Posts with tag trojans

PlayNoEvil recently published an article explaining why they think it is that hackers target gamers by stealing their passwords and other account information.

While there is some truth in the premises offered, articles like this one only serve to fuel conspiracy rumors and encourage players to think of themselves as victims rather than take responsibility for their own account security.

Gaming companies do place some of the blame for a compromised account on the account holder, and for good reason. The hacker certainly didn't gain access to your computer because of their actions, and their computers that store your information are as yet untouchable.

The browsers you use, sites you visit, firewall settings, anti-virus software and update practices are just a few of the ways that you contribute to your own hacking experience.

Sharing your account information with your lover, best friend and mother may sound safe, but you don't control the security of their computers, or their friends' computers. The majority of people I know who have been hacked signed into their accounts on their sibling's computer or a publically shared machine.

In fact, NASA ended up with a keylogger targeted at gamers on the International Space Station. It traveled aboard on the laptop of one of the astronauts. You just can't trust any computer that isn't your own.

It may be hard to hear, but a hacked account is because of something you did, whether it was an unfortunate stroke of luck, such as stumbling onto a redirect on a legitimate website in the small window before the site addresses it, or a serious oversight in security on your part.

McAfee Avert Labs, a monitoring and research division of McAfee Inc., claims that malware attacks are on the rise, and the targets are often gamers.

According to McAfee, there was a 245% growth in the amount of malware being developed from 2006 to 2007, with roughly 300% more developed from 2007 to 2008. So far this year, development already exceeds 2006 and 2007 combined.

Earlier this year, McAfee released a list of some of the most dangerous web domains. Even major, reputable websites are not immune, although the problems are usually addressed almost instantly. Commonly targeted websites include social networking sites like Facebook, as well as gaming sites.

The developers harvest the information, and sell it to others who then exploit it, possibly to steal your account information.

With so little time until Wrath of the Lich King, I'd like to remind everyone that buying gold or power-leveling services is not only not permitted, it is likely to get you burned.

For more information on protecting your computer from keyloggers and other malware, check out the following guides:

The problem with keyloggers and other methods of account theft has been well documented here at WoW Insider, and it seems like a constant problem. Even the most conscientious of players has fallen prey to it. However, at the Worldwide Invitational, Blizzard is introducing a little piece of hardware that could make those problems vanish. Say hello to the Blizzard Authenticator.

The Authenticator is a small piece of hardware that you can associate with your World of Warcraft account. Once the Authenticator is associated with the account, you will need it to log on. Every time you log on, you press a button on the Authenticator to generate a six-digit code that you must input to log on. Since only you know the code, and it's generated apart from your computer at the time you're ready to log on, it will be safe from trojans, keyloggers, and other hacks.

The Authenticator will be available at the WWI to start, then eventually at the Blizzard Store. The starting price being quoted by Blizzard is $6.50 -- a small price to pay for safety from a ransacked bank and naked server transferred characters, for many.

Is this the big announcement though? It's possible, of course, but we like to think there's more in store at the WWI. Stay tuned here, and we'll let you know.

While the Incgamers malware problem is fixed, it looks like there's another malware flare up in the world of addons. The WoW Ace Updater, according to many users, may be passing off a trojan from an ad in the guise of an antivirus program. The program, called Winfixer, pops up in a window and (in some cases automatically) installs malware while claiming your computer is compromised and that you need to buy the full retail version to fix it. It can be detected and removed by Spybot Search and Destroy and Vundofix, and Symantec includes instructions on how to manually remove it here.

Wowace.com site owner Kaelten has disabled the ads on WoW Ace Updater completely for now, and is talking to his Ad provider to find out what went wrong and which ads might be causing problems.

This isn't the first time a popular WoW site has had trouble with trojans in ads, and unfortunately, it is unlikely to be the last. Kaelten seems to be on top of it, though, so hopefully he'll get to the bottom of these claims. Since the ads are currently disabled, the program itself should already be safe to use. If you're feeling a bit skittish, though, you can check out some of Sean's recommendations for other upgrade programs here.

I should note that, being a religious user of WoW Ace Updater myself (I run it at least a good 5 times a week), I just made sure to scan my computer with the aforementioned Spybot Search and Destroy as well as AVG Free Edition. According to those programs, It has a clean bill of health.

Yesterday, I reported to you that Google (via Stopbadware.org) had marked wowui.incgamers.com (which redirects to wowui.worldofwar.net) as a bad site. Today, the site is reported as clean according to the same report (you can check it out here).

Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning.

Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.

Here at WoW Insider, we've noticed an unusual and disturbing glut of people having trouble with being keylogged or otherwise hacked soon after installing new addons lately (which wouldn't be a surprise -- lots of people were grabbing addons after patch 2.4, so that makes them a likely route for attackers). While it's too early to make any definite connections, It seems like there's one new lead that's just popped up: popular addon site wowui.incgamers.com (not linked for obvious reasons) is apparently passing off bad files, according to reports from Stopbadware.org and other anonymous sources.

If you've been using the site for your addons, especially in the past week or so, it might be a good idea to exercise some caution and run your favorite anti-virus or anti-malware program. The site has already been in trouble recently with reports that their UICentral addon updater (now discontinued) was using copyrighted code, and now it looks like there's more trouble abrewing for them.

Update: Wowui.incgamers not infested with malware. Full story here.