Skip to Content

WoW Insider has the latest on the Mists of Pandaria!

Posts with tag security

Update: Keylogger source identified


Just a quick update from from our friends at World of Raids about the current situation regarding circumvented authenticators. It appears there are multiple websites being used for this malware. Be careful of which sites you go to in order to update your addons from; fake website addresses are being used to trick users.

For example, one of the fake sources appears as a "Sponsored Link" right at the top of a Google search. Don't actually visit that site and be sure to warn players asking about addons where to go.


What happens is the fake site will allow you to download a fake copy (did you see fake?) of the WowMatrix AddOn Manager which installs the emcor.dll. This Trojan (Malware.NSPack) can currently be detected by Malware Bytes.

Thanks Kody!

Filed under: News items, Account Security

Man in the middle attacks circumventing authenticators

It has been brought to our attention that Blizzard's technical support department is currently handling a security exploit that is, in a limited capacity, circumventing authenticators. Before we get into the details, please do not panic. This does not make authenticators worthless, and it is not yet a widespread problem. Do not remove your authenticator because of this, and do not base your decision on whether or not to buy an authenticator off of this. They are still very useful, and your account is much safer with an authenticator than it is without one.

This is not the only report of this that we've seen, but it is the first time that a Blizzard representative has openly acknowledged that there is something afoot. For a full account of what happened, check the thread on the EU Technical Support forums. To sum up: There is a piece of malware (emcor.dll is what is being reported at the moment) that is being used as a hijacking tool to facilitate Man-in-the-Middle attacks on users.

Kropaclus
After looking into this, it has been escalated, but it is a Man in the Middle attack.
http://en.wikipedia.org/wiki/Man-in-the-middle_attack

This is still perpetrated by key loggers, and no method is always 100% secure.



To explain in the simplest way possible, instead of data being broadcast directly to Blizzard when trying to log in to your account, that data is being broadcast to a third party via this malware. This includes your authenticator code. Rather than you logging into your account, the hacker on the other end does so. They log into your account, clear out your characters, and move around virtual funds to fulfill orders from players buying gold. This method of circumvention has been theorized since the release of the key fobs, but it has only now started to actually happen.

Read more →

Filed under: Account Security

StarCraft II beta is live. Beware of scams!

People are getting actual StarCraft II beta invites, but that doesn't mean that all beta invites (or any other emails that look like they are from Blizzard) are real. If you got an email saying that you have been invited to StarCraft II: Wings of Liberty, don't click anything in that email. Instead take the following steps:
  • Type battle.net into your browser (no typos) and it will go to the secure battle.net site appropriate to your region.
  • Enter your account info.
  • Under Manage My Games, choose Add or Upgrade a Game.
  • Enter the Beta Key provided in the email where it says Enter Game Key.
  • Press Add Game.
If you are able to successfully add the game to your library, then you received a real beta invite. If the email tells you to go someplace else for the beta key or the key provided did not work, then you received a phishing email.

Read more →

Filed under: Blizzard, Account Security

Mobile Authenticator available for Android

Blizzard appears to be trying to make it easier for everyone to have an Authenticator and to that end, there is now a Mobile Authenticator for Android. The Android version works just like the iPhone/iTouch app and is available at the Android App store (you can view it via a third party site). Once you get it on your phone, you then link it to your account at the official World of Warcraft Account Management page. We have reports of the app working for people.

Though we were unable to find this app from Blizzard directly, we believe it to be legitimate. However, we have contacted Blizzard for confirmation. We'll let you know what they have to say when we hear back from them. Update: Here is the link to the official Blizzard support page for the Android app. Looks like it's legit. Update 2: Here is the official announcement.

If you don't have an Authenticator yet, we can't recommend it enough. The added protection an authenticator provides to your account is much greater than the slight inconvenience of needing access to your phone whenever you login. This is particularly the case if you game at internet cafes.

Filed under: News items, Account Security

How to tell if a GM is whispering you

A guildie got the above whisper Tuesday night. (I have blocked out the website so as not to promote this phishing attempt.) We have reports of this happening to a lot of people in-game right now as yet another attempt to get you to go to a site, so they can steal your login info and defile your characters.

Let's dissect the above whisper:
  • It's one whisper made to look like two. This will work if your chat settings match the scammer's chat settings, but if you've fiddled with your font or chat window, then the formatting will be off and the scam will be more obvious.
  • The whisper is from a garbage name. All "players" I've seen with random characters have been scammers or gold selling barkers. So anything after such a name should be considered highly suspect.
  • It says [Game Master]GM. The scammers aren't even trying here. Blizzard GMs have names and have <GM> before their names.
  • It sends you to a non-Blizzard site. Don't go to any website you get in tells or in-game mail as a general rule. If you have received a ban of any kind, you will receive an email to the account you have on file with your subscription info.

Read more →

Filed under: Analysis / Opinion, Account Security

Blizzard shines the spotlight on account security

At least judging by the number of emails we've been getting about them, WoW scams have never been more popular than they are now. So I'm very happy to see that Blizzard has launched a new Account Security section on their Battle.net site, featuring tips on how to keep your Battle.net account safe.

A lot of it is common sense - things like using an authenticator (which also gets you a nifty Corehound pet), not giving your account name/password to anyone (even if they say they're a Blizzard employee), and keeping up-to-date browser software and anti-virus on your computer. It never hurts to reiterate these things, though; many accounts get compromised every day through not observing these rules.

Read more →

Filed under: Blizzard, Account Security

Help! My account has been hacked!

There are so many scams going around like the Catclysm Alpha invite and the WoW Armory phishing site, that people's accounts are getting stolen more than ever. With all of the work that Blizzard has to do to keep up with the problem, it's no wonder they are offering the fast solution of care packages. We've talked about how to avoid scams as well as how to protect yourself. Here is a guide as to what to do if your account gets stolen.

Important note: The following guide assumes that you have not put an Authenticator on your account. There are no confirmed cases of accounts being stolen if they are protected by an Authenticator.

Read more →

Filed under: Blizzard, Account Security

You are not invited to the Cataclysm alpha

In the wake of yesterday's rumor that the Cataclysm Friends and Family alpha will be starting this Tuesday, January 12, we should expect an increase in scammers trying to get your account details by offering phony alpha invites. We saw a lot of these for both Burning Crusade and Wrath of the Lich King as well, and some of them were very well crafted.

At this phase of Cataclysm's development, though, it will be comparatively easy to keep yourself safe. Since this is a friends and family alpha, if you don't have friends or family that work at Blizzard, you will not get an invite. Therefore, anyone offering you one is trying to pull a scam. Basically, everyone who's going to be getting legitimate access to the alpha should know who they are already. Everyone else, sit tight and stay tuned to WoW.com for the latest on WoW's next chapter.


World of Warcraft: Cataclysm will destroy Azeroth as we know it. Nothing will be the same. In WoW.com's Guide to Cataclysm you can find out everything you need to know about WoW's third expansion. From Goblins and Worgens to Mastery and Guild changes, it's all there for your cataclysmic enjoyment.

Filed under: Expansions, Account Security, Cataclysm

Using the Corehound Pup to secure Guildbanks


Authenticator owners received a nice surprise in their mailboxes when Patch 3.3 dropped: the corehound pup pet. It's absolutely adorable and a completely unexpected bonus to having a secure account. But it has also caused much kvetching among those who feel they are too careful to ever need the authenticator. Pet envy caused some to sign up for the free application for their phone or buy the physical gadget in order to obtain the two-headed cutie. But they soon discovered that removing the authenticator from their accounts also removed the pet.

Their loss can be your gain, however. One problem that many guilds have is that some of their high ranking members, with full bank access, have account security issues. When a guildbank gets raided by a hacker, it affects the entire guild -- not just the compromised account. One thing guild leaders can do to protect all members is require authenticators for bank access. Previous to patch 3.3, this was hard to prove. Now GLs can just ask to see your corehound pup.

Read more →

Filed under: Analysis / Opinion, Guilds, Account Security

Time to get that Authenticator

Well, they started giving away pets for having an authenticator, so I guess it's about time I went ahead and put one on my account. I've had the app on my iPhone for a while, actually, but I never really saw the point in attaching it to my account, especially since it seemed like just more hassle, and who knows what kinds of errors could pop up. And honestly, I haven't worried much about hackers -- I use a secure browser, I don't click on unknown links. But I know, I know, it's safer, and with the cute Corehound Pup out, I might as well go ahead and attach it.

And you might as well, too. Blizzard's Store was flooded with people looking for authenticators yesterday, but things have slowed down a bit, and they've even got a brand new design with the Corehound Pup right on there. The price, as usual, is $6.50 with free shipping. If you've got an iPhone or an iPod touch, you can get the app free from iTunes, and we're told that it's coming to other platforms at some point in the future (guess when: "soon"). Even if you don't want to apply the Authenticator for whatever reason, just think of it as an almost-half-price pet.

Filed under: Items, Fan stuff, Odds and ends, Blizzard, Account Security

Breakfast Topic: The great Battle.net merge


It was announced yesterday that Battle.net accounts would be mandatory for us World of Warcraft players. I'm not sure if November 11th is supposed to coincide with a patch drop or anything (unlikely). It's been a pain in the derriere (that's French for ass) for GMs to unmerge compromised accounts. A common tactic hackers like to use is to commandeer a WoW account and merge it with their own Battle.net account. It's not something that can be easily undone.

Of course, an announcement like this comes with all sorts of complaints. I've perused the forums on the topic and checked out some of the comments when we announced it here. Here's a few common reasons players are against it. Just for kicks, I've offered some solutions!

Read more →

Filed under: Breakfast Topics

Mobile Authenticator back in the App Store


After getting yanked off of Apple's App Store a little while back, Blizzard's Mobile Authenticator app is now back in business, and ready for a free download. Version 1.0.2 is out now [iTunes link] and the description says it contains UI improvements with a streamlined and enhanced interface.

Unfortunately, the issue that originally got the app pulled off the store hasn't actually been fixed: the official blurb is now saying that you should definitely remove the authenticator from your account before you upgrade, and then re-apply it again to your account after you've upgraded (and presumably gotten a new key installed). If you install this new version of the app and then try to access your account, it won't work (and you'll have to call Blizzard support at 1-949-955-1382 to help them remove the old authenticator).

Small hassle to go through, however, to have an account protected against hacking. If you have an iPhone or an iPod touch and haven't picked up this application yet, now's the time to do so for sure.

[Thanks to everyone who sent this in, especially Eric!]

Filed under: Blizzard, Account Security

Breakfast Topic: Why Blizzard should make authenticators mandatory on Battle.net accounts


With the impending switch to necessary Battle.net accounts, Blizzard has an opportunity to create and extremely secure and hardened gaming community. They can do this by waving a magic wand, angering a certain amount of their customer base, and eliminating in one swoop nearly all, if not all, account hacks.

Blizzard can make authenticators a mandatory feature on all Battle.net accounts.

There are many pros and cons such a move would bring about. Let's examine the cons first since everyone likes to complain about stuff. The largest con would be that people would be required to have a physical piece of equipment specific to WoW and other Blizzard games. Some people would obviously not be okay with this and cancel their subscription, and others would not understand how to push a button and punch in numbers (I'm not kidding). There would be a large cry from people around the net, particularly people who enjoy scamming others out of gold and their accounts, but those are easily enough ignored.

Read more →

Filed under: Analysis / Opinion, Breakfast Topics, Account Security

Play safe because a trojan can get you banned

Remember that "non-personal system information" that Blizzard said they are searching for? Part of it is a search for keyloggers, trojans and viruses that affect WoW. If the system check finds one of those on any of the computers you are using, Blizzard will ban your account for 24 hours so that you can get it fixed.

When this happened to a guildie, I must admit I was skeptical. Blizzard scans for viruses? And then sends an email that sounds suspiciously similar to the various phishing emails out there? But my friend sent me a copy of the email and described the whole process to me and I am a believer. Blizzard has some issues it needs to resolve with how it is handling this, however.

Read more →

Filed under: Analysis / Opinion, Blizzard, Account Security

Requiring authenticators for guild bank access


m0rtis has an interesting question over on WoW LJ: should guilds require authenticators on the accounts of everyone in the guild with bank access? Authenticators are relatively cheap, if not free (and still in stock most of the time nowadays), so if you're running a guild and in a position where your bank is important enough to protect, should you be able to require authenticators to keep guildies from getting hacked?

There are a few caveats here that m0rtis doesn't mention, but we will: first of all, there's no way to guarantee whether someone is using an authenticator or not, so while you can make guildies promise, there's no real way to check up on them. Second, not all guild banks get emptied out due to hackers -- many guild banks get ninja'd by someone within the guild, and there's no authenticator that can protect against that. So having authenticators on bank members (or at least having them promise they've got them) isn't 100% protection. But it is something.

Read more →

Filed under: Items, Tips, Guilds, Economy, Account Security

Around Azeroth

Around Azeroth

Featured Galleries

Mists of Pandaria Screenshots And Concept Art
Mists of Pandaria Screenshots of the Day
Kalimdor in Minecraft
It came from the Blog: Lunar Lunacy 2012
It came from the Blog: Caroling Carnage
It came from the Blog: Hallow's End 2011
It came from the Blog: Pilgrim's Bounty 2011
Mat's Birthday Wish
WoW Tier 13 Armor Sets

 

Categories

Joystiq

Massively

Engadget