Because out of those million players a few thousand click on phising mails coming from a fake Blissard address.
Add another few thousand who bought gold and leveling services with their accounts.
If it were a Blizzard problem, the game would have been unplayable since everyone would have been hacked.
Millions play without being hacked.
Not just that I myself was the victim of account hacking, and not from either of those reasons. I simply went to a website and unknowingly had a keylogger trojan put on my computer from the advertising banner.
The victim is nearly always to blame. Somewhere along the line security was comprimised. Whether this be from giving away passwords to a "trusted" individual, buying leveling services, giving away info to a phishing email, lack of basic pc security, etc; whatever it may be the person hacked is the one at fault 99.99% of the time. It is Darwinism at work on the most basic level. The weak are being cultivated to support a thriving industy. Been hacked? You deserved it when you comprimised your account. Why are there so many people hacked in WoW? Because there is almost an endless supply of morons.
The victim is nearly always to blame. Somewhere along the line security was comprimised. Whether this be from giving away passwords to a "trusted" individual, buying leveling services, giving away info to a phishing email, lack of basic pc security, etc; whatever it may be the person hacked is the one at fault 99.99% of the time. It is Darwinism at work on the most basic level. The weak are being cultivated to support a thriving industy. Been hacked? You deserved it when you comprimised your account. Why are there so many people hacked in WoW? Because there is almost an endless supply of morons.
Really well i can tell you of 100's instances of people getting hacked by going to trusted sites such as allakazam,curse gaming,Chicago tribune,new york times,CNN,facebook ,farmville and 100's more having advertising banners inject keyloggers through java/flash exploit into your system you can't blame the user for this.
Now just other day a customer of mine had 2 WoW accounts hacked i did a full sweep of the systems and found a game called i spy spooky mansion from gamehouse games, the game contains a keylogger, either a hacker did this or the author.
Also the IRS website was serving up malware their site was hacked and infected thousands of computers other business web sites were also hacked doing the same.
Also there is a HUGE security hole which i believe the hackers are using it is router firmware quite a few routers are vulnerable to a dns pinning/rebinding ect.
Also wireless on routers are NOT secure anyone with right tools can hack your wireless in less than 10 mins no matter what setting you choose for encryption then they run a packet sniffer and steal your data or hack your router and change dns and monitor your traffic.
Not just home routers are at risk commercial ones as well, it is also said that there is a HUGE windows security hole allowing these hacks to happen and microsoft knows about them they are going to close them soon so there is going to be a huge rise in hacked accounts.
I have seen routers that have been hacked by war dialing type hack that starts with all the addresses on the internet probe routers and enter them through mfg passwords flash firmware with custom firmware/change settings in volatile memory by hijacking dns settings allowing hackers to capture your information.
Normal people would not be able to detect this hack which could explain why some people get hacked multiple times even after buying a new pc or format and reload.
According to another security expert millions of routers are at risk, this is why i use a pc and custom router software instead of a hardware router.
The inactive accounts are being stolen due to Blizzard allowing the information to be "leaked". This way the accounts of those that no longer play can be counted as sub numbers during quarterly reports. The fact that its gold farmers paying the subs is irrelevant and therefore the account is countable, so to speak. This also answers the question as to why sub numbers have remained steady.
Yes, blizzard sub numbers are being held up by the gold farmers. How perceptive of you.
The inactive accounts are being stolen due to Blizzard allowing the information to be "leaked". This way the accounts of those that no longer play can be counted as sub numbers during quarterly reports. The fact that its gold farmers paying the subs is irrelevant and therefore the account is countable, so to speak. This also answers the question as to why sub numbers have remained steady.
Yes, blizzard sub numbers are being held up by the gold farmers. How perceptive of you.
Your pretty good with Blizzard numbers, do you have any showing the percentage of subs held by gold farmers?
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.
Your pretty good with Blizzard numbers, do you have any showing the percentage of subs held by gold farmers?
You are the one saying this and that are facts about gold farmers, inactive accounts and "leaked" information, so one would expect you have some source of information to make those claims.
The victim is nearly always to blame. Somewhere along the line security was comprimised. Whether this be from giving away passwords to a "trusted" individual, buying leveling services, giving away info to a phishing email, lack of basic pc security, etc; whatever it may be the person hacked is the one at fault 99.99% of the time. It is Darwinism at work on the most basic level. The weak are being cultivated to support a thriving industy. Been hacked? You deserved it when you comprimised your account. Why are there so many people hacked in WoW? Because there is almost an endless supply of morons.
Really well i can tell you of 100's instances of people getting hacked by going to trusted sites such as allakazam,curse gaming,Chicago tribune,new york times,CNN,facebook ,farmville and 100's more having advertising banners inject keyloggers through java/flash exploit into your system you can't blame the user for this.
Now just other day a customer of mine had 2 WoW accounts hacked i did a full sweep of the systems and found a game called i spy spooky mansion from gamehouse games, the game contains a keylogger, either a hacker did this or the author.
Also the IRS website was serving up malware their site was hacked and infected thousands of computers other business web sites were also hacked doing the same.
Also there is a HUGE security hole which i believe the hackers are using it is router firmware quite a few routers are vulnerable to a dns pinning/rebinding ect.
Also wireless on routers are NOT secure anyone with right tools can hack your wireless in less than 10 mins no matter what setting you choose for encryption then they run a packet sniffer and steal your data or hack your router and change dns and monitor your traffic.
Not just home routers are at risk commercial ones as well, it is also said that there is a HUGE windows security hole allowing these hacks to happen and microsoft knows about them they are going to close them soon so there is going to be a huge rise in hacked accounts.
I have seen routers that have been hacked by war dialing type hack that starts with all the addresses on the internet probe routers and enter them through mfg passwords flash firmware with custom firmware/change settings in volatile memory by hijacking dns settings allowing hackers to capture your information.
Normal people would not be able to detect this hack which could explain why some people get hacked multiple times even after buying a new pc or format and reload.
According to another security expert millions of routers are at risk, this is why i use a pc and custom router software instead of a hardware router.
not long go razor was hacked and the hackers replaced mouse firmware with one that contained a trojan used to steal info.
99.9% of this basic pc security will stop. And the rest does not automatically mean you are "hacked". You can put all the links to every ambiguous virus there is, it doesn't change the fact that almost all people "hacked" either do not have basic security fundamentals set up on their pc, or that they comprimised their account.
Just because a piece of hardware has some sort of malware on it also does not neccessarily mean that malware can get anything useful from your system. For example, a potential hacker can ping my wireless router all day. Even if they are able to somehow magically brute force my 24 digit password undetected, they are still not into my home network free and clear. Again, this falls under basic pc security. The people being hacked are the ones setting up wireless home networks with no password, no hardware or software firewall, and no basic security. Even I, with only basic network skills, can walk through a network like that. That's not hacking, thats walking through an unlocked front door. So even if a potential "hacker" has the ability, time and tools to bust through my network do you think he would waste time on it to perhaps glean some pertinent info, when in that same amount of time he can walk through ten open doors? Doubt it.
The rest of the malware you linked means nothing. They are all easily detected by basic pc security and an up-to-date OS. The ones that aren't are not necissarily sure hack either. They are either a shot in the dark or a piece of bad code that was left in the software.
The people doing the hacking on a large scale operate a business. Just like any other business they rely on numbers. Taking multiple shots in the dark to perhaps get a password off some mouse firmware is just not going to generate the numbers they need. Not when they can advertise power leveling services (an open door, 100% guarantee to hack if they want), malicious emails, and other easy, fast, and much more effective methods than sending out a virus on a usb stick to perhaps, somehow, magically hack a WoW account. There are millions out there that have no virus protection, download pirated material, do not run up-to-date software, have no software and hardware firewalls, and run no malware protection. Couple these with the ones buying characters and powerleveling services, and with the malicious mass email scams, and you have a huge pool of troglodytes to pull from. These are the people being "hacked". And it is not really being "hacked", it is simply having your password and info taken from you.
Oh, and I almost forgot. Then on top of this you have the people who simply share their characters and accounts with friends, thinking they are secure, their buddy would never do any harm. I would estimate a huge portion of so-called "hacked" WoW accounts fall into this category. Again, this falls back completely to the user's basic security. Share your password, even with one trusted friend, and your account is no longer password protected.
Your pretty good with Blizzard numbers, do you have any showing the percentage of subs held by gold farmers?
You are the one saying this and that are facts about gold farmers, inactive accounts and "leaked" information, so one would expect you have some source of information to make those claims.
So I guess you dont have those numbers. Not surprising.
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.
My wow account just got hacked for the second time in about a year, the funny thing about it is that the account has been inacttive for the whole year and more, havent used it in ages and still it keeps getting hacked. and people say its my fault cause i have keyloggers etc? fuck off noobs.
My wow account just got hacked for the second time in about a year, the funny thing about it is that the account has been inacttive for the whole year and more, havent used it in ages and still it keeps getting hacked. and people say its my fault cause i have keyloggers etc? fuck off noobs.
Same thing has happened to me and two RL friends. I haven't played in a year and I've had my account stolen during my inactivity, and a friend who hasn't played in 3 years had his account stolen twice now. It is most definitely not always user error.
i beg to differ, 90% is user error, either by picking up key loggers or visiting bad websites or even by suppling emails and details to gold sellers which is also used on the main account, ive never been hacked or had any friends hacked and its beyond me how so many people do, apart from the above reasons
Playing: FFXIV Future: wishing for SWG 2, World of Warcraft Classic Played: Most current and extinct MMO's - 18 Years in....
Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?
Most likely scenarios, in my experience and opinion (based on dealing with guild members who have been compromised):
1 - Clicked on links in e-mails purporting to be from Blizzard. Those e-mails said one of the following (not an exhaustive list by any means) and required the player to take immediate action:
The player's account ws being investigated for undisclosed reasons
The player's account had already been compromised and was frozen
The player needed to sign up for the Cataclysm beta
The player's account was under investigation for harassment, gold selling, spamming, or other TOS violation
The player's account was last logged in post-cancellation from an IP that was not the player's known IP
2 - The player downloaded a mod or add-on using another site's installer, rather than downloading the .zip file, scanning it for malicious files, and manually installing it themselves (which is how third-party add-ons should always be installed - manually)
3 - The player does not own an authenticator. While following steps one and two helps make the authenticator less necessary (I played with add-ons for nearly two years without ever getting compromised), the authenticator is still a good idea. Honestly, no, it doesn't put profit in Blizzard's pocket: that $6.50 U.S. customers pay covers manufacturing and shipping and Blizzard isn't making much at all from the things from US customers. For Canadians, however...yeah...$30 shipping is more than a little insane. Get an American friend or guildmate to order the thing for you and mail it, as it's far, FAR cheaper to do it that way. Airmail really is NOT that expensive; I mail and ship things to Canada all the time for far less than $30 American or Canadian.
4 - The player is or has given their login credentials to another player for whatever reason.
5 - The player may not be paying as close attention to security client-side as they could be and has managed to get infected with malware that has allowed someone to access their account information. Add to that the fact that not everyone is as conscientious about changing their passwords regularly as some folks are and the situation becomes increasingly compounded.
While this list does not cover every single account compromise and some certainly are genuine compromises that have occurred either because of security issues on the client side or with battle.net (let's face it - account compromises have risen dramatically since the battle.net account merge and I personally have noticed a significant increase in the amount of phishing and spam mail that I receive since the battle.net merge and another significant increase in the amount of phishing mails since I have allowed my World of Warcraft account to go dormant), it has been my experience and observation that about 80 to 85% of the account compromises in WoW are due to one of those five issues I have listed.
"You are obviously confusing a mature rating with actual maturity." -Asherman
Maybe MMO is not your genre, go play Modern Warfare...or something you can be all twitchy...and rank up all night. This is seriously getting tired. -Ranyr
My wow account just got hacked for the second time in about a year, the funny thing about it is that the account has been inacttive for the whole year and more, havent used it in ages and still it keeps getting hacked. and people say its my fault cause i have keyloggers etc? fuck off noobs.
Same thing has happened to me and two RL friends. I haven't played in a year and I've had my account stolen during my inactivity, and a friend who hasn't played in 3 years had his account stolen twice now. It is most definitely not always user error.
Same here. Mine has been inactive for a year and all of a sudden its compromised? Right now theres a pre-paid card on it and one of my characters is getting a faction change! Im fighting to get it back now but i feel its a lost cause. Im still getting emails on what my account is doing.
And to all the tards who say its "OUR" fault for getting hacked. Get a life or better yet get common sense!
Peeps on this site are soo quipped to blame us for the compromise but yet dont want to blame the "hackers" for making said programs that slips through the PC security cracks and into our system! Or blame Blizzard for not doing enough to secure our info!
My theory is this. (if it hasnt been said already, i dont feel like reading 5 pages of crap) I believe someone in blizzard is up to no good when it comes to inactive accounts. They give/sell the info out to gold/account selling sites. In hopes that we the consumer would buy another box to start another account. Which makes their quarterly numbers look good. I will never support blizzard again if i dont get my account back. This crap has gotten out of control! and it is in NO WAY our fault!
Fuck the world, for all its worth,Every inch of planet earth!
The player's account was last logged in post-cancellation from an IP that was not the player's known IP
I just received an e-mail two days ago with this exact reasoning. I haven't played WoW in two years at least, so thought it was more than a little suspicious. Of course I'm internet savvy and declined to click on any of the links before deleting the e-mail, but I was curious to see if this was a popular tactic. Glad I came here to find out. =-)
The victim is nearly always to blame. Somewhere along the line security was comprimised. Whether this be from giving away passwords to a "trusted" individual, buying leveling services, giving away info to a phishing email, lack of basic pc security, etc; whatever it may be the person hacked is the one at fault 99.99% of the time. It is Darwinism at work on the most basic level. The weak are being cultivated to support a thriving industy. Been hacked? You deserved it when you comprimised your account. Why are there so many people hacked in WoW? Because there is almost an endless supply of morons.
Really well i can tell you of 100's instances of people getting hacked by going to trusted sites such as allakazam,curse gaming,Chicago tribune,new york times,CNN,facebook ,farmville and 100's more having advertising banners inject keyloggers through java/flash exploit into your system you can't blame the user for this.
Now just other day a customer of mine had 2 WoW accounts hacked i did a full sweep of the systems and found a game called i spy spooky mansion from gamehouse games, the game contains a keylogger, either a hacker did this or the author.
Also the IRS website was serving up malware their site was hacked and infected thousands of computers other business web sites were also hacked doing the same.
Also there is a HUGE security hole which i believe the hackers are using it is router firmware quite a few routers are vulnerable to a dns pinning/rebinding ect.
Also wireless on routers are NOT secure anyone with right tools can hack your wireless in less than 10 mins no matter what setting you choose for encryption then they run a packet sniffer and steal your data or hack your router and change dns and monitor your traffic.
Not just home routers are at risk commercial ones as well, it is also said that there is a HUGE windows security hole allowing these hacks to happen and microsoft knows about them they are going to close them soon so there is going to be a huge rise in hacked accounts.
I have seen routers that have been hacked by war dialing type hack that starts with all the addresses on the internet probe routers and enter them through mfg passwords flash firmware with custom firmware/change settings in volatile memory by hijacking dns settings allowing hackers to capture your information.
Normal people would not be able to detect this hack which could explain why some people get hacked multiple times even after buying a new pc or format and reload.
According to another security expert millions of routers are at risk, this is why i use a pc and custom router software instead of a hardware router.
not long go razor was hacked and the hackers replaced mouse firmware with one that contained a trojan used to steal info.
99.9% of this basic pc security will stop. And the rest does not automatically mean you are "hacked". You can put all the links to every ambiguous virus there is, it doesn't change the fact that almost all people "hacked" either do not have basic security fundamentals set up on their pc, or that they comprimised their account.
Just because a piece of hardware has some sort of malware on it also does not neccessarily mean that malware can get anything useful from your system. For example, a potential hacker can ping my wireless router all day. Even if they are able to somehow magically brute force my 24 digit password undetected, they are still not into my home network free and clear. Again, this falls under basic pc security. The people being hacked are the ones setting up wireless home networks with no password, no hardware or software firewall, and no basic security. Even I, with only basic network skills, can walk through a network like that. That's not hacking, thats walking through an unlocked front door. So even if a potential "hacker" has the ability, time and tools to bust through my network do you think he would waste time on it to perhaps glean some pertinent info, when in that same amount of time he can walk through ten open doors? Doubt it.
The rest of the malware you linked means nothing. They are all easily detected by basic pc security and an up-to-date OS. The ones that aren't are not necissarily sure hack either. They are either a shot in the dark or a piece of bad code that was left in the software.
The people doing the hacking on a large scale operate a business. Just like any other business they rely on numbers. Taking multiple shots in the dark to perhaps get a password off some mouse firmware is just not going to generate the numbers they need. Not when they can advertise power leveling services (an open door, 100% guarantee to hack if they want), malicious emails, and other easy, fast, and much more effective methods than sending out a virus on a usb stick to perhaps, somehow, magically hack a WoW account. There are millions out there that have no virus protection, download pirated material, do not run up-to-date software, have no software and hardware firewalls, and run no malware protection. Couple these with the ones buying characters and powerleveling services, and with the malicious mass email scams, and you have a huge pool of troglodytes to pull from. These are the people being "hacked". And it is not really being "hacked", it is simply having your password and info taken from you.
Oh, and I almost forgot. Then on top of this you have the people who simply share their characters and accounts with friends, thinking they are secure, their buddy would never do any harm. I would estimate a huge portion of so-called "hacked" WoW accounts fall into this category. Again, this falls back completely to the user's basic security. Share your password, even with one trusted friend, and your account is no longer password protected.
I am not saying everyone is not at fault but again not everyone is either and those are not random links to things that do not exist i am a security expert with 25 years, I have seen them used and this as for your argument that they can't hack your router sorry but i show customers how easy it is by setting up their wireless on max security with a long password with letters,numbers and uppercase software takes 10 mins max to crack wireless password.
Also there are backdoors that mfg put into routers that allow you to bypass any password that you put on it and allow them to change your dns and settings and skim your information .there is also security holes in the routers firmware that allow me to access your router settings without needing a password.
How do you explain accounts that are dormant for over three years getting hacked now going to a gold seller website? haha why they quit the game why would they buy gold , get leylogged wait the game is uninstalled or is sitting there not used you can't keylog something that is not being used your argument does not hold water.
Yes some people are at fault but this is like saying everyone that drives blows red lights or every shopper that shops shoplifts.
Not everyone is at fault say 70% are at fault 30% cannot be explained even trial accounts are getting hacked after 3 years being dormant.
Saying that blizzard cannot have a security issues is silly also government, military,banks,all big business have been hacked at one time or another.
It is more efficient to hack say blizzard than to hack thousands of customers can you say battlenet does not have a security vulnerability it very well could have.
Could someone have hacked the user base sure it could have happened or someone that was fired from blizzard leaked the info for cash gold sellers would pay huge sums for this.
Sorry to say even best antivirus out there CANNOT stop this because they do not have a fingerprint yet for this infection and cannot detect it also the keylogger can be polymorphic/hidden by rootkits not all rootkits can be detected by anti-virus because again they are new and av vendors do not a a fingerprint of the code to match using signature based scanning methods as well this is what rootkits do hide things from anti-virus thus no matter what av you have it will NOT find it unless you scan it from boot cd or slave it to a clean machine.
Having an av from 2000 does not protect your the latest threats using an OS/flash/java exploit allows malware to bypass ANY anti-virus i see it every day i clean 10 machines a day with fake anti-viruses and malware they have the following av installed:
Norton 2010 internet security
Mcafee internet security 2010
Panda internet security 2010
Kaspersky antivirus/internet security 2010
Avavst free/internet security 2010
bitdefender internet security 2010
avg free/internet security 2010
eset all versions
Microsoft security essentials.
and more much more all up to date.
I find 1 rootkits in 1 out 4 machines i scan a day.
Chances are if you get a keylogger/fake av it is from facebook/myspace it is the perfect attack vector for gold sellers.
Also every time you use a social network,IM client you are at risked from getting hacked and getting keyloggers installed by drive by advertising banners/hacked apps and clickjacking.
I have had 20 customers that got hacked from using facebook they had newest version of kaspersky internet security 2010 installed.
A few months ago there was advertising banners on farnville that were using flash exploit to load keyloggers onto users systems just from visting the web page and av's could not pick it up till a sample was sent to av vendors that was 30 days later long enough for them to gain lots of data.
I'd say it's mostly due to wow addons. I haven't played in several years. I never bought gold, items, power leveling or anything similar to that. I never gave out my information to anyone but blizzard.(knowingly) Yet, my account was suspended for verbal harrassment. I am lucky however than since then, I've gotten a new bank card and moved as well. So any of that information is useless to them since it is now invalid.
What I really want to know is.. why would someone use my information to get into my account, log in, and proceed to get themselved suspended for harrassment? Why not just get in and do what you mean to do, and then log off? If I had the means necessary to track this guy, I'm sure there is a trail and I'm sure he'd pay for it. That's just sloppy work IMO. It doesn't make sense.
Then again, maybe some of it is leaked information now that I think of it. I also have a new computer since I last played WoW. My username and password isn't similar to anything I use now.
So I guess you dont have those numbers. Not surprising.
I wasn't the one claiming to have facts on the situation, so why would you expect me to have those numbers.
Do YOU have some numbers to back up your "fact" that blizzard is leaking information to gold farmers just to keep subscription numbers high?
No... oh ok then.
I have yet to see any facts that all of these lost accounts are do to user error but yet you continue to blame everyone who has lost an account. Its been stated here time and time again that accounts cancelled and uninstalled for years are being stolen but yet somehow these same people play other MMO's and have not had this problem. I myself have played many MMO's and find it odd that the only account stolen was one I hadnt touched for over a year and wasnt installed on my PC, care to guess which one? Any Starcraft 2 accounts being stolen yet? WIth battlenet involved its only a matter of time. You can once again type out a wall of text explaining how its everyones fault except Blizzards but as time goes by its getting harder and harder for people to believe.
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.
The reason why so many accounts in WoW get hacked is because there are so many accounts in WoW.
Because the game is so popular, with over 11 million player, there is a huge amount of financial gain to be made from scammers.
The scammers in WoW are the most sophisticated i've seen in any mmo I have ever played. I have seen phishing site links that look EXACTLY like www.worldofwarcraft.com and have advertised special, subscriber only offers and even a sneak preview to the new WoW movie (lol).
Scammers main objective, besides getting your credit card information if you are stupid enough to give that away, is to get your gold. Once they have your gold, they send it off to multiple accounts, trying to switch hands as much as possible to throw off the trail. From there, they collect and try to sell your gold because the vast majority of scammers work for gold selling businesses.
However, if WoW only had a few thousand players, you would not see a flood of scammers and phishing sites because the money just wouldn't be there. There would STILL be scammers and phishing sites, of course, but they would be easily detectable and pose very little threat to the common gamer who knows what to look out for.
Im still getting emails on what my account is doing.
This is the most interesting part of your post, coorsman66.
When I allowed my account to go dormant this time, I received one - singular - email from Blizzard, informing me that the account was frozen. No reason was given and no link was included.
I checked the origin of the e-mail and it was, in fact, from Blizzard and not from Hotmail.
I then proceeded to immediately double-check my account status by manually typing in www.worldofwarcraft.com (World of Warcraft's official site address) and navigating to "manage account" to verify that my account is, in fact, inactive as it should be (it is).
Any e-mails received that are not from Blizzard or that appear suspicious in any way should be forwarded to hacks@blizzard.com, which is where I forward all e-mails that go to my spam box. It's worth noting that 99% of e-mails that are phishing attempts will go directly to spam if you have an even moderately decent e-mail provider. I have not ever had an official Blizzard e-mail go to spam, and can count on one hand and have several fingers left over the number of times I have had a phishing e-mail go to my inbox and not my spam box.
Personally, I'm not specifically blaming you or anyone else for account compromises because I am not there to see the specific details involved in your particular cases. I am generalizing and saying that in the cases I have seen and had to help sort out as a member of guild leadership, the list in my post above has almost always been what has happened. But I do leave the possibility that compromise is not alway the end-user's fault and that bad things do happen. Still, it would be nice if everyone - including the folks whose accouts have been compromised - would also keep an open mind in the discussion, and realize that there is a whole host of things that can, will, and do go wrong. It may not be deliberate, but stuff does happen. Not saying you are at fault and not saying that there's may not be a hole in battle.net security, but screaming, ranting, raving and cussing is never going to sort out what the real problem is.
"You are obviously confusing a mature rating with actual maturity." -Asherman
Maybe MMO is not your genre, go play Modern Warfare...or something you can be all twitchy...and rank up all night. This is seriously getting tired. -Ranyr
I stand by my belief that if your account was stolen, somewhere along the line it was your own fault. Whether it be a lack of security, visiting malicious websites, sharing/comprimised passwords, etc. , it is almost always the users own fault. If you run pirated software or steal copyrighted material via filesharing, you get what you deserve.
Relying on only one layer of security is also asking for trouble. I believe that as a minimum one should always run 2 different malware programs, quality AV software, both a hardware and software firewall, keep everything up to date, and some form of adware/crapware cleaner such as Adaware or CCleaner. This is at a minimum. In addition I also run several more layers such as anti-script software and use Firefox instead of Explorer.
That being said, Battlenet is a huge vulnerabilty in that would-be thieves already have one piece of the puzzle in your account name. Blizzard, while they like to preach security, are definitly to blame as well in that they not only do nothing about goldsellers/powerleveling websites, they also support them. Blizzard has activily advertised on IGN and other sites for years. I also noticed that when I recently cancelled my account, within a few hours I recieved a rather sophisticated phishing email which indicates strongly that somewhere within Blizzards account management itself there is some information being leaked to a third party. I toyed with the offending email, by the way, and it was easily manhandled by my laptops security.
The idea that sophisticated hackers are taking the time and effort to breach our machines and steal WoW information is laughable. As for all the frozen accounts being "hacked", most likely they are just phising emails sent out by sites where you bought gold, signed up for something, or someway or another gave someone your address that they know is attached to a WoW account.
Several guild members have had their accounts stolen, and I studied the actions of the comprimised characters. It was very obvious that the person controlling the character was niether very savy nor very efficient. They all pretty much farmed inefficiently for hours and failed to transfer gold or any other action beyond slowly accumulating gold. In the end all the gold farmed was left on the accounts after Blizzard restored it and they ended up with nothing. Hardly the actions of Matrix-like hackers that many are claiming to be attacked by. If you were hacked, you probably deserved it. Somewhere along the line, you comprimised your security.
I have yet to see any facts that all of these lost accounts are do to user error but yet you continue to blame everyone who has lost an account. Its been stated here time and time again that accounts cancelled and uninstalled for years are being stolen but yet somehow these same people play other MMO's and have not had this problem. I myself have played many MMO's and find it odd that the only account stolen was one I hadnt touched for over a year and wasnt installed on my PC, care to guess which one? Any Starcraft 2 accounts being stolen yet? WIth battlenet involved its only a matter of time. You can once again type out a wall of text explaining how its everyones fault except Blizzards but as time goes by its getting harder and harder for people to believe.
Here is a search I did in less than 3 minutes on some other mmos, players who have gotten hacked and who they blame.
I have yet to see any facts that all of these lost accounts are do to user error but yet you continue to blame everyone who has lost an account. Its been stated here time and time again that accounts cancelled and uninstalled for years are being stolen but yet somehow these same people play other MMO's and have not had this problem. I myself have played many MMO's and find it odd that the only account stolen was one I hadnt touched for over a year and wasnt installed on my PC, care to guess which one? Any Starcraft 2 accounts being stolen yet? WIth battlenet involved its only a matter of time. You can once again type out a wall of text explaining how its everyones fault except Blizzards but as time goes by its getting harder and harder for people to believe.
I've never played starcraft so I don't know why someone would hack an account.
Beyond that you want proof of what? There have been a number of players in this thread who have admitted they have gotten trojans, keyloggers, phished, etc. It is a fact that users do things the compromise their account.
You like to throw around the words fact and proof so much, but so far you nor anyone else have given any. A bunch of users who can't explain how they lost their accounts and want to blame the game company isn't exactly proof. In fact this isn't even something unique to blizzard.
Here is a search I did in less than 3 minutes on some other mmos, players who have gotten hacked and who they blame.
Same tired old story from people who seem to think it could not possibly be their fault and it must be something wrong with blizzard, ncsoft, mythic, turbine, etc.
I guess every mmo company must have insiders stealing account information and selling it to farmers right?
Sorry, friend, users are their own worst enemy.
Ive actually played four of the games on your list and never had an account stolen while playing them or afterward. Only my WOW account was stolen. So my security was lax on WOW but not the four on your list? Sounds rather odd.
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.
Comments
Many of the phishing emails are very convincing.
A side by side comparison and you'd mostly be unable to tell the difference unless you read where each link was going to.
Not just that I myself was the victim of account hacking, and not from either of those reasons. I simply went to a website and unknowingly had a keylogger trojan put on my computer from the advertising banner.
Almost no one is simply "hacked".
The victim is nearly always to blame. Somewhere along the line security was comprimised. Whether this be from giving away passwords to a "trusted" individual, buying leveling services, giving away info to a phishing email, lack of basic pc security, etc; whatever it may be the person hacked is the one at fault 99.99% of the time. It is Darwinism at work on the most basic level. The weak are being cultivated to support a thriving industy. Been hacked? You deserved it when you comprimised your account. Why are there so many people hacked in WoW? Because there is almost an endless supply of morons.
Really well i can tell you of 100's instances of people getting hacked by going to trusted sites such as allakazam,curse gaming,Chicago tribune,new york times,CNN,facebook ,farmville and 100's more having advertising banners inject keyloggers through java/flash exploit into your system you can't blame the user for this.
Now just other day a customer of mine had 2 WoW accounts hacked i did a full sweep of the systems and found a game called i spy spooky mansion from gamehouse games, the game contains a keylogger, either a hacker did this or the author.
Also the IRS website was serving up malware their site was hacked and infected thousands of computers other business web sites were also hacked doing the same.
Also there is a HUGE security hole which i believe the hackers are using it is router firmware quite a few routers are vulnerable to a dns pinning/rebinding ect.
Routers are not safe either if you really want to be afraid read this: http://www.wired.com/threatlevel/2008/08/revealed-the-in/
Also wireless on routers are NOT secure anyone with right tools can hack your wireless in less than 10 mins no matter what setting you choose for encryption then they run a packet sniffer and steal your data or hack your router and change dns and monitor your traffic.
Not just home routers are at risk commercial ones as well, it is also said that there is a HUGE windows security hole allowing these hacks to happen and microsoft knows about them they are going to close them soon so there is going to be a huge rise in hacked accounts.
http://www.tomshardware.com/news/Patch-Tuesday-Windows-7-XP-Vista,11023.html
I have seen routers that have been hacked by war dialing type hack that starts with all the addresses on the internet probe routers and enter them through mfg passwords flash firmware with custom firmware/change settings in volatile memory by hijacking dns settings allowing hackers to capture your information.
Normal people would not be able to detect this hack which could explain why some people get hacked multiple times even after buying a new pc or format and reload.
According to another security expert millions of routers are at risk, this is why i use a pc and custom router software instead of a hardware router.
http://www.zdnet.com/blog/hardware/millions-of-routers-vulnerable-to-hack-attack-is-yours/8895
Is your usb device safe? think again are cameras and mp3 players /cell phones/sd cards are being sold with malware/keyloggers right from the factory!.
Mp3 players,digital cameras,laptops,usb flash drives that have been sold on ebay in some instances contained malware used to steal data.
http://phandroid.com/2010/03/09/malware-packed-htc-magic-sold-shipped-by-vodafone/
http://www.tomshardware.com/news/usb-security-trojan-hackers-hack,10805.html
not long go razor was hacked and the hackers replaced mouse firmware with one that contained a trojan used to steal info.
Yes, blizzard sub numbers are being held up by the gold farmers. How perceptive of you.
Your pretty good with Blizzard numbers, do you have any showing the percentage of subs held by gold farmers?
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.
Two words (aside from those two): Age Demographic.
You are the one saying this and that are facts about gold farmers, inactive accounts and "leaked" information, so one would expect you have some source of information to make those claims.
99.9% of this basic pc security will stop. And the rest does not automatically mean you are "hacked". You can put all the links to every ambiguous virus there is, it doesn't change the fact that almost all people "hacked" either do not have basic security fundamentals set up on their pc, or that they comprimised their account.
Just because a piece of hardware has some sort of malware on it also does not neccessarily mean that malware can get anything useful from your system. For example, a potential hacker can ping my wireless router all day. Even if they are able to somehow magically brute force my 24 digit password undetected, they are still not into my home network free and clear. Again, this falls under basic pc security. The people being hacked are the ones setting up wireless home networks with no password, no hardware or software firewall, and no basic security. Even I, with only basic network skills, can walk through a network like that. That's not hacking, thats walking through an unlocked front door. So even if a potential "hacker" has the ability, time and tools to bust through my network do you think he would waste time on it to perhaps glean some pertinent info, when in that same amount of time he can walk through ten open doors? Doubt it.
The rest of the malware you linked means nothing. They are all easily detected by basic pc security and an up-to-date OS. The ones that aren't are not necissarily sure hack either. They are either a shot in the dark or a piece of bad code that was left in the software.
The people doing the hacking on a large scale operate a business. Just like any other business they rely on numbers. Taking multiple shots in the dark to perhaps get a password off some mouse firmware is just not going to generate the numbers they need. Not when they can advertise power leveling services (an open door, 100% guarantee to hack if they want), malicious emails, and other easy, fast, and much more effective methods than sending out a virus on a usb stick to perhaps, somehow, magically hack a WoW account. There are millions out there that have no virus protection, download pirated material, do not run up-to-date software, have no software and hardware firewalls, and run no malware protection. Couple these with the ones buying characters and powerleveling services, and with the malicious mass email scams, and you have a huge pool of troglodytes to pull from. These are the people being "hacked". And it is not really being "hacked", it is simply having your password and info taken from you.
Oh, and I almost forgot. Then on top of this you have the people who simply share their characters and accounts with friends, thinking they are secure, their buddy would never do any harm. I would estimate a huge portion of so-called "hacked" WoW accounts fall into this category. Again, this falls back completely to the user's basic security. Share your password, even with one trusted friend, and your account is no longer password protected.
So I guess you dont have those numbers. Not surprising.
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.
My wow account just got hacked for the second time in about a year, the funny thing about it is that the account has been inacttive for the whole year and more, havent used it in ages and still it keeps getting hacked. and people say its my fault cause i have keyloggers etc? fuck off noobs.
Currently Playing Path of Exile
Same thing has happened to me and two RL friends. I haven't played in a year and I've had my account stolen during my inactivity, and a friend who hasn't played in 3 years had his account stolen twice now. It is most definitely not always user error.
i beg to differ, 90% is user error, either by picking up key loggers or visiting bad websites or even by suppling emails and details to gold sellers which is also used on the main account, ive never been hacked or had any friends hacked and its beyond me how so many people do, apart from the above reasons
Playing: FFXIV
Future: wishing for SWG 2, World of Warcraft Classic
Played: Most current and extinct MMO's - 18 Years in....
Interesting Fact - I own 27 Tarantula's
Most likely scenarios, in my experience and opinion (based on dealing with guild members who have been compromised):
1 - Clicked on links in e-mails purporting to be from Blizzard. Those e-mails said one of the following (not an exhaustive list by any means) and required the player to take immediate action:
The player's account ws being investigated for undisclosed reasons
The player's account had already been compromised and was frozen
The player needed to sign up for the Cataclysm beta
The player's account was under investigation for harassment, gold selling, spamming, or other TOS violation
The player's account was last logged in post-cancellation from an IP that was not the player's known IP
2 - The player downloaded a mod or add-on using another site's installer, rather than downloading the .zip file, scanning it for malicious files, and manually installing it themselves (which is how third-party add-ons should always be installed - manually)
3 - The player does not own an authenticator. While following steps one and two helps make the authenticator less necessary (I played with add-ons for nearly two years without ever getting compromised), the authenticator is still a good idea. Honestly, no, it doesn't put profit in Blizzard's pocket: that $6.50 U.S. customers pay covers manufacturing and shipping and Blizzard isn't making much at all from the things from US customers. For Canadians, however...yeah...$30 shipping is more than a little insane. Get an American friend or guildmate to order the thing for you and mail it, as it's far, FAR cheaper to do it that way. Airmail really is NOT that expensive; I mail and ship things to Canada all the time for far less than $30 American or Canadian.
4 - The player is or has given their login credentials to another player for whatever reason.
5 - The player may not be paying as close attention to security client-side as they could be and has managed to get infected with malware that has allowed someone to access their account information. Add to that the fact that not everyone is as conscientious about changing their passwords regularly as some folks are and the situation becomes increasingly compounded.
While this list does not cover every single account compromise and some certainly are genuine compromises that have occurred either because of security issues on the client side or with battle.net (let's face it - account compromises have risen dramatically since the battle.net account merge and I personally have noticed a significant increase in the amount of phishing and spam mail that I receive since the battle.net merge and another significant increase in the amount of phishing mails since I have allowed my World of Warcraft account to go dormant), it has been my experience and observation that about 80 to 85% of the account compromises in WoW are due to one of those five issues I have listed.
Firebrand Art
"You are obviously confusing a mature rating with actual maturity." -Asherman
Maybe MMO is not your genre, go play Modern Warfare...or something you can be all twitchy...and rank up all night. This is seriously getting tired. -Ranyr
Same here. Mine has been inactive for a year and all of a sudden its compromised? Right now theres a pre-paid card on it and one of my characters is getting a faction change! Im fighting to get it back now but i feel its a lost cause. Im still getting emails on what my account is doing.
And to all the tards who say its "OUR" fault for getting hacked. Get a life or better yet get common sense!
Peeps on this site are soo quipped to blame us for the compromise but yet dont want to blame the "hackers" for making said programs that slips through the PC security cracks and into our system! Or blame Blizzard for not doing enough to secure our info!
My theory is this. (if it hasnt been said already, i dont feel like reading 5 pages of crap) I believe someone in blizzard is up to no good when it comes to inactive accounts. They give/sell the info out to gold/account selling sites. In hopes that we the consumer would buy another box to start another account. Which makes their quarterly numbers look good. I will never support blizzard again if i dont get my account back. This crap has gotten out of control! and it is in NO WAY our fault!
I just received an e-mail two days ago with this exact reasoning. I haven't played WoW in two years at least, so thought it was more than a little suspicious. Of course I'm internet savvy and declined to click on any of the links before deleting the e-mail, but I was curious to see if this was a popular tactic. Glad I came here to find out. =-)
I am not saying everyone is not at fault but again not everyone is either and those are not random links to things that do not exist i am a security expert with 25 years, I have seen them used and this as for your argument that they can't hack your router sorry but i show customers how easy it is by setting up their wireless on max security with a long password with letters,numbers and uppercase software takes 10 mins max to crack wireless password.
Also there are backdoors that mfg put into routers that allow you to bypass any password that you put on it and allow them to change your dns and settings and skim your information .there is also security holes in the routers firmware that allow me to access your router settings without needing a password.
How do you explain accounts that are dormant for over three years getting hacked now going to a gold seller website? haha why they quit the game why would they buy gold , get leylogged wait the game is uninstalled or is sitting there not used you can't keylog something that is not being used your argument does not hold water.
Yes some people are at fault but this is like saying everyone that drives blows red lights or every shopper that shops shoplifts.
Not everyone is at fault say 70% are at fault 30% cannot be explained even trial accounts are getting hacked after 3 years being dormant.
Saying that blizzard cannot have a security issues is silly also government, military,banks,all big business have been hacked at one time or another.
It is more efficient to hack say blizzard than to hack thousands of customers can you say battlenet does not have a security vulnerability it very well could have.
Could someone have hacked the user base sure it could have happened or someone that was fired from blizzard leaked the info for cash gold sellers would pay huge sums for this.
Sorry to say even best antivirus out there CANNOT stop this because they do not have a fingerprint yet for this infection and cannot detect it also the keylogger can be polymorphic/hidden by rootkits not all rootkits can be detected by anti-virus because again they are new and av vendors do not a a fingerprint of the code to match using signature based scanning methods as well this is what rootkits do hide things from anti-virus thus no matter what av you have it will NOT find it unless you scan it from boot cd or slave it to a clean machine.
Having an av from 2000 does not protect your the latest threats using an OS/flash/java exploit allows malware to bypass ANY anti-virus i see it every day i clean 10 machines a day with fake anti-viruses and malware they have the following av installed:
Norton 2010 internet security
Mcafee internet security 2010
Panda internet security 2010
Kaspersky antivirus/internet security 2010
Avavst free/internet security 2010
bitdefender internet security 2010
avg free/internet security 2010
eset all versions
Microsoft security essentials.
and more much more all up to date.
I find 1 rootkits in 1 out 4 machines i scan a day.
Chances are if you get a keylogger/fake av it is from facebook/myspace it is the perfect attack vector for gold sellers.
Also every time you use a social network,IM client you are at risked from getting hacked and getting keyloggers installed by drive by advertising banners/hacked apps and clickjacking.
http://www.sunbeltsoftware.com/About/Security-News/?title=Farmville-latest-target-of-clickjacking-scheme-19844905
I have had 20 customers that got hacked from using facebook they had newest version of kaspersky internet security 2010 installed.
A few months ago there was advertising banners on farnville that were using flash exploit to load keyloggers onto users systems just from visting the web page and av's could not pick it up till a sample was sent to av vendors that was 30 days later long enough for them to gain lots of data.
I'd say it's mostly due to wow addons. I haven't played in several years. I never bought gold, items, power leveling or anything similar to that. I never gave out my information to anyone but blizzard.(knowingly) Yet, my account was suspended for verbal harrassment. I am lucky however than since then, I've gotten a new bank card and moved as well. So any of that information is useless to them since it is now invalid.
What I really want to know is.. why would someone use my information to get into my account, log in, and proceed to get themselved suspended for harrassment? Why not just get in and do what you mean to do, and then log off? If I had the means necessary to track this guy, I'm sure there is a trail and I'm sure he'd pay for it. That's just sloppy work IMO. It doesn't make sense.
Then again, maybe some of it is leaked information now that I think of it. I also have a new computer since I last played WoW. My username and password isn't similar to anything I use now.
I wasn't the one claiming to have facts on the situation, so why would you expect me to have those numbers.
Do YOU have some numbers to back up your "fact" that blizzard is leaking information to gold farmers just to keep subscription numbers high?
No... oh ok then.
I have yet to see any facts that all of these lost accounts are do to user error but yet you continue to blame everyone who has lost an account. Its been stated here time and time again that accounts cancelled and uninstalled for years are being stolen but yet somehow these same people play other MMO's and have not had this problem. I myself have played many MMO's and find it odd that the only account stolen was one I hadnt touched for over a year and wasnt installed on my PC, care to guess which one? Any Starcraft 2 accounts being stolen yet? WIth battlenet involved its only a matter of time. You can once again type out a wall of text explaining how its everyones fault except Blizzards but as time goes by its getting harder and harder for people to believe.
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.
The reason why so many accounts in WoW get hacked is because there are so many accounts in WoW.
Because the game is so popular, with over 11 million player, there is a huge amount of financial gain to be made from scammers.
The scammers in WoW are the most sophisticated i've seen in any mmo I have ever played. I have seen phishing site links that look EXACTLY like www.worldofwarcraft.com and have advertised special, subscriber only offers and even a sneak preview to the new WoW movie (lol).
Scammers main objective, besides getting your credit card information if you are stupid enough to give that away, is to get your gold. Once they have your gold, they send it off to multiple accounts, trying to switch hands as much as possible to throw off the trail. From there, they collect and try to sell your gold because the vast majority of scammers work for gold selling businesses.
However, if WoW only had a few thousand players, you would not see a flood of scammers and phishing sites because the money just wouldn't be there. There would STILL be scammers and phishing sites, of course, but they would be easily detectable and pose very little threat to the common gamer who knows what to look out for.
This is the most interesting part of your post, coorsman66.
When I allowed my account to go dormant this time, I received one - singular - email from Blizzard, informing me that the account was frozen. No reason was given and no link was included.
I checked the origin of the e-mail and it was, in fact, from Blizzard and not from Hotmail.
I then proceeded to immediately double-check my account status by manually typing in www.worldofwarcraft.com (World of Warcraft's official site address) and navigating to "manage account" to verify that my account is, in fact, inactive as it should be (it is).
For US customers, the battle.net official address is http://us.battle.net/en/games/wow. The official address for Blizzard Entertainment for US customers is http://us.blizzard.com/en-us/. The official World of Warcraft Armory address is http://www.wowarmory.com/. I have all of these official site addresses bookmarked because typos happen.
Any e-mails received that are not from Blizzard or that appear suspicious in any way should be forwarded to hacks@blizzard.com, which is where I forward all e-mails that go to my spam box. It's worth noting that 99% of e-mails that are phishing attempts will go directly to spam if you have an even moderately decent e-mail provider. I have not ever had an official Blizzard e-mail go to spam, and can count on one hand and have several fingers left over the number of times I have had a phishing e-mail go to my inbox and not my spam box.
Personally, I'm not specifically blaming you or anyone else for account compromises because I am not there to see the specific details involved in your particular cases. I am generalizing and saying that in the cases I have seen and had to help sort out as a member of guild leadership, the list in my post above has almost always been what has happened. But I do leave the possibility that compromise is not alway the end-user's fault and that bad things do happen. Still, it would be nice if everyone - including the folks whose accouts have been compromised - would also keep an open mind in the discussion, and realize that there is a whole host of things that can, will, and do go wrong. It may not be deliberate, but stuff does happen. Not saying you are at fault and not saying that there's may not be a hole in battle.net security, but screaming, ranting, raving and cussing is never going to sort out what the real problem is.
Firebrand Art
"You are obviously confusing a mature rating with actual maturity." -Asherman
Maybe MMO is not your genre, go play Modern Warfare...or something you can be all twitchy...and rank up all night. This is seriously getting tired. -Ranyr
I stand by my belief that if your account was stolen, somewhere along the line it was your own fault. Whether it be a lack of security, visiting malicious websites, sharing/comprimised passwords, etc. , it is almost always the users own fault. If you run pirated software or steal copyrighted material via filesharing, you get what you deserve.
Relying on only one layer of security is also asking for trouble. I believe that as a minimum one should always run 2 different malware programs, quality AV software, both a hardware and software firewall, keep everything up to date, and some form of adware/crapware cleaner such as Adaware or CCleaner. This is at a minimum. In addition I also run several more layers such as anti-script software and use Firefox instead of Explorer.
That being said, Battlenet is a huge vulnerabilty in that would-be thieves already have one piece of the puzzle in your account name. Blizzard, while they like to preach security, are definitly to blame as well in that they not only do nothing about goldsellers/powerleveling websites, they also support them. Blizzard has activily advertised on IGN and other sites for years. I also noticed that when I recently cancelled my account, within a few hours I recieved a rather sophisticated phishing email which indicates strongly that somewhere within Blizzards account management itself there is some information being leaked to a third party. I toyed with the offending email, by the way, and it was easily manhandled by my laptops security.
The idea that sophisticated hackers are taking the time and effort to breach our machines and steal WoW information is laughable. As for all the frozen accounts being "hacked", most likely they are just phising emails sent out by sites where you bought gold, signed up for something, or someway or another gave someone your address that they know is attached to a WoW account.
Several guild members have had their accounts stolen, and I studied the actions of the comprimised characters. It was very obvious that the person controlling the character was niether very savy nor very efficient. They all pretty much farmed inefficiently for hours and failed to transfer gold or any other action beyond slowly accumulating gold. In the end all the gold farmed was left on the accounts after Blizzard restored it and they ended up with nothing. Hardly the actions of Matrix-like hackers that many are claiming to be attacked by. If you were hacked, you probably deserved it. Somewhere along the line, you comprimised your security.
Here is a search I did in less than 3 minutes on some other mmos, players who have gotten hacked and who they blame.
Aion: LINK
Warhammer: LINK
LOTRO: LINK
World of Tanks: LINK
Guild Wars: LINK
See a trend?
I guess every mmo company must have insiders stealing account information and selling it to gold farmers.
Sorry, friend, users are their own worst enemy.
Ive actually played four of the games on your list and never had an account stolen while playing them or afterward. Only my WOW account was stolen. So my security was lax on WOW but not the four on your list? Sounds rather odd.
WOW isnt great because it has 12 million players. WOW has 12 million players because its great.