Skip to Content

WoW Insider has the latest on the Mists of Pandaria!

Posts with tag hacking

Blizzard bans 320,000 WarCraft III and Diablo II players

Blizzard appears to be cleaning house in preparation for its StarCraft II release as well as its Battle.net revamp. In a recent announcement on the service's forums, Blizzard rep Bashiok revealed that over 300,000 accounts were punished for violations of the terms of service for Warcraft III and Diablo II for using hacks and illegal third-party tools (which are essentially hacks).

For those of you who have had past experience with Battle.net, these numbers probably don't surprise you. The network has had a long reputation of being fairly easy on people using hacks as Blizzard tends to save up over a long period of time in order to do a massive batch of bans at once. This means that those who are using hacks have a long period of time to abuse the system before anything is done about it. The hacks for some games were rampant enough that other players began using hacks that detect other hacks. Regardless of the reason behind using a hack, it is still against the terms of service and means if you get caught, you're out.

Read more →

Filed under: Cheats, Blizzard, News items, Account Security

Why Blizzard can't (and won't) sell gold

In any discussion concerning botting, farming, hacking, or gold-buying, someone inevitably makes the argument that Blizzard should cut out the middlemen and sell gold to players themselves. I wanted to use this article to explain why this would not necessarily be a good idea. We don't need to get into the legal situation, or examine why assigning a real-world price to in-game currency edges us closer to a world where in-game property can be taxed. All I have to do is tell you a story from the not-too-distant past that involves:

  1. Prices that would make Zimbabwe look like a model of inflationary restraint, and:
  2. What happens when money -- in this case, gold -- loses meaning.

Read more →

Filed under: Analysis / Opinion, Blizzard

Debunking another hacked authenticator story

One of our readers, Bill, sent us a tip about a WoW account issue on The Consumerist. It seems that the ownership of Anonymous's friend's account is under dispute and Blizzard won't let him use it in the meantime. The ownership became disputed after the account was allegedly hacked, even though there was allegedly a mobile authenticator on the account. His friend has given up on the account, complete with Val'anyr, and has created a new one.

We can't confirm any of the facts in this case. I am willing to believe that Anonymous is truly upset and believes the story he tells to be true, even though he is posting anonymously. There are some serious red flags, however, that seem to point to Anonymous not having all of the facts:

Read more →

Filed under: Analysis / Opinion, Account Security

Help! My account has been hacked!

There are so many scams going around like the Catclysm Alpha invite and the WoW Armory phishing site, that people's accounts are getting stolen more than ever. With all of the work that Blizzard has to do to keep up with the problem, it's no wonder they are offering the fast solution of care packages. We've talked about how to avoid scams as well as how to protect yourself. Here is a guide as to what to do if your account gets stolen.

Important note: The following guide assumes that you have not put an Authenticator on your account. There are no confirmed cases of accounts being stolen if they are protected by an Authenticator.

Read more →

Filed under: Blizzard, Account Security

Man imprisoned on fraud and theft charges over account selling scam

According to The Associated Press, 23 year old Christopher H. Bouffard accepted $760 in 2008 from at least two people in exchange for WoW accounts. Bouffard then failed to turn over the agreed upon accounts, leading to a police investigation. He has now been charged with two counts of grand theft and one count of scheming to defraud. Bouffard is currently being held in jail until he is able to post a $20,000 bail.

While defrauding people and taking their money isn't anything new, getting busted over it while selling WoW accounts is. From what we understand, the arrest is not for the actual trading and selling of accounts, but for the fraud that went on in the process. The fraud in this case is a criminal matter with very real implications for Mr. Bouffard, whereas the buying and selling of WoW accounts is against the agreed upon Terms of Service, but not against any criminal code.

We've been hearing a lot about misbehaving WoWers lately, from the cougar who ran off with a fifteen year old boy, to Blizzard helping international authorities track fugitives online. This appears to be just the latest in a string of cases for Jack "Hang 'em High" McCoy to lay some law and order down on.

Filed under: News items, Account Security

In defense of care packages and mandatory authenticators

If you read WoW.com with any regularity, you probably saw and read our pieces on Friday discussing some rather curious policies Blizzard has recently instituted. There are two in particular that I'd like to discuss further: The care package for hacked accounts and the possibility of mandatory authenticators.

First, how many of you have had your accounts stolen, or know someone that had theirs stolen? Chances are good every single person that reads this post will raise their hand to that question. The problem is not a small one. I'm in a rather large guild, and every few weeks someone has their account stolen and the little bits of our guild bank they have access to go with them. My large guild is also just one guild in a larger guild alliance which suffers the same problems. Every two weeks or so, someone I see online on a regular basis gets their account stolen.

Read more →

Filed under: Analysis / Opinion, Blizzard, Account Security

Guardian talks to Chinese goldsellers and UK buyers

UK paper The Guardian has a look at what life is like at a Chinese goldselling company. It's interesting, but we've basically seen it before -- the small room of young people working almost 24/7 to make and deliver gold in-game, the concerns about worker livelihood and the supposedly large amounts of money going through these businesses (there's one figure quoted of £700m, which is about $980 million, but that's an estimate -- no one really knows how much these companies are making).

But what's really interesting about this piece is that it seems to treat goldselling as more of an "opportunity" than anything else. The people running the companies are making money, the employees are getting a roof over their head and a steady paycheck, and even the guy making the film talks about how governments should start taking a cut of this industry. Nowhere is it actually mentioned that Blizzard considers these companies to be against the terms of service, or that many times the gold obtained by these companies isn't earned through simple grinding, but by hacking, keylogging, and exploiting. Even if (emphasis on the if) these companies are making millions of dollars a year, they're stealing accounts and cheating in-game to do it.

Rowenna Davis also did interviews with both the gold farmer and a player in the UK buying money from him (bannz0red?), but again, there's no insight at all from the player whose account was hacked and bank was looted, or the player who is able to earn as much gold as they need and have a life outside the game (there are plenty of those to go around). Would have been nice to see the issue from players who aren't actually breaking the game's terms of service.

Thanks, Bryn!

Filed under: Analysis / Opinion, Fan stuff, Odds and ends, Blizzard, Leveling, Making money, Wrath of the Lich King

Markee Dragon taken offline, MMOwned moving

We've received an interesting report on the WoW Insider Tip Line today. Two large World of Warcraft hacking and account trading websites, Markee Dragon and MMOwned, are offline.

Article Update:
According to MMOwned, they are moving servers, which is the reason their site is offline for some.

Attempts to reach the sites prove unsuccessful.

This is a good thing for everyone that wants to have a more legitimate gameplay experience in WoW, as both of these sites actively encouraged people to exploit bugs, break the ToS, and do all other sorts of tom-foolery that destroyed the game for legitimate players.

Our tipster mentioned that these sites were taken down in part by action taken by Blizzard, however we don't have any proof of that.

I've selected the angry baby picture for this article, since that's how the exploiters and account traders are feeling right now. Buh-bye.

Filed under: Blizzard, News items

Internet Explorer exploit targets game passwords

Is anyone still using Internet Explorer on a computer where they have control of the software? The browser is so targeted and so flawed, and there are so many worthwhile and free alternatives that it's almost silly to continue using Microsoft's monster of a browser. But if you still are, watch out -- the BBC says that Microsoft has announced another vulnerability, and this time it could be used to obtain "game passwords," like your account information for World of Warcraft.

The good news is that, like most virus scares (ever notice that all of the virus warnings come from companies that happen to make their money on antivirus software? In this case, it's Trend Micro, spreading as much FUD as they can), this warning is probably overblown -- even if you are using a browser full of holes like IE, you have to wander off your beaten path of trusted sites to get in trouble. So don't click random links or follow spambait on the forums or in your email, and you'll probably be fine. But again, installing and using another browser is so easy (and will help you so much in the long run) that you might as well give up IE anyway.

Thanks to everybody who sent this in! And yes, I used the old login screen for this post's picture. But don't you kind of miss it?

Filed under: Patches, Analysis / Opinion, Virtual selves, Odds and ends, Blizzard

Authenticator failure revisited, Blizzard responds

We created a lot of waves with this post about Blizzard's Authenticator key allegedly failing -- as you know if you've been listening to the podcast, lots of people have emailed us with their own input on the situation, alternately thanking us for making it known that the Authenticator wasn't 100% secure, and lambasting us for being "ignorant" about how Blizzard's security token works. At the base of the story, there are two things we know are true: that someone was using the Authenticator on their account, and then was subsequently hacked. For that reason, we've stood by the "Authenticator fails" story -- while having an Authenticator on your account is a helpful line of defense, it, like all other computer security measures, isn't a 100% guarantee against getting hacked.

Most people agree on that. Where opinions differ are in how the account was hacked -- originally, we and a few other sources speculated that the Authenticator had been somehow removed from the account in question. But now Belfaire has responded (we believe to the incident in question, though a link to our story was removed from the original post), and says that as far as he can tell, the Authenticator was not removed from the account. In fact, after the password was changed back, the Authenticator's serial key was asked for and given, so the Authenticator remained attached to the account the whole time.

Of course, that just leaves the most important question: how did the account get hacked? We've heard all kinds of various insights as to how the Authenticator works (it only lasts for 60 seconds, supposedly each key can only be used once, so there's no way a keylogger could nab the Authenticator code and reuse it), but the fact remains that the person we're talking about was using the key, and still got hacked. One hack out of all the Authenticators sold so far is a terrific record, and could prove that, statistically, an Authenticator is good as 100% security. But the fact remains that this person got hacked while using the key (however it was done), and if security can be broken once, it will be broken again.

Filed under: Items, Analysis / Opinion, Blizzard, News items, Account Security

McAfee report reveals the most dangerous web domains

In an era where clicking on the wrong link while browsing the web could mean your account will get hacked, and one of your guild members clicking on the wrong link means your guild bank could get emptied as well, it's always good to protect yourself and keep abreast of web security issues.

In that vein, it's worth checking out a new report released by McAfee called Mapping the Mal Web Report Revisited. It tested 9.9 Million websites in 265 domains to find out which ones had a higher risk of exposing visitors to malware, spam, and malicious attacks via a red, yellow, and green system.

Read more →

Filed under: Analysis / Opinion, News items, Account Security

Incgamers.com malware mixup fixed

Yesterday, I reported to you that Google (via Stopbadware.org) had marked wowui.incgamers.com (which redirects to wowui.worldofwar.net) as a bad site. Today, the site is reported as clean according to the same report (you can check it out here).

Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning.

Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.

Filed under: News items, Add-Ons, Account Security

Wowui.incgamers.com invaded by malware?


Here at WoW Insider, we've noticed an unusual and disturbing glut of people having trouble with being keylogged or otherwise hacked soon after installing new addons lately (which wouldn't be a surprise -- lots of people were grabbing addons after patch 2.4, so that makes them a likely route for attackers). While it's too early to make any definite connections, It seems like there's one new lead that's just popped up: popular addon site wowui.incgamers.com (not linked for obvious reasons) is apparently passing off bad files, according to reports from Stopbadware.org and other anonymous sources.

If you've been using the site for your addons, especially in the past week or so, it might be a good idea to exercise some caution and run your favorite anti-virus or anti-malware program. The site has already been in trouble recently with reports that their UICentral addon updater (now discontinued) was using copyrighted code, and now it looks like there's more trouble abrewing for them.

Update: Wowui.incgamers not infested with malware. Full story here.

Filed under: News items, Add-Ons, Account Security

Anti Keylogger Shield may offer some protection for your account

Hackers are getting more and more brazen lately, hiding various trojans and keyloggers not only in random forum links, but in ad banners and even in electronic devices. Even common sense avoidance of suspicious links and websites doesn't always seem to work anymore. Luckily, there are other tools you can use, such as the Noscript extension for the Firefox browser. Lifehacker reported on a new one yesterday as well: Anti Keylogger Shield for Windows.

This freeware program purports to work not by blocking installation of keyloggers, but by preventing them from logging your keys once installed. Lifehacker tested it by loading a keylogger and reported that it seemed to work, at least in that case, as the keylogger's log file was completely empty.

Of course, you probably shouldn't just install this program and go off clicking strange links willy nilly, but it does look like it could be one more line of defense in the ever escalating battle to protect your computer and your account from those who would steal it. Plus, it's free, so that's even better.

[Thanks for the forward, DrDiesel!]

Filed under: Odds and ends, Account Security

Blizzard loses a round in the fight against botting

In Blizzard's attempts to get rid of gold farmers and hackers, one of their most annoyingly persistent enemies has been the WoWGlider bot, now known as MMOGlider. They've been throwing suits and countersuits at each other for a few years now, but the latest salvo seems to have gone against Blizzard, the Game Activist reports. Blizzard was trying to subpoena Joe Thaler, owner of Lavish Software LLC, maker of programs such as EQPlayNice. While Lavish Software's programs do not appear to be cheat programs on their own, they did make a deal with MDY Industries, maker of MMOGlider, to use the programs within MMOGlider.

According the judge's decision, Blizzard was hoping to obtain all documentation related to the deal, all communication between Thaler and Lavish and MDY and its owner, Michael Donnelly. They also wanted a list of all WoW accounts owned by Thaler and Lavish, as well as the contents of the WTF folders of every installation of WOW used by Thaler and Lavish Entertainment. Unfortunately, the Judge ruled that Blizzard was demanding information that could compromise Lavish's trade secrets and client confidentiality, and that the demand for the information within 9 days did not give Thaler and Lavish enough time to respond an gather information.

It's worth noting that the judge did specifically say that Blizzard could file another subpoena that would be more narrow in scope and allow more time for Lavish and Mr. Thaler to respond, so this is probably not a fatal blow to Blizzard by any means. I personally hope not. I've never had much patience for bots, or people who feel they have a civil right to cheat at games, so I'm rooting for the big bad corporation on this one. What about you?

Thanks for the link, Tyrsenus.

Filed under: Analysis / Opinion, Cheats, Blizzard, News items

WoW Insider Show 

Subscribe via  iTunes for our latest show.

Hot Topics


 

Upcoming Events


Around Azeroth

Around Azeroth

Featured Galleries

It came from the Blog: Pandamonium
The gaming artwork of Jessica Dinh
Mists of Pandaria Raid DPS Analysis
Mists of Pandaria Collector's Edition
Death Knight plague epidemic
Mega Bloks: Goblin Zeppelin Ambush
Mists of Pandaria Beta: Ruins beneath Scarlet Halls
Mists of Pandaria: New warlock pets
Female Pandaren Customization

 

Categories