with gold farmer tactics. Let's examine this a bit.
- Gold farmers used to simply trade gold to the players that bought gold from them after receiving payment out of game.
- Blizzard started to develop methods to stop these kinds of transactions.
- Gold farmers started using the Auction House to send the gold to their buyers by having the buyer set up an auction for a cheap item for the amount of gold they've bought.
- Blizzard introduces an AH payment mail delay to help track and prevent these kinds of transactions.
This exchange is the equivalent of building a better mousetrap. Eventually, farmers build a better mouse. Sometimes they're quiet and lay low for a very long time, but eventually an effective new method of compromising accounts or performing illicit activities in-game becomes widespread and Blizzard needs to combat it.
What all that means is that compromise numbers will rise and fall with the times, and the best thing you can do about it is follow Blizzard's advice.
Myth Status: BUSTED.
Reader Comments (Page 1 of 1)
Kyle Connor Dec 31st 2008 1:14PM
So... someone could inject a keylogger into WoWinsider.com?
hold up Dec 31st 2008 2:32PM
Yes. Well, not directly. They could imitate a site that looks exactly like WoW Insider and if you accidently go to wowinsider.info or wow-insider.com (made those up, dont know if they exist or forward to the actual site) they could inject a virus. Same thing goes for someone listing a link inside a comment and if you go to that link it could contain a virus.
The messages that Blizzard is now showing is most likely due to the huge vunlerability in unpatched versions of Internet Explorer that, as far as I understand, basically allows the hacker access to your PC's entire memory stack. Also, as far as I remember, a story like this was covered on WoW Insider previously...
Basically, make sure you have your Internet Explorer patched... or just use another browser like Firefox, Safari or Opera.
LXj Jan 1st 2009 6:44AM
Well, all major web engines, such as WordPress and Drupal, known to have vulnerabilities in past. These vulnerabilities could be used to modify the page contents. The same could be said about server software (Apache, MySQL, whatever WebLogs Inc. are using).
So, it all comes to how security concious are WoW Insider's programmers and admins.
Zaniac Jan 1st 2009 3:00PM
Well, sadly - the website that should be mentioned, is the website for the official forums.
There's been a ton of posts with links to keyloggers on the official forums the last month or two.
THAT is the real reason for the increased nudges by Blizzard, to take your account security serious.
Of course there might be even more websites than the official forums.
Mellie Dec 31st 2008 1:26PM
I agree with the tick remember password box, therefore avoiding the whole keylogger mess. This you really should have mentioned - you're not still on Blizzards payroll by any chance are you?!
Gruzilak of Maelstrom Dec 31st 2008 7:02PM
I got hacked twice. once to the security hole due to Adobe and the other due to a keylogger. I went out and spent the $6.50 on the Authenticator and havent had a problem since. Well worth the money when you consider it took 3-4 days to get all my stuff back after the first time and another 1-2 after the second. I was online when the second hack happend and was able to stop them before they got too far along but still. take 1-2 days and multiply it by the thousands of hacks the have happened and its no wonder why Blizzard wants us to help keep our accounts secure. Every minute they are working on account restorations is a minute they arent working on fixing bugs and what not. Yeah I know its most likely different people that do those jobs but if you look at it in the project management prospective, a resource is a resource.
Kris Dec 31st 2008 2:16PM
My account was hacked Sunday, and for the last 3 to 4 years I had wow 'remember' login and is ALWAYS checked.
Everyone's comments about copy/paste is epic FAIL and needs to stop telling people that will prevent keyloggers. I have done a LOT of reading (had to run numerous spyware/virus/registry programs and was not happy so I reformatted my computer). Many newer keyloggers have a 'print screen/capture' button the second you run wow or start typing your password. Its as simple as opening a picture to read your login name.
I am still in the middle of this hacking nightmare, but do NOT believe copy/paste and 'remember login' is a fail safe.
On a side note, I believe my wife is the one who got the keylogger from either facebook or similar network site.
Good luck!
Dale Dec 31st 2008 2:37PM
So that is why there is a delay on AH money. Darn those gold farmers!
Shast Jan 12th 2009 9:59PM
Quote: MYTH: Blizzard is losing the war against gold farmers and hackers, which is why we see these new server messages.
Can I add a third reason. - People are STUPID. I work for a major company that regularly sends out communications to it's employees. In one process I created a web page and sinnically used BIG BOLD RAINBOW COLORS for a few simple easy comprehensible messages and to this day not only do people overlook it, they still have questions.
It's sad but people, namely the general public, are pretty dumb. Naive. Oblivious. Or if they are somewhat aware, they always gamble with each opportunity. The ratinonale: If I don't get hacked, I'll obtain something.
What is the appeal of risk taking? "It won't happen to me." So I take Blizz's notifications of someone saying, "Hey, don't be stupid. No. Really. Don't be stupid. - This message is intended and purposed for morons wherever they may be."
I take risks *cough Curse.gaming*. And, subsequently, if I get hacked sometime soon it'll be my own damn fault. Not Blizzard's.
-no proofing of this comment-