Skip to Content

WoW Insider has the latest on the Mists of Pandaria!

Posts with tag Hacker

Blizzard update on dangerous Trojan

WoW Insider reported recently on a dangerous Trojan that was, at the time, not removable by any known antivirus program. Vigilance was advised by the Customer Support agents, and logs from anyone who was affected by the Disker trojan were requested. Thanks to the hard work of the Blizzard Support MVPs, a solution has been found.

Kaltonis
Our pleasure!

To summarize for those of you that haven't read the green posts:

-The trojan is built into a fake (but working) version of the Curse Client that is downloaded from a fake version of the Curse Website. This site was popping up in searches for "curse client" on major search engines, which is how people were lured into going there.

-At this point, it seems the easiest method to remove the trojan is to delete the fake Curse Client and run scans from an updated Malwarebytes. Should you still have issues, there is a more manual method that Ressie posted earlier in the thread.

-Thanks to Ressie's efforts, most security programs should be able to identify this threat shortly, if not by the time I type this.

-If you were compromised, follow the instructions here and we'll do our best to set everything right (as we always do).

-For those of you interested in these MitM style attacks, this is the only confirmed case we've seen in several years outside of the "Configuring/HIMYM" trojan in early 2012 that hit a handful of accounts. These sort of outbreaks are annoying, but an Authenticator still protects your account 99% of the time. Stay safe!

Filed under: Account Security

Breakfast Topic: Hacked off by hackers

This Breakfast Topic has been brought to you by Seed, the Aol guest writer program that brings your words to WoW.com.

Hacked! It is not fun, and it happens more than anyone would like to admit. Gear, gold and pride, all pilfered by some stranger.

It starts with a simple email from Blizzard. Hmmm, it's my first-ever email from Blizzard that causes immediate concern. It says that my account has been "banned and deleted" for buying or selling in-game gold for profit. I am stare at it in shock for a minute ... Is this a joke? My heart starts racing. I run back to my office computer to figure out what to do, and my head starts spinning in confusion. My immediate emotional response catches me off guard ... My head starts to pound. All that work, all that time, all the friends ... just gone ...

And then the high-level anger sets in, as logic begins to prevail. Wait, I never bought gold. I never even considered it! What is going on? I jump online and write an appeal with blazing speed, fueled by my troll rage. In retrospect, this was not exactly the smartest move and probably served to delay my account restoration. I recall that it read something like this ...

Read more →

Filed under: Breakfast Topics, Account Security, Guest Posts

Why Blizzard can't (and won't) sell gold

In any discussion concerning botting, farming, hacking, or gold-buying, someone inevitably makes the argument that Blizzard should cut out the middlemen and sell gold to players themselves. I wanted to use this article to explain why this would not necessarily be a good idea. We don't need to get into the legal situation, or examine why assigning a real-world price to in-game currency edges us closer to a world where in-game property can be taxed. All I have to do is tell you a story from the not-too-distant past that involves:

  1. Prices that would make Zimbabwe look like a model of inflationary restraint, and:
  2. What happens when money -- in this case, gold -- loses meaning.

Read more →

Filed under: Analysis / Opinion, Blizzard

How to tell if a GM is whispering you

A guildie got the above whisper Tuesday night. (I have blocked out the website so as not to promote this phishing attempt.) We have reports of this happening to a lot of people in-game right now as yet another attempt to get you to go to a site, so they can steal your login info and defile your characters.

Let's dissect the above whisper:
  • It's one whisper made to look like two. This will work if your chat settings match the scammer's chat settings, but if you've fiddled with your font or chat window, then the formatting will be off and the scam will be more obvious.
  • The whisper is from a garbage name. All "players" I've seen with random characters have been scammers or gold selling barkers. So anything after such a name should be considered highly suspect.
  • It says [Game Master]GM. The scammers aren't even trying here. Blizzard GMs have names and have <GM> before their names.
  • It sends you to a non-Blizzard site. Don't go to any website you get in tells or in-game mail as a general rule. If you have received a ban of any kind, you will receive an email to the account you have on file with your subscription info.

Read more →

Filed under: Analysis / Opinion, Account Security

Play safe because a trojan can get you banned

Remember that "non-personal system information" that Blizzard said they are searching for? Part of it is a search for keyloggers, trojans and viruses that affect WoW. If the system check finds one of those on any of the computers you are using, Blizzard will ban your account for 24 hours so that you can get it fixed.

When this happened to a guildie, I must admit I was skeptical. Blizzard scans for viruses? And then sends an email that sounds suspiciously similar to the various phishing emails out there? But my friend sent me a copy of the email and described the whole process to me and I am a believer. Blizzard has some issues it needs to resolve with how it is handling this, however.

Read more →

Filed under: Analysis / Opinion, Blizzard, Account Security

The Queue: Nuts and bolts

Oh boy. Most of us are the walking dead after BlizzCon, but let's get back to something resembling normalcy with a Queue. We're going to start off today with an important matter concerning authenticators and account security, then move on to a bit of WoW.com business and Onyxia. I'd also like to direct attention to two really good comments from the last column re: technical issues, Shadow's and Logarth's.

Zerounit asks...

I recently got an Authenticator in the mail and I noticed something while I was inspecting it: there appears to be no way to open it short of cracking it open with large objects. Is there a battery life on these? If it stops giving me my magic codes, will I have to get a new one?

I got an authenticator for my own use recently and have to admit I hadn't thought to look into the battery life, which is a very good question indeed. A dead authenticator means you have no way of getting into the game (or even into your online account) without official help from Blizzard.

Turns out the little security doodads are manufactured by a company named Vasco, and after poking around their website, I'm reasonably certain that Blizzard authenticators are a variant of Vasco's DIGIPASS GO 6 model. What makes me so sure? The GO 6 model page is the only one accompanied by an article on fraud and hacking in online gaming. They don't come right out and say that Blizzard is a customer, but unless Hello Kitty Online is a bigger hive of scum and villainy than even we gave it credit for, you don't have to be a genius to figure out that World of Warcraft figures prominently in MMORPG account theft.

Read more →

Filed under: Analysis / Opinion, Features, Account Security, The Queue

Popular scams and how to avoid them


We have a lot of reports of scams coming in to our tip line and many of us are receiving the same phishing emails you are. Even Scott Kurtz from PvPOnline was tweeting about getting one the other day. These scams can be initiated via email to any one of your email addresses. Or they may start in game. Regardless of where they attack you, most of the scams require some form of social engineering to get your info and therefore access to your in-game valuables.

What is social engineering? Social engineering is manipulating victims to volunteer personal information about themselves in order to perpetrate a con, scam, fraud, etc. If you have seen the movie Groundhog Day, then you have seen a very good example of it. Phil, a television weatherman, is living the same day over and over. One iteration of his morning, he asks an attractive woman her name, where she went to highschool and her English teacher. The next iteration of his morning, he "accidentally" runs into her and pretends to know her from highschool, resulting in her going to bed with him.

Read more →

Filed under: Analysis / Opinion, Account Security

The truth about Authenticators [Updated]

After getting a glimpse into the operations and motivations of a scammer, a lot of questions have arisen about the Authenticator. Can it be circumvented? Briefly and with your help, yes. Is having an Authenticator worth the hassle? Absolutely. These are just quick answers, and this is a topic worthy of more in-depth questions and long answers.

What is the Authenticator?

The Authenticator is a small device (pictured right) or an iPhone/iPod Touch app that can be tied to your account and provide an extra layer of security. The application is free, but the physical Authenticator costs $6.50 with free shipping in the U.S. They are also available in other countries.

How does it work?

The Authenticator generates a code that you must enter after entering your username and password when logging into WoW or when accessing your account management screens. This code is a one use code that is valid only for a limited time. But it is valid for longer than it lasts on the Authenticator. A new code is generated every few seconds, but an unused code is valid for longer than that (I'm not sure how long). For more details about how the Authenticator works, please read our interview with Blizzard.

Read more →

Filed under: Analysis / Opinion, Account Security

Beware of Blood Elves selling mounts


A friend of mine recently got hit by a pretty devious phishing scam targeting wealthy (in-game) players looking to make legitimate purchases. My friend, we'll call him Cobra, was in a major city when an offer in the Trade Channel caught his eye. A player, we'll call him Bubbles, was offering a Spectral Tiger Mount for 5000 gold. Since this mount is only available as a code on a rare loot card, Cobra contacted Bubbles to inquire. Purchasing codes for in-game items with in-game cash is perfectly legitimate, according to Blizzard, so Cobra did not worry about going against the TOS with this transaction.

Bubbles, a level 78 Blood Elf Mage, seemed legitimate. For one thing, he was not a throwaway low level character. Also, he didn't want to take the cash then, but just see it in a trade window to make sure Cobra was in possession of it. So Cobra gave Bubbles his email address only and waited for the email that included the code and a link to where to input the information.

Read more →

Filed under: Mounts, Account Security

Wealth category removed from Armory statistics

The Armory was updated with achievement and statistic tracking last week to accompany the new game features introducted in patch 3.0.2, along with tools to compare your achievements and stats to other players on your realm. There was a lot of concern over someone the things displayed out in the open for all to see such as the Wealth stat. How much gold you've had, how much you have, things like that. Players felt it made them into targets of sorts, figuring hackers, scammers and phishing sites would focus fire a little more. Heck, some people were just plain uncomfortable with other players seeing their gold stores.

It looks like Blizzard actually agrees in this case. If they don't agree, at least they were feeling a little sympathy and wanted to calm some nerves. The Wealth category has been removed completely, and while you can still check up on other achievements and stats, you don't get a free look into someone's money bags anymore. I don't know that how much gold you have on display actually had an effect on who scammers target or not, but it's not like it was important information anyway and you might as well be more safe than sorry. Some stats are fun to see and compare, but I don't know that gold is one of those stats.

Filed under: Analysis / Opinion, Blizzard, Account Security

WoW Insider Interview: Blizzard speaks about Authenticator security


About a month and a half ago, we reported on the story of a player who had apparently gotten their account hacked while they were using the new Blizzard Authenticator key, and it raised a lot of questions in players' minds about the only hardware Blizzard's ever made: just what does the Authenticator do to protect players' accounts? Have Authenticators actually prevented accounts from being hacked? And what would it take to, through social engineering or other methods, actually remove an Authenticator from an account?

At the time we published that first story (which was later disputed by a customer support representative), Blizzard contacted us here at WoW Insider, offering to clear up players' concerns about the new keys. We quickly submitted to them a few questions pulled from our own writers and a few submitted by readers, and they've now returned the answers to us -- you can find Blizzard's answers to our questions about the Authenticator after the break. Thanks to Blizzard for answering our questions about how these keys work, and clarifying some of the issues around their security.

Read more →

Filed under: Blizzard, Interviews, Hardware, Account Security

Buying gold is not a victimless crime

For many reasons I've never felt compelled to buy gold or pay for leveling on World of Warcraft. So I had no idea how the process worked. We got a tip from Kyron of Andorhal about a friend whose account was hacked. In addition to having all of his gear and gold stripped from his characters, he had 2 emails in the inbox for cheap items that he'd purchased off the auction house that the hacker had purchased for 500 gold a piece.

They recorded the name of the seller from the auction house and confronted him when he next came online. It turns out that person wasn't a gold seller but a gold buyer. He'd been told to put Coarse Thread on the AH at the 500 gold rate and would receive his gold when the hacker purchased the ridiculously priced item.

I didn't know how gold-buying worked, but this sounds like a way to exchange gold easily. This is something that blizzard could check into pretty easily. While sometimes players make strange prices in order to dupe would-be buyers, something like Coarse Thread would go unnoticed because most players wouldn't look for such items on the auction house.

Read more →

Filed under: Analysis / Opinion, Cheats, Making money

WoW Rookie: Account Security Basics

Recently we've had several posts about being hacked, guild banks assaulted, and Blizzard's typical response. The Customer Service Forum is filled with threads started by desperate World of Warcraft players seeking the return of their accounts and belongings as a gesture of goodwill. It is our responsibility to keep our accounts safe from hackers.

I speak from experience when I say that being hacked is just dreadful. Although it is usually possible to have your account returned, there is usually significant damage done in the process. In the past, even Blizzard employees have had their accounts compromised. This post is designed to help you do the best you can to protect your World of Warcraft investment.

Read more →

Filed under: Tips, How-tos, Blizzard, Features, WoW Rookie, Account Security

Another blow in the keylogging experience


Thank you all for the encouragement I received in response to my recent keylogging experience. As a whole the experience was just dreadful. As I mentioned on last week's WoW Insider Show podcast, I am still afraid every time I log in that I will get the "The information you have entered is not valid" error. For the most part things have settled down, but the fear remains.

The worst part of the keylogging episode was that my Shaman was transferred from a PvP to PvE server. After about a week in limbo my beloved Tauren was returned to her proper place. I was extremely relieved. Unfortunately that's the only thing on my account that Blizzard was kind enough to restore. They refused to return any of my gear or gold and did nothing about the items ninjaed from the guild bank. I appealed their decision with several emails. Those appeals were ubiquitously denied despite logical arguments and heart-filled plights. I thought it was all over, for better or for worse.

I got more bad news in my email box the other day:

Read more →

Filed under: Odds and ends, Blizzard, Forums

Your Christmas gift could be hacking your WoW account


Hackers seem to be trying more and more ways to get legitimate accounts out of players hands and working to steal and farm more gold, but if you think they've had some sneaky schemes in the past, you ain't seen nothing yet. Our colleagues at Massively have a story that's both amazing and disturbing at the same time.

A lot of geeks found a digital photo frame under the tree this year. Seems like a good idea, I'm sure a lot of us have a pretty large collection of digital photographs stored on memory cards and flash drives that we just haven't quite gotten around to printing for display.

Unfortunately, certain frames sold at Best Buy, Target, Costco and Sam's Club come with an extra undocumented feature, in that they have a nasty little bug that's being dubbed Mocmex. The bug can burrow its way into your computer, latch itself in, and sniff out account information. It doesn't seem to affect Linux or Macs, at least not in its current form, but right now there doesn't seem to be a single manufacturer or frame type that's infected, so the origin of the bug hasn't been nailed down.

If you think you've got one of the infected picture frames, Massively recommends contacting the SANS institute and calling the store where the frame was purchased. You can check their story for the contact information.

The upside of this, I suppose, is that if the farmers are starting to branch into using peripherals to steal our accounts, they may be getting pretty desperate. The downside is, when we have people who practice safe web browsing and keep a clean computer getting bitten, like our Amanda Dean for example, we could be in some trouble. With any luck, all the major virus programs will have a cure for Mocmex and programs like it soon. In the meantime, it looks like we'll have to be extra careful about what we install on our computers, and make sure our anti-virus programs and firewalls are up to date.

Filed under: Bugs, News items, Economy, Hardware

WoW Insider Show 

Subscribe via  iTunes for our latest show.

Hot Topics


 

Upcoming Events

Event Date
WoW's 10th Anniversary 11/21 - 1/5
Pilgrim's Bounty 11/24 - 12/1
Darkmoon Faire 12/7 - 12/14
Feast of Winter Veil 12/16 - 1/2

Around Azeroth

Around Azeroth

Featured Galleries

It came from the Blog: Occupy Orgrimmar
Midsummer Flamefest 2013
Running of the Orphans 2013
World of Warcraft Tattoos
HearthStone Sample Cards
HearthStone Concept Art
Yaks
It came from the Blog: Lunar Lunacy 2013
Art of Blizzard Gallery Opening

 

Categories