New scam targets the WoW Launcher
by Matthew Rossi 
Mar 31st 2010 at 11:00AM
A post in the official forums today, later confirmed by a blue, points to hackers attempting to take advantage of a new avenue to attack the user -- the World of Warcraft Launcher.
As you can see from the screenshot above (large version here) the real launcher apparently is replaced with a fake launcher that sends the user to a web site that pretends to be official, asking for subscription information (including answers to secret questions and the original CD-Key) in what is meant to appear as the means to restore a supposedly suspended account. One of the telltale signs that this isn't legit, besides the very invasive information requested, is the version number in the upper left corner of the screen. We're way past patch 3.1.1 -- however not everyone might know this.
Ancilorn posts confirming that this is not genuine (reiterating that they will never ask for your password in such a manner, and also requesting that such things be sent directly to Blizzard if they happen to you). Goes to show that as security is increased, those looking to breach it become more desperate.
As you can see from the screenshot above (large version here) the real launcher apparently is replaced with a fake launcher that sends the user to a web site that pretends to be official, asking for subscription information (including answers to secret questions and the original CD-Key) in what is meant to appear as the means to restore a supposedly suspended account. One of the telltale signs that this isn't legit, besides the very invasive information requested, is the version number in the upper left corner of the screen. We're way past patch 3.1.1 -- however not everyone might know this.
Ancilorn posts confirming that this is not genuine (reiterating that they will never ask for your password in such a manner, and also requesting that such things be sent directly to Blizzard if they happen to you). Goes to show that as security is increased, those looking to breach it become more desperate.
Filed under: News items, Account Security
Reader Comments (Page 1 of 6)
RobertoT Mar 31st 2010 11:05AM
Crafty hacker is crafty
Nex Mar 31st 2010 11:39AM
if ppl fall for hacks like this they deserve to be hacked.
use you brains.
the game will be better without dumb players anyway.
LandMineHare Mar 31st 2010 12:03PM
@Nex:
"use your brains"
Fixed.
BigBadGooz Mar 31st 2010 1:05PM
For the people who mindlessly enter all account info I justhold my head. Even if I fell for this I have no idea where or what my cd key is cause I haven't used a wow disc for 3 years all digital dwnloads here. Also a frendly reminder folks try logging into your chacter first befor accepting the unlikely chance ur account is suspended.
Chizlemonkey Mar 31st 2010 6:58PM
@Nex
Open mouth, insert foot.
Jack Miles Mar 31st 2010 1:50PM
Is it wrong that my first though when I read this was "They're getting good".
Jay Mar 31st 2010 6:13PM
Very sneaky hack. I am honestly thinking as an IT pro I would almost or even really fall for that one.
For one thing it actually features correct use of the English language.
For another it is in a place you would consider Blizz had made safe.
The secret answer and CD-Key is a bit of a give away, the CD-Key I think would cause most people though to try to put in as much as they could or leave it blank... maybe, just maybe that scammers are hoping someone will actually buy a new key for them.
Yep, they are getting scary now with Authenticator MITM, using Flash exploits on Curse.com, and changing the login screen.
vexis58 Mar 31st 2010 8:47PM
It makes me sad that people are stupid enough to be fooled by something that looks so obviously fake.
Odiee Apr 1st 2010 3:27AM
@Jay
You would fall for this, and you call yourself IT pro?
moink Apr 1st 2010 3:22AM
Why are they asking for "main character" name? It's not something Blizzard would ever ask (not everyone has a definitive main) nor would I see it as something that the hackers would find useful. Unless they are auto-looking up the character on the armory to prioritize who to hack next...
dijital20 Mar 31st 2010 11:11AM
Precisely right... Blizzard, as far as I know, doesn't define a "main" character. That should be a big sign right there screaming "SCAM!".
Nikkiezorz Mar 31st 2010 11:17AM
Thats true, I noticed that right off on the image as well, main char really?
But here is my thought, When they are hacking the accounts, they may have tons of time to go through and sell off all our belongings and transfer all our gold, whatever they do, but they may not, they never really know how long its going to take you to realize you've been screwed over and fix it, IF you fell for this and gave them your info, the main character is *generally* the best geared, has the most money, and is the most profitable character, and therefore the one tehy want to start with to get the most bang for their bust.
at least, thats my assumption.
When i got hacked, they had gotten my E-mail information, and hacked me through there, changed my registered e-mail address, my password, everything. Luckily i had my account frozen because i was away on my honeymoon. dumbasses never added any gametime, so bliz fixt me up before i put my CC info on my account.
eenersumbrella Mar 31st 2010 11:25AM
Main toons, as I know mine does, usually have all the awesome things that a hacker is going to want. I keep lots of gold and stuff on my bank toon, but my main still has way much more stuff. Mains are also more likely to be in a guild and might have access to a guild bank.
GreenNight Mar 31st 2010 11:47AM
For me the telling field is "Answer to Secret Question". I don't even know what my secret question is, and they are not showing it.
nonentity Mar 31st 2010 12:07PM
Actually in Guild Wars you have to enter the name of a character of the account you want to login, just another step to verify that you actually own the account. Even is someone got your pasword, they could not login if they did not know the characters on the account. Yeah, absolutely not 100% hacker-proof, but another way to help that along a lil bit.
Snuzzle Mar 31st 2010 2:27PM
Blizzard WILL occasionally ask about your characters, though, so don't immediately jump on and say it's fishy because of that.
I remember a time I had to call customer service for.... I don't even remember why. Anyway, I couldn't remember what I had put as my SQA, so they had me verfify a few other things: last four of the CC I pay with; email address registered to the account; and the names, levels, and classes of the three highest characters on the account.
Now while the usage of the word "main" may set off alarm bells, it's sure a lot quicker than saying "highest level character".
Also, this is why I keep all my gold on a level 25 rogue. NO ONE EVER SUSPECTS THE MIDDLE LEVEL TOON.
Croe Mar 31st 2010 4:15PM
"Also, this is why I keep all my gold on a level 25 rogue. NO ONE EVER SUSPECTS THE MIDDLE LEVEL TOON."
... until now.
Jay Mar 31st 2010 9:33PM
"Nobody expects the Spanish Inquisition!"
"Amongst our weaponry are such diverse elements as fear, surprise, ruthless efficiency, an almost fanatical devotion to the Pope, and nice red uniforms!"
Michael Mar 31st 2010 11:10AM
People actually fall for stuff like this?
If you are that stupid you deserve it.
Ishammel Mar 31st 2010 11:25AM
Not really... my girlfriend plays WoW casually and goes for long breaks without playing. She loves playing her characters on her account, but if she gets something coming up supposedly from Blizzard asking for her details for a seemingly legit reason, I would think she'd enter the information. After all, she's not like us knowing up to date info on all scams etc.
That's why people fall for scams, because they're so believable, especially to new or inexperienced players. Saying someone deserves to get hacked for not knowing the ins and outs of the internet and the game is similar to saying someone deserves to get rickets because they didn't know they had to have lots of vitamin D in their diet!
Please give a little bit of thought before you go saying mildly cruel things like this! :)