Well, my account may have been hacked. Or not. I don’t know anything.
I haven’t played in a while. So when I log in today and find I was locked out, it came as a surprise. Apparently somebody tried and maybe succeeded to access my account recently and Blizz said, “Whoa whoa Keylogger!” So my account is locked. Apparently they tried to reset my password (I reset it again, just to be sure, though I think they didn’t get in anyhow). So here I am hoping it’s just some fool who can’t type. I’m pretty sure my computer is clean, seeing as I have a software firewall, Avast, and AVG running, and pop-up blockers, and don’t usually surf on this computer. Sucks, though.
Bandit: praying ihs acount and its 15,000 gold haven’t been devoured by bastard goldfarmers.
That does suck; you have my sympathy. My brothers account was hacked, and because it wasn’t reported fast enough, nothing was returned to them.
You might know this already, but if you ever plan on playing again, I would strongly recommend getting an authenticator. They’re $6 from Blizz (they sell them at a loss), or free on a smart phone. You get an adorable core-hound pet, and the peace of mind that it is virtually impossible to have your account hacked again.
Nope, authenticators have already been broken. The keyloggers can now track your authenticator, so if you actually use one they can grab that code, too.
Broken, yes, but it’s still extremely difficult. The authenticator code is only good for about 30 seconds from time of generation. The hacker has to be ready and waiting for you to type it in to make use of it.
Hope you haven’t lost anything or if you have it’s restored. I only play from home too, and have AVG and all windows patches as they are released. Would be gutted to have to deal with this.
Do you have a cite that this is the case? Because to the best of my knowledge, that’s completely infeasible. They would have to have reverse-engineered the algorithm the authenticators use so that they can determine your authenticator’s serial number based solely on the 6-digit code and time of generation. I suppose it may be possible that someone has done so, but then there’s the problem of determining time of generation, as the code could have been generated at any point during the 30 seconds before the code was entered and thus capturable. Remember, the authenticator is a physical object that doesn’t interface with your computer at all save when you enter in the 6-digit code. There’s no way for a hacker to get to your authenticator through your computer.
Is it possible? I suppose it could be; like I said, that’s to the best of my knowledge. But it seems so astronomically improbable that I would fear for my bank account or credit cards before I worried about my WoW account.
It occurs to me that there is a way to break an authenticator: if you get one and register it with Blizzard while you’re keylogged. You have to enter your authenticator’s serial number so that Blizzard’s servers know how to confirm the validity of the 6-digit code. If they have that, and they know the algorithm, it is useless. So that is a possibility, if you’re not taking full precautions after a hack.
Right now I still have some hope. Whoever did this evidently tried to reset my password, but they don’t appear to have been able to access my email. SO hopefully they couldn’t get at anything and Blizz caught them trying to login.
Here’s a quick way to check–look up your character on the Armory. If you were hacked, any gear you had on you will have been stripped and sold for whatever gold a vendor would give.
My wife’s account just got hacked in the last few days as well. Authenticator’s in the mail. =P
It’s kind of the difference between putting a lock on your door or not, I guess. If someone can pick a lock, does that make locks useless? No – but it does mean you need to take other security measures. Like making sure your computer’s secure.
Run your virus scanners. Run them again in safe mode. Run them with the game up and running at the login screen but before logging in. Run one scanner at a time. If they don’t find anything, find another virus scanner.
This happened to me about a year ago. Stripped my main and sold all his gear. All the gold my alts had was gone, too, but they still had their gear. I caught it pretty much right away (about 12 hours after it happened) and Blizzard was able to completely restore my gear and money. I think I might have come out ahead, actually - I don’t think my alts had that much money before I was hacked.
They even deleted your characters? That is ridiculous. Hopefully you can get everything restored.
I kind of wish Blizz would track stolen gold (they have the ability), and perma-ban everyone who is caught buying it. If there wasn’t demand from players to buy the gold, there would be no incentive or profit for gold-farmers to hack accounts. They would probably have to ban too many paying subscribers though.
I’ve always vaguely liked the sheer murderous vindictiveness of EVE’s solution. They simply deduct the amount of ISK that was illegally purchased from an account every single time someone reports one as verifiably stolen or illegally gold-farming with macros.
If this leaves you with a negative bank balance, better sell the shineys you bought or you can’t buy stuff or repair or update your clones or anything. What’s that? You already rigged (essentially, socketed) your ships, or lost them in combat? Better get cracking on those NPC quests. Oh, by the way, the guy you bought stolen isk from has your name in his contract or wallet logs, most likely. I sincerely hope he’s not a member of a pirate or mercenary alliance.
I got my account hacked last thanksgiving. Ironically I’ve harvested enough delicious, delicious tears from that event to MORE than make up for the temporary inconvenience. Especially since one of the buyers was a member of my extended alliance, who started bitching about ME because I reported the hacking and he lost everything he’d bought. After I spoke up, he was then ceremonially executed by his own guild and booted for whining about it.
My experience with them is from short-term malicious ads on popular websites, with an attack pattern roughly like:
Hacker places an ad with an infected Flash or Javascript bit that runs a limited-purpose keylogger on a popular site like wowhead.
Victim goes to wowhead to look something up and leaves it open while they log into WoW
Victim is screwed.
Another method I’ve heard of are sneaking them into the installers/downloaders for add-ons then google-bombing the malicious add-ons higher than the similarly or identically-named real ones.
What bothers me is that I can’t figure out how they did it. I haven’t played WoW in several weeks. I’ve done nothing but update the new patch. I rarely surf on this computer, and when I do it’s usually brief. I don’t have things open when I play WoW, and only download my few add-ons through Curse client. And as mentioned I have a pop-up blocker set to stop everything AND two antivirus proggies AND a software firewall. The only thing I can think is that possibly I used the password somewhere else, and after blizzard merged my battle.net account with WoW* they used my email with that password Well, if so, I can’t do much about it dammit! Everyone has five millions sites these days and they’re all demanding ridiculous passwords for everything. The onyl way I can manage is to reuse some, and sometimes I don’t even know what I mgiht have had it for long ago.
Maybe if I can ever get through to customer service they can give me some info on when this happened exactly, or at least what to watch out for.
*This was one of the dumbest things Blizz ever did. While they have a lot of talent, one aspect they’ve always sucked at is their online services. Not their multiplayer gameplay, mind you - then actual internet service they use. Hence the pathetic mess that Diablo2 became online.