Skip to Content

WoW Insider has the latest on the Mists of Pandaria!

Posts with tag Hacked

Blizzard Customer Support warns of dangerous Trojan [Updated]

Blizzard Customer Support Agent Jurannok has taken to the forums to warn players of a dangerous Trojan -- a virus that can enter players' accounts even if they have an authenticator. Update -- A solution has been found.
Jurannok
Hello,

We've been receiving reports regarding a dangerous Trojan that is being used to compromise player's accounts even if they are using an authenticator for protection. The Trojan acts in real time to do this by stealing both your account information and the authenticator password at the time you enter them.

If your account has been compromised recently, I'd recommend looking for the Trojan. It can be identified by creating an MSInfo file and then looking in the Startup Program section of that file for either "Disker" or "Disker64". It will usually appear like this:

Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup
Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup

Read more →

Filed under: Account Security

North American players may now update their security questions

Image
As an update to the security breach last week, players on North American realms will now be prompted to change their security question and answer when logging in to their Battle.net accounts. The security breach included no financial information; however, answers to personal security questions were compromised, as well as some information related to Mobile Authenticators.

In addition to the security question update, players may now also update their Mobile Authenticators as well. Please note, this is only in regards to North American accounts; players in Europe need to do neither of these things. And remember, if you are a North American player and have not changed the password on your account, doing so is an excellent idea.


Nethaera
As a precaution following our recent security update, players on North American servers please take a moment to visit Battle.net account management, where you will be prompted to change your security question as well as update your Mobile Authenticator. There you'll also find helpful tips and an FAQ, as well as instructions on how to add additional layers of security to your account, including the Battle.net Authenticator or the Mobile Authenticator for those that aren't already using one.

Filed under: News items, Account Security

Blizzard security breach, no evidence that financial data was compromised

Important security update from Blizzard
Mike Morhaime, the president of Blizzard Entertainment, reported today in a blog post posted on the official Blizzard website that a list of email addresses for Battle.net users, answers to security questions, and information relating to the Mobile and Dial-in Authenticator program were illegally accessed by outsiders. The security hole has been closed, but Blizzard is officially recommending that all Battle.net users change their passwords immediately. In the coming days, players will be prompted to automatically change their security questions and update their mobile authenticator software. A FAQ is available here.

The full post is below.

Mike Morhaime
Players and Friends,

Even when you are in the business of fun, not every week ends up being fun. This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened.

At this time, we've found no evidence that financial information such as credit cards, billing addresses, or real names were compromised. Our investigation is ongoing, but so far nothing suggests that these pieces of information have been accessed.

Some data was illegally accessed, including a list of email addresses for global Battle.net users, outside of China. For players on North American servers (which generally includes players from North America, Latin America, Australia, New Zealand, and Southeast Asia) the answer to the personal security question, and information relating to Mobile and Dial-In Authenticators were also accessed. Based on what we currently know, this information alone is NOT enough for anyone to gain access to Battle.net accounts.

We also know that cryptographically scrambled versions of Battle.net passwords (not actual passwords) for players on North American servers were taken. We use Secure Remote Password protocol (SRP) to protect these passwords, which is designed to make it extremely difficult to extract the actual password, and also means that each password would have to be deciphered individually. As a precaution, however, we recommend that players on North American servers change their password. Please click this link to change your password. Moreover, if you have used the same or similar passwords for other purposes, you may want to consider changing those passwords as well.

In the coming days, we'll be prompting players on North American servers to change their secret questions and answers through an automated process. Additionally, we'll prompt mobile authenticator users to update their authenticator software. As a reminder, phishing emails will ask you for password or login information. Blizzard Entertainment emails will never ask for your password. We deeply regret the inconvenience to all of you and understand you may have questions. Please find additional information here.

We take the security of your personal information very seriously, and we are truly sorry that this has happened.

Sincerely,
Mike Morhaime

Filed under: News items, Account Security

Breakfast Topic: Has your account ever been compromised?

This Breakfast Topic has been brought to you by Seed, the AOL guest writer program that brings your words to WoW Insider's pages.

Account security is a serious matter in Azeroth. If a player's account is ever compromised, it can be a devastating blow. You work hard to reach the level cap, run the dungeons and raids for the gear your character needs and level your chosen professions. Chances are, you also have a fair amount of gold from questing, dailies, and your professions. If hackers gain access to your account, they wreak havoc while inside, stripping your characters of everything they have, taking all your gold, and selling anything of value.

My account has only been hacked into once, but it was more than enough for me to doublecheck my security settings, wipe my hard drive, and buy an authenticator. When my account was hacked, I was beyond devastated. All of the hard work I put into my characters was gone in an instant. Hackers move a lot like a fire.

Read more →

Filed under: Breakfast Topics, Account Security, Guest Posts

Help! My account has been hacked!

There are so many scams going around like the Catclysm Alpha invite and the WoW Armory phishing site, that people's accounts are getting stolen more than ever. With all of the work that Blizzard has to do to keep up with the problem, it's no wonder they are offering the fast solution of care packages. We've talked about how to avoid scams as well as how to protect yourself. Here is a guide as to what to do if your account gets stolen.

Important note: The following guide assumes that you have not put an Authenticator on your account. There are no confirmed cases of accounts being stolen if they are protected by an Authenticator.

Read more →

Filed under: Blizzard, Account Security

Account security is your responsibility, not Blizzard's

PlayNoEvil recently published an article explaining why they think it is that hackers target gamers by stealing their passwords and other account information.

While there is some truth in the premises offered, articles like this one only serve to fuel conspiracy rumors and encourage players to think of themselves as victims rather than take responsibility for their own account security.

Gaming companies do place some of the blame for a compromised account on the account holder, and for good reason. The hacker certainly didn't gain access to your computer because of their actions, and their computers that store your information are as yet untouchable.

The browsers you use, sites you visit, firewall settings, anti-virus software and update practices are just a few of the ways that you contribute to your own hacking experience.

Sharing your account information with your lover, best friend and mother may sound safe, but you don't control the security of their computers, or their friends' computers. The majority of people I know who have been hacked signed into their accounts on their sibling's computer or a publically shared machine.

In fact, NASA ended up with a keylogger targeted at gamers on the International Space Station. It traveled aboard on the laptop of one of the astronauts. You just can't trust any computer that isn't your own.

It may be hard to hear, but a hacked account is because of something you did, whether it was an unfortunate stroke of luck, such as stumbling onto a redirect on a legitimate website in the small window before the site addresses it, or a serious oversight in security on your part.

Read more →

Filed under: Analysis / Opinion, Blizzard, Add-Ons, Account Security

WoW Insider Interview: Blizzard speaks about Authenticator security


About a month and a half ago, we reported on the story of a player who had apparently gotten their account hacked while they were using the new Blizzard Authenticator key, and it raised a lot of questions in players' minds about the only hardware Blizzard's ever made: just what does the Authenticator do to protect players' accounts? Have Authenticators actually prevented accounts from being hacked? And what would it take to, through social engineering or other methods, actually remove an Authenticator from an account?

At the time we published that first story (which was later disputed by a customer support representative), Blizzard contacted us here at WoW Insider, offering to clear up players' concerns about the new keys. We quickly submitted to them a few questions pulled from our own writers and a few submitted by readers, and they've now returned the answers to us -- you can find Blizzard's answers to our questions about the Authenticator after the break. Thanks to Blizzard for answering our questions about how these keys work, and clarifying some of the issues around their security.

Read more →

Filed under: Blizzard, Interviews, Hardware, Account Security

Authenticator failure revisited, Blizzard responds

We created a lot of waves with this post about Blizzard's Authenticator key allegedly failing -- as you know if you've been listening to the podcast, lots of people have emailed us with their own input on the situation, alternately thanking us for making it known that the Authenticator wasn't 100% secure, and lambasting us for being "ignorant" about how Blizzard's security token works. At the base of the story, there are two things we know are true: that someone was using the Authenticator on their account, and then was subsequently hacked. For that reason, we've stood by the "Authenticator fails" story -- while having an Authenticator on your account is a helpful line of defense, it, like all other computer security measures, isn't a 100% guarantee against getting hacked.

Most people agree on that. Where opinions differ are in how the account was hacked -- originally, we and a few other sources speculated that the Authenticator had been somehow removed from the account in question. But now Belfaire has responded (we believe to the incident in question, though a link to our story was removed from the original post), and says that as far as he can tell, the Authenticator was not removed from the account. In fact, after the password was changed back, the Authenticator's serial key was asked for and given, so the Authenticator remained attached to the account the whole time.

Of course, that just leaves the most important question: how did the account get hacked? We've heard all kinds of various insights as to how the Authenticator works (it only lasts for 60 seconds, supposedly each key can only be used once, so there's no way a keylogger could nab the Authenticator code and reuse it), but the fact remains that the person we're talking about was using the key, and still got hacked. One hack out of all the Authenticators sold so far is a terrific record, and could prove that, statistically, an Authenticator is good as 100% security. But the fact remains that this person got hacked while using the key (however it was done), and if security can be broken once, it will be broken again.

Filed under: Items, Analysis / Opinion, Blizzard, News items, Account Security

Authenticator fails, removed from account without user's permission

Editor's Note: This entire situation has been debunked. The authenticator was not hacked, compromised, or forcefully removed. The account had been shared, and the authenticator along with it. Authenticators do not offer any security if you give it away. If you're worried about other account security myths, our own Michael Sacco has tackled them in a mythbusting series.

Think a Blizzard Authenticator will keep your account from being hacked? Think again -- we've got our first known report of someone who was protecting their account with one of Blizzard's keys, and still got their character hacked down to their undies. Someone in this forum thread apparently logged out one night and logged on the next morning to find her account stripped of everything but PvP gear, and her Authenticator no longer connected to her account.

Supposedly, to deactivate an Authenticator from an account, you need to get in touch with Billing services, and reportedly they'll then ask for a notarized statement with a picture, like a driver's license, just to remove the Authenticator. But obviously, this one was removed even without that, and we're being told that all you might need to remove the Authenticator is the answer to the user's secret question and a CD key (or even less). In other words, the fault isn't with the technology, it seems to be with the support reps on Blizzard's side of the phone line -- if they can be convinced to remove the Authenticator, the account can then be hacked.

The little keys have been selling like hotcakes since they were released -- almost everyone has figured that $6.50 was cheap for peace of mind. But while an Authenticator still does provide an extra step in security, the sad truth is that it hardly makes an account impermeable.

[Via BRK]


Filed under: Analysis / Opinion, Blizzard, Forums, Account Security

Another blow in the keylogging experience


Thank you all for the encouragement I received in response to my recent keylogging experience. As a whole the experience was just dreadful. As I mentioned on last week's WoW Insider Show podcast, I am still afraid every time I log in that I will get the "The information you have entered is not valid" error. For the most part things have settled down, but the fear remains.

The worst part of the keylogging episode was that my Shaman was transferred from a PvP to PvE server. After about a week in limbo my beloved Tauren was returned to her proper place. I was extremely relieved. Unfortunately that's the only thing on my account that Blizzard was kind enough to restore. They refused to return any of my gear or gold and did nothing about the items ninjaed from the guild bank. I appealed their decision with several emails. Those appeals were ubiquitously denied despite logical arguments and heart-filled plights. I thought it was all over, for better or for worse.

I got more bad news in my email box the other day:

Read more →

Filed under: Odds and ends, Blizzard, Forums

WoW Insider Show Episode 26: Badges, Blizzard and buffs


This past Saturday the WoW Insider Show welcomed Amanda Dean and Adam Holisky on, as well as myself and Turpster, for the 26th episode of our podcast on WoW Radio. Despite some lackluster, if I may say so, email from readers (you can send us some better emails at theshow@wow.com), we charged through and got a lot of good discussion done:
All in all, good show, and you can listen to it right now over on WoW Radio's website. You can also subscribe to our podcast in iTunes if you so choose, and we'll be back at it again next weekend -- every Saturday at 3:30pm EST. Enjoy the show!

Filed under: Shaman, Analysis / Opinion, WoW Insider Business, Blizzard, WoW Insider Show

WoW Insider Show 

Subscribe via  iTunes for our latest show.

Hot Topics


 

Upcoming Events

Event Date
WoW's 10th Anniversary 11/21 - 1/5
Pilgrim's Bounty 11/24 - 12/1
Darkmoon Faire 12/7 - 12/14
Feast of Winter Veil 12/16 - 1/2

Around Azeroth

Around Azeroth

Featured Galleries

It came from the Blog: Occupy Orgrimmar
Midsummer Flamefest 2013
Running of the Orphans 2013
World of Warcraft Tattoos
HearthStone Sample Cards
HearthStone Concept Art
Yaks
It came from the Blog: Lunar Lunacy 2013
Art of Blizzard Gallery Opening

 

Categories