Skip to Content

WoW Insider has the latest on the Mists of Pandaria!

Posts with tag Hackers

The Lawbringer: The system is down

Pop law abounds in The Lawbringer, your weekly dose of WoW, the law, video games and the MMO genre. Running parallel to the games we love and enjoy is a world full of rules, regulations, pitfalls and traps. How about you hang out with us as we discuss some of the more esoteric aspects of the games we love to play?

For PlayStation Network users, this past week has been a harrowing one. The security breach and subsequent dismantling of the online network was a huge blow to Sony, which prided itself on being able to provide the service free of charge and expand into sales, downloads, and everything else synonymous with a next-gen online network. This past week's events, however, prove that these networks are fragile and have everyone asking the question, "What is next?"

What would happen if World of Warcraft were down for a week -- not due to some prescribed downtime or voluntary upgrades, mind you, but a comprehensive security breach that affected every single member of our online community? From the PlayStation Network incident, we can see the hostile environment that these security breaches foster, from political ramifications to financial consequences and even legal trouble. Shall we muse about the stability of online networks?

Read more →

Filed under: Analysis / Opinion, The Lawbringer

Blizzard announces automated account recovery form for hacked accounts


World of Warcraft accounts have been under siege for years, with hackers and gold-selling outlets stealing passwords, items and more to fill their coffers, selling that gold to unwitting buyers. Blizzard has fought back incessantly over the years to stem the tide of gold farming and account hacking, and as you can imagine, the scale at which this happens is very tasking on its customer support department.

Blizzard has just announced a new, speedier way to get help and answered about your hacked account, stolen items, authenticator issues and more! Now, under the new system, you will not have to email or call Blizzard to get these matters into its queue -- simply use the Account Recovery Form.

Read more →

Filed under: News items, Account Security

Email confirmation added to authenticator setup to foil hackers

For a while now, account thieves have been putting authenticators on their stolen accounts to buy more time for their scumbaggery. Blizzard has recently made that more difficult by requiring email confirmation when an authenticator is added to a Battle.net account. Rather than just logging in and putting in the appropriate information, you now have to follow the steps in a confirmation email sent to the address registered in your Battle.net account.

Note: Changing the email address on the account requires not only your password (which the account thieves already have at this point) but also the answer to your security question. So make sure the answer to your security question is not guessable or obtainable by any phishing information. As I have suggested before, if you use a password for your security answer rather than an actual answer, you are adding a very thick level of security. Make it a separate password you use just for security questions, like p45sw0rd (don't use that one).

We don't know how long ago Blizzard added email confirmation The email confirmation has been active since July 27 and we believe it will reduce the workload of Blizzard's customer service. More importantly, this will make getting your account back less painful.

Of course, the best way to prevent someone from stealing your account and then adding an authenticator to it is to put an authenticator on it yourself. There are keyfob and mobile versions available.

[Thanks for the tip, Joel!]

Filed under: Blizzard, News items, Account Security

Why Blizzard can't (and won't) sell gold

In any discussion concerning botting, farming, hacking, or gold-buying, someone inevitably makes the argument that Blizzard should cut out the middlemen and sell gold to players themselves. I wanted to use this article to explain why this would not necessarily be a good idea. We don't need to get into the legal situation, or examine why assigning a real-world price to in-game currency edges us closer to a world where in-game property can be taxed. All I have to do is tell you a story from the not-too-distant past that involves:

  1. Prices that would make Zimbabwe look like a model of inflationary restraint, and:
  2. What happens when money -- in this case, gold -- loses meaning.

Read more →

Filed under: Analysis / Opinion, Blizzard

Debunking another hacked authenticator story

One of our readers, Bill, sent us a tip about a WoW account issue on The Consumerist. It seems that the ownership of Anonymous's friend's account is under dispute and Blizzard won't let him use it in the meantime. The ownership became disputed after the account was allegedly hacked, even though there was allegedly a mobile authenticator on the account. His friend has given up on the account, complete with Val'anyr, and has created a new one.

We can't confirm any of the facts in this case. I am willing to believe that Anonymous is truly upset and believes the story he tells to be true, even though he is posting anonymously. There are some serious red flags, however, that seem to point to Anonymous not having all of the facts:

Read more →

Filed under: Analysis / Opinion, Account Security

The Queue: Nuts and bolts

Oh boy. Most of us are the walking dead after BlizzCon, but let's get back to something resembling normalcy with a Queue. We're going to start off today with an important matter concerning authenticators and account security, then move on to a bit of WoW.com business and Onyxia. I'd also like to direct attention to two really good comments from the last column re: technical issues, Shadow's and Logarth's.

Zerounit asks...

I recently got an Authenticator in the mail and I noticed something while I was inspecting it: there appears to be no way to open it short of cracking it open with large objects. Is there a battery life on these? If it stops giving me my magic codes, will I have to get a new one?

I got an authenticator for my own use recently and have to admit I hadn't thought to look into the battery life, which is a very good question indeed. A dead authenticator means you have no way of getting into the game (or even into your online account) without official help from Blizzard.

Turns out the little security doodads are manufactured by a company named Vasco, and after poking around their website, I'm reasonably certain that Blizzard authenticators are a variant of Vasco's DIGIPASS GO 6 model. What makes me so sure? The GO 6 model page is the only one accompanied by an article on fraud and hacking in online gaming. They don't come right out and say that Blizzard is a customer, but unless Hello Kitty Online is a bigger hive of scum and villainy than even we gave it credit for, you don't have to be a genius to figure out that World of Warcraft figures prominently in MMORPG account theft.

Read more →

Filed under: Analysis / Opinion, Features, Account Security, The Queue

WoW Rookie: Keeping your account safe and sound


New around here? WoW Rookie points WoW's newest players to the resources they need to get acclimated. Send us a note to suggest a WoW Rookie topic.

It doesn't take keyboard gymnastics to prevent your account from getting hacked. As a new player, you're bound to be concerned – and if you do any digging at all, you're also bound to uncover a tangle of acerbic, rather arcane-sounding comments (many of them on posts right here at WoW Insider) about what operating systems, browsers and browser add-ons are most secure.

You really don't have to change your entire computer system simply to keep your WoW account safe. This week, WoW Rookie rounds up a selection of WoW Insider posts that show you how (and why) to keep your WoW account from being hacked and prevent your computer from spilling its beans to the world at large.

Read more →

Filed under: Features, WoW Rookie, Account Security

Account security is your responsibility, not Blizzard's

PlayNoEvil recently published an article explaining why they think it is that hackers target gamers by stealing their passwords and other account information.

While there is some truth in the premises offered, articles like this one only serve to fuel conspiracy rumors and encourage players to think of themselves as victims rather than take responsibility for their own account security.

Gaming companies do place some of the blame for a compromised account on the account holder, and for good reason. The hacker certainly didn't gain access to your computer because of their actions, and their computers that store your information are as yet untouchable.

The browsers you use, sites you visit, firewall settings, anti-virus software and update practices are just a few of the ways that you contribute to your own hacking experience.

Sharing your account information with your lover, best friend and mother may sound safe, but you don't control the security of their computers, or their friends' computers. The majority of people I know who have been hacked signed into their accounts on their sibling's computer or a publically shared machine.

In fact, NASA ended up with a keylogger targeted at gamers on the International Space Station. It traveled aboard on the laptop of one of the astronauts. You just can't trust any computer that isn't your own.

It may be hard to hear, but a hacked account is because of something you did, whether it was an unfortunate stroke of luck, such as stumbling onto a redirect on a legitimate website in the small window before the site addresses it, or a serious oversight in security on your part.

Read more →

Filed under: Analysis / Opinion, Blizzard, Add-Ons, Account Security

Forum post of the day: Hilarious scam email

Have you ever wondered what one of those fake emails from "Blizzard" look like? The nastier ones are copies of real Blizzard emails, with the links subtly changed. Other scam emails are a bit more transparent, however.

While we've identified some red flags for you before, let's add a few more, shall we?

If the email refers to the patch you "must" download as "a mod one" then it might not be real.

If they have moved said patch to an external website, then you might want to worry.

If the reason for the move is because, "recently, Hackers have been trying to crack our folders and steal every future project" then it is time for you to roll on the ground laughing. Just hope that Hackers don't team up with the Boogeyman, or Terrorists!

If you are referred to as one of their "lovely members who do not understand" you should get a medal, really. Their repetitiveness is dizzying. Luckily, they will "explain it shortly" for you. I think someone needs a thesaurus (or a brain).

Read more →

Filed under: Humor, Wrath of the Lich King, Forums, Account Security, Forum Post of the Day

Authenticator ordering leads to unexplained refunds

We've already reported that the Blizzard Authenticator is sold out, but here's another twist to the story. WoW Insider reader Ryan told us that he placed his order last Monday, before the sell out was announced.

However, instead of getting his Authenticator, he instead got an unexplained refund. With no other word from Blizzard, they simply canceled the order and refunded the money. He talked to a coworker who had also ordered the Authenticator and found that he had the same experience. As of yet, Blizzard has not explained the refund to him.

It's likely that Ryan was simply unlucky enough to place his order after they'd sold out but before they'd officially announced it, but there's other somewhat unfortunate implications. If they're refunding his order instead of honoring it, it suggests that they don't expect to have any new Authenticators ready for quite some time.

Read more →

Filed under: Analysis / Opinion, Blizzard, News items, Hardware, Account Security

WoW Ace Updater ad banners may contain trojans, claim some users

While the Incgamers malware problem is fixed, it looks like there's another malware flare up in the world of addons. The WoW Ace Updater, according to many users, may be passing off a trojan from an ad in the guise of an antivirus program. The program, called Winfixer, pops up in a window and (in some cases automatically) installs malware while claiming your computer is compromised and that you need to buy the full retail version to fix it. It can be detected and removed by Spybot Search and Destroy and Vundofix, and Symantec includes instructions on how to manually remove it here.

Wowace.com site owner Kaelten has disabled the ads on WoW Ace Updater completely for now, and is talking to his Ad provider to find out what went wrong and which ads might be causing problems.

This isn't the first time a popular WoW site has had trouble with trojans in ads, and unfortunately, it is unlikely to be the last. Kaelten seems to be on top of it, though, so hopefully he'll get to the bottom of these claims. Since the ads are currently disabled, the program itself should already be safe to use. If you're feeling a bit skittish, though, you can check out some of Sean's recommendations for other upgrade programs here.

I should note that, being a religious user of WoW Ace Updater myself (I run it at least a good 5 times a week), I just made sure to scan my computer with the aforementioned Spybot Search and Destroy as well as AVG Free Edition. According to those programs, It has a clean bill of health.

Filed under: Analysis / Opinion, News items, Add-Ons, Account Security

Incgamers.com malware mixup fixed

Yesterday, I reported to you that Google (via Stopbadware.org) had marked wowui.incgamers.com (which redirects to wowui.worldofwar.net) as a bad site. Today, the site is reported as clean according to the same report (you can check it out here).

Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning.

Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.

Filed under: News items, Add-Ons, Account Security

Wowui.incgamers.com invaded by malware?


Here at WoW Insider, we've noticed an unusual and disturbing glut of people having trouble with being keylogged or otherwise hacked soon after installing new addons lately (which wouldn't be a surprise -- lots of people were grabbing addons after patch 2.4, so that makes them a likely route for attackers). While it's too early to make any definite connections, It seems like there's one new lead that's just popped up: popular addon site wowui.incgamers.com (not linked for obvious reasons) is apparently passing off bad files, according to reports from Stopbadware.org and other anonymous sources.

If you've been using the site for your addons, especially in the past week or so, it might be a good idea to exercise some caution and run your favorite anti-virus or anti-malware program. The site has already been in trouble recently with reports that their UICentral addon updater (now discontinued) was using copyrighted code, and now it looks like there's more trouble abrewing for them.

Update: Wowui.incgamers not infested with malware. Full story here.

Filed under: News items, Add-Ons, Account Security

Anti Keylogger Shield may offer some protection for your account

Hackers are getting more and more brazen lately, hiding various trojans and keyloggers not only in random forum links, but in ad banners and even in electronic devices. Even common sense avoidance of suspicious links and websites doesn't always seem to work anymore. Luckily, there are other tools you can use, such as the Noscript extension for the Firefox browser. Lifehacker reported on a new one yesterday as well: Anti Keylogger Shield for Windows.

This freeware program purports to work not by blocking installation of keyloggers, but by preventing them from logging your keys once installed. Lifehacker tested it by loading a keylogger and reported that it seemed to work, at least in that case, as the keylogger's log file was completely empty.

Of course, you probably shouldn't just install this program and go off clicking strange links willy nilly, but it does look like it could be one more line of defense in the ever escalating battle to protect your computer and your account from those who would steal it. Plus, it's free, so that's even better.

[Thanks for the forward, DrDiesel!]

Filed under: Odds and ends, Account Security

WoW Rookie: Account Security Basics

Recently we've had several posts about being hacked, guild banks assaulted, and Blizzard's typical response. The Customer Service Forum is filled with threads started by desperate World of Warcraft players seeking the return of their accounts and belongings as a gesture of goodwill. It is our responsibility to keep our accounts safe from hackers.

I speak from experience when I say that being hacked is just dreadful. Although it is usually possible to have your account returned, there is usually significant damage done in the process. In the past, even Blizzard employees have had their accounts compromised. This post is designed to help you do the best you can to protect your World of Warcraft investment.

Read more →

Filed under: Tips, How-tos, Blizzard, Features, WoW Rookie, Account Security

WoW Insider Show 

Subscribe via  iTunes for our latest show.

Hot Topics


 

Upcoming Events


Around Azeroth

Around Azeroth

Featured Galleries

It came from the Blog: Occupy Orgrimmar
Midsummer Flamefest 2013
Running of the Orphans 2013
World of Warcraft Tattoos
HearthStone Sample Cards
HearthStone Concept Art
Yaks
It came from the Blog: Lunar Lunacy 2013
Art of Blizzard Gallery Opening

 

Categories