My (long inactive) WoW account and my email were hacked last night. I only caught it because I was actually reading my email when it happened. I got a couple notices from blizzard saying a burning crusade trial was added and that the email was being changed. About 20 seconds later those emails were erased. I quickly changed my email password and haven’t seen any other damage yet but this really pisses me off.
I’d report it to Blizzard as quickly as possible. From what I’ve heard, most WoW hijackings are usually gold sellers that need easily dispensable accounts that are easy to farm with. I’m willing to bet that if you don’t do something quick, your account will be banned. (Which probably is reversible if you contact them and let them know your situation, but I’ve not had any experience with it).
Since it’s impossible to change the last name associated with your account, and your last name isn’t shown in the account details, that’s usually all the verification that they would need to reset your password. I’m not sure if they will reset your character to what it was before, though. Chances are everything that could easily be sold for gold in your account has been.
Sorry to hear, and I hope you get everything straightened out!
This happened to me a couple months ago, on an account I was actively using. Tried to sign in one day, and my password didn’t work. Checked my email, and there was a message from Blizzard that my request to change my password had been accepted, and another a few hours later saying my account was being banned for breaking the EULA.
Only took a day or so to get the account unbanned, but when I logged in, I saw that they had stripped my main character of all his gear, and mailed the gold from all my characters to another account. Also, they’d erased one of my characters completely. Took about three weeks or so to get every restored, but in the end, I didn’t lose anything permanently. If you still care at all about your characters, you should let Blizzard know right away, because odds are good that your guys have been stripped.
Sorry about your account, Antinor01. I’ve heard good things about Blizzard’s account recovery so it might be worth a try.
This is a good opportunity to remind people about the WoW account authenticator. It’s a little keychain sized device which provides a second numeric password for you. Every time you log in, you push the button on your authenticator and it gives you a new temporary number. Without the second number, your account is unhackable.
The authenticators come in two ways - a $7 keychain from Blizzard or a free iPhone app. Here’s a link to the FAQ at blizzard.com
Does anyone know how this actually works? If the authenticator is randomizing to give you a temp password, how is that different than just picking a random number (of however many digits)? If there are a limited number of…well, numbers…in each authenticator, doesn’t repeating after a bit tend to make the strength of the security weaker?
I think you mean crackers.
My guess is it uses the previous key as a seed for a new random number. If you do the same process with the same seeds you get the same number. Computers are only good at pseudo random numbers.
My big wonder is what happens if your key and the server get out of sync?
It’s called two-factor authentication and it’s truly strong stuff. The token or phone app displays what looks like a random number, but in reality, the number generation on your end is mathematically controlled rather than random and its time-synchronized to the login servers - they know what the passcode should be at any given time, based on the serial number of your token. Chances are very slim that a hacker will be able to enter the correct 12-digit number. (your PIN plus whatever’s showing on the token)
We use SecurID tokens to secure our remote logins, and so far, over the course of many years using tokens, I’m not aware of anyone breaking in.
Easy to fix. The server will ask for the next number that’s displayed on the token. You enter it, and that’s usually all it takes to re-synchronize.
If you use the token often enough, it stays self-synchronized. Generally, it’s only people who use the thing rarely that have any synch problems.
jayjay, to elaborate on what gotpasswords’ said, the WoW process is twofold - first you enter your name & password, like before and it pops up a second password-type dialog screen. Then you press the authenticator and it gives you a six digit number. Type in that number at the second password screen and you’re in.
Each authenticator has an individual serial number and when you set it up, you tie that serial number to your account. I believe the number generation process that gotpasswords described is tied to the serial number (both online and in the authenticator) so only a person with physical access to the authenticator can generate the correct number. (This is partly why I wanted the key chain which stays attached to my speaker cord rather than the mobile app version.)
If you have an authenticator tied to your account, it will also protect your account management page at Blizzard’s website. You can’t log in to change your subscription unless you enter an authenticator number.
The Tao’s Revenge - if you get some sort of technical problem with an authenticator, Blizzard’s Billing & Account Services department will help sort it out. I’ve never had to call them though.
Now all I have to do is catch them when they have them in stock…
To agree with everyone else and as another person who has to carry a “nuclear football” with them this kind of authentication is used for anything that needs some extreme security. Your bank, for example, has that kind of authentication for a lot of its critical systems.
Tao, if that somehow happened then the log in would fail and you’d probably have to have an admin give you a new security key because the old one just wouldn’t work any more (and you’ll probably have to give them a lot of explanations for what happened). It couldn’t be resynced. I’ve never heard of this occurring without massive trauma to the key (run over by a train, for example). My current one should be functional for ten years to give you an idea of the lifespan of these devices.
Getting back to Antinor01, these people did not get access to your Warcraft account by breaking into Blizzard’s server. They have your account password and you need to think about how they’ve done that.
The most common are a brute force attack where they attempt to log into your account over and over again using different passwords. If you used an easy password to guess then you might as well not be using a password at all. Here’s a list of the top five hundred passwords and if your password is on there then I’d be able to break into your Warcraft account in less than a second. That’s not an exaggeration or bragging; it’s that bad.
To avoid this don’t use a dictionary word as your password. Don’t use a proper noun that relates to you. Mixing punctuation, capitalization, and numbers into the middle of your password is a very good idea. The more your password looks like a random pile of characters the harder it is for someone trying anything to get in. Fortunately for people who don’t want to memorize l%M1I]a4 or something like that just adding a few more walls usually brings things to good enough. If you’re not protecting vital secrets then most people trying brute force attacks will stop after a few million tries and look for an easier victim. So just add a couple extra layers of complication and you’ll increase the security of your account exponentially.
The other possibility for how they acquired your password is the key logger; a program installed on your computer that captures what you type. You usually pick something like it up by following bad security practices on your PC. You need to do a full malware scan (antivirus, spyware, the works) and make sure you have all current security updates for your computer. If you’ve turned off the firewall for some reason you need it back on and if you don’t have one then get one now. If you use Internet Explorer to browse the Internet then you need to stop; switch to Google Chrome or Firefox.
I did report it by email to Blizzard that same evening, but haven’t yet received a response. My main concern was the account being reactivated and my being charged for it. (Though that doesn’t seem to have happened, the CC I had on file has since been changed)
I honestly hadn’t even thought about that account in several years but have taken the precaution of changing all of my passwords to email, bank accounts and such. They’ve always been somewhat strong, but I did some beefing up on the password strengths.
Firewall is up, I ran a full scan yesterday and nothing else seems to have been affected.