Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
World of Warcraft: Hacked!
SBFord
Former Associate EditorMember LegendaryPosts: 33,129
MMORPG.com's Industry Relations Manager Garrett Fuller recently had his World of Warcraft account hacked shortly after taking a break from the game for awhile. In his Hacked column, Garrett talks about the process for account redemption and how much better companies, including Blizzard, have gotten at shutting down the hackers. Check it out, then let us know about your experiences on the forums.
So I download the Patch for Cataclysm coming up and basically don’t log in for a few weeks after. I just hit the wall with Warcraft again in the beginning of the summer and decided to take a few months off before the expansion. So after a break I log in to check out the new talent system and run around a bit with some free time. Well, the Name and Password are incorrect comes up. Ugh, I thought, please don’t be a hack. After many attempts I realize there is no getting in. So I decide to follow the step by step process that Blizzard has set up.
Read more of Garrett Fuller's Hacked!.
Comments
Yeah my battle.net acount got hacked as well as my WOW account, went thru the online petition but only got the battle.net account back, after that got an authenicator so this would not happen again.
I stopped playing in 2008 and late 2009 I got hacked and had some odd emails verifying this.
I got my battle.net account back without any real trouble, but the punks deleted all the characters from my horde pvp server. I got my top 3 back and some gear I think (I've not logged in to verify) but it bummed me pretty good.
I had a very similar (pleasant considering the circumstances) experience, minus the horrible wait on the phone. I just used the ticket option and email and it was all cleared up (though my gear had random stats on it when it was restored). All was restored and I have been using the mobile authenticator since. Not a problem, though many a phake email from looser scammers. I send them all to the blizzard hacks department.
Glad things were resolved for you in such a good way and maybe someone from Blizzard will actually read this and change their waiting song/recording....
Getting hacked at this point doesn't even affect you anymore other than inhibiting you from playing for like a day on the character whos gear got sold or deleted. It takes like 10 minutes on the phone with a blizzard support person to get your account back, and transferred to a different email assuming you know your secret question and secret answer or have the key from the original wow still handy. GM's have gotten faster with getting your gear back too, taking less than a day usually now.
Good friend of mine got hacked as well (zero-day Flash exploit back in 2008) and had a similar experience. Long wait on phone, but friendly enough and got his access back quickly and restored all of his important stuff within a week (which was very good considering the massive number of people hacked during that episode). He actually got a few more minor items about a month later. I don't think they restored absolutely everything (he had a good number of alts), but he got all his mains and their gear back as well as the bank stuff the hackers stole.
Good story. Problem is most peoples getting hacked expect to have their account restore within an hour. It's not that easy, when you have have 11 millions subs.
It is amazing how I've had a WoW account for years, 5 years of 4+ EQ1 accounts, 2 Eve accounts for 6 years, LOTRO for as long as it's been around, WW2 Online since 2001, etc.... never been hacked.
Of course, I don't download addons and I don't tell people my account name or password ever (not even roommates). Now, I am getting fake blizzard spam mail for the first time for the past couple of months, but they're all obviously bogus, and it makes me sad people fall for them. I get a lot of facebook spam too, but since I'm not on facebook, that makes them pretty easy to spot as fake lol.
I've been hacked twice in my time playing WoW, even though I never bought online gold, which prompted me to write this brief paper. Here's an exerpt...
...seeing a chance to make a profit, groups China and Russia began to sell virtual gold online to players willing to pay real money instead of earning it in game themselves, then log into the game and make the illegal exchange. These “gold farmers” didn’t stop there, however. The websites where you buy and sell gold often contain malware such as keyloggers. These sites also require you to create an account with them, on which many uneducated players use their WoW account login information. The gold farmers can then hack the player’s account and steal all the gold…even the gold the player had just recently purchased from their site, which the gold farmers can then turn around and sell to the next unsuspecting player.
This isn’t the only way to get your account hacked in WoW, however. Today, many sites, often unrelated to World of Warcraft, contain Trojan horses and other malware. So it is indeed possible, and even extremely likely, that an attempt will be made to compromise your account. Here is where I come in. I’ve had a World of Warcraft account for 5 years, and in that time, have had my account hacked twice. I don’t buy gold online and try to keep up with my anti-virus protection and windows security updates. I consider myself to be above the average PC user in terms of general computer knowledge, but it seems as though all the knowledge in the world wasn’t saving me from being hacked. So, the question becomes:
How do these attackers acquire my account information?
There are several ways in which a hacker can obtain compromise your account. The first, and seemingly most popular way, is by getting software which allows for input information retrieval. One such type of delivery method is called a Trojan horse. Unlike worms and viruses, Trojan horses cannot operate or spread from machine to machine without human intervention. These programs require a user to open a particular file to which the Trojans are attached. Trojan horses usually enter computer systems in one of two ways. They can be embedded in normally legitimate software which has become corrupted without the end user’s knowledge, or through an independent program that is embedded in a game, image, or song. Typical Windows programs that are targeted for these malicious tasks are .exe, .com, .bat, .scr, or .pif. Trojan horses can also be sent via instant message, email, or downloaded from websites or file-sharing programs, which we will go into more detail later.
The most common form of Trojan used to obtain user data is known as a keylogger. Keyloggers come in 2 forms, and those forms each come in several varieties. The first type of keylogger I will mention briefly, because they are of little concern to the purpose of this paper, is hardware based. Hardware keyloggers are small pieces of hardware that are attached to the keyboard at one end and a computer port such as PS/2 or USB at the other. They are designed to log and store data in memory for later retrieval that the unsuspecting user inputs. The other, more complex and dangerous keylogger type, is software based. Delivered through various means, either over the internet or through a network, software keyloggers perform the same task as their hardware counterparts, but in a few different ways.
One type of software keylogger is a DLL keyloggers. Also known as a Hook-based keylogger, it uses the keyboard message hook to intercept the communication and capture key presses. DLL stands for "Dynamic Link Library". A DLL is a file that contains programming code that more than one program may need to access. By linking to the DLL file, other programs can use the code without having to include it in their own files. A relatively easy way to check your system for these types of keyloggers is by looking at the running tasks in your Windows Task Manager. A simple Google search can reveal any suspicious running applications as malicious.
Another major type of software keylogger is Form Grabber-based. Often confused with the more simplistic traditional keylogger, which just records individual keystrokes, Form Grabber keyloggers intercept the onSubmit API (Application Program Interface) contained in web browsers and records this form data before it transmits over the internet in order to bypass https encryption so that it may be more easily understood by the hacker. This type of method is very effective in recording online passwords and other sensitive data because it only records login, password, IP, URL and other form fields based on what the attacker specifies.
The last form of keylogging I will discuss is called Clipboard Logging. Clipboard logging is a relatively new form of information gathering software, which only records information copied to the clipboard by either highlighting, right-clicking and selecting “Copy,” or using the keyboard function Ctrl+C. Regardless of the method, all keylogging programs obtain the info desired and report back to their creators through a previously designated open port on the infected user’s firewall.
But how was I infected?
Though you may feel as though your web browsing and download/upload habits are sound and secure, there are many ways for a hacker to get malicious software onto your PC. For World of Warcraft players, one of the most dangerous practices is known as file-sharing. Also referred to as Peer to peer or “Torrenting,” this process allows your computer to send and receive files on specified ports to and from other users using one of many file-sharing programs, such as BitTorrent and uTorrent. These programs keep track of who created the original torrent file, what the torrent contains, and how to download and upload information corresponding to that torrent. When the .TORRENT file is opened, the torrent program connects to other users who have portions of that specific torrent and downloads the torrent from them. Upon receiving portions of the torrent, your computer in turn becomes able to upload in a process known as “seeding”. Once the torrent program has received all portions of the torrent, it assembles them into a file using the directions found in the .TORRENT file. WoW users that torrent instead of using the official Blizzard patcher to download the client or patches run the risk of downloading a corrupt version of the file which may contain malware such as keyloggers.
Another potentially detrimental practice is the download and use of what are known in the gaming community as addons. Addons are files written by third parties that allow a game user to alter their playing experience in different ways, such as changing the game’s UI or add different functionality for more ease of use. Websites such as curse.com offer a hub for players to upload/download and share these files, much like torrenting, save for the normal upload/download process. Hackers can create useful addons that players will want to download, but also embed a keylogger into it, making account information easily obtainable.
As mentioned earlier, malicious websites, such as those that buy in game currency and leveling services, are another place players should avoid at all costs. Although these World of Warcraft player-targeted sites may very well contain malware, research done by Fraser Howard, a principal virus researcher employed by Elsevier Ltd., shows that 83% of malicious web pages appear on legitimate sites. With ‘good’ sites harboring malware, users relying solely on basic firewall and antivirus software could find themselves susceptible. One thing to mention and watch out for on any site you do not currently trust are ActiveX controls. ActiveX is a set of technologies from Microsoft that enables interactive content for the World Wide Web. For users visiting a site for the first time, they may be asked to download “ActiveX Controls,” which can contain malicious software that then has free reign over your system and its contents.
Yet another way attackers can get you to go to malicious websites is through phishing. These spam emails usually appear to come from a well-known organization and ask for your personal information, such as credit card number, social security number, account number or password. These emails may also provide a link seeming going to a normally trusted one, but instead brings the user to a fake webpage, cloned to appear as though it’s a site you have an account with, like World of Warcraft. These hacker created sites exist because the domain registration process is insufficiently policed, enabling people to create attack sites or capture web form submissions intended for other similar domains. Attackers using this latter method typically set up a site using a domain name that is very similar to, or a common misspelling of, an existing, legitimate brand.
Last but not least, players can and will be solicited by would be hackers and gold farmers in game as well! In game communications, such as player to player private messaging and in game mail, allow attackers to get their website information to the player in a very up front and personal way. Attackers have also been known to impersonate a Blizzard employee, requesting account information from the player in order to “save” their “compromised” account information. At this point, you may be asking:
How can I stop this from happening to me?
For starters, always keep your Operating System and software firewall up to date with the latest security downloads in order to minimize the effectiveness of the most recent system flaws and weaknesses. Another basic form of defense is to download anti-virus and anti-spyware programs. Many anti-virus companies even offer free versions of their product at are also very effective, such as AVG, MalwareBytes and Spybot Search & Destroy.
As I mentioned initially, avoiding potentially malicious sites and spam emails, making sure I had my OS and firewall software up to date, installing AVG anti-virus and running weekly scans with MalwareBytes was not enough for me to avoid being hacked. I had to take it to the next level. I downloaded an app for my iPhone known as an Authenticator, which syncs with one of your accounts and produces a random number based on many different potential algorithms. These Authenticators also come in a hardware version, which normally attaches to your keychain.
In order to try and coax players into using this technology, Blizzard Entertainment is giving away free in-game items to players that order/download them.
On-Screen keyboards are also an excellent way to type in passwords and other sensitive information if you feel you may have a keylogger on your machine. In Windows, you can press the Windows Key + U in order to bring up your On-Screen keyboard. In Vista and Windows 7, you can also simply type “on screen keyboard” in the Search field of your Start window.
Using an On-Screen keyboard by clicking the “keys” with your mouse prevents the keylogger from recording your keystrokes, because you are not physically typing anything on the keyboard.
There is no sure-fire way to prevent hackers from obtaining your personal information, but you can make it difficult enough for them by using the steps above where they just may move on to an easier target. So, keep that anti-virus up to date, use an Authenticator in conjunction with a strong password on your WoW game account, and you greatly lower your chances of having your account hacked again in the future.
Joined 2004 - I can't believe I've been a MMORPG.com member for 20 years! Get off my lawn!
Yeah, they do a pretty good job, especially compared to the nonexistent support in some other games; though I had a much worse experience myself, that wasn't because of the customer reps though...
I got hacked at the time when authenticators first became popular for WoW (early Wotlk) and the hackers ironically added an authenticator to my account in order to prevent me from accessing it...
At the time, these things weren't even available in Europe and the customer reps were kind of oblivious as to what should be done to solve this problem...
It took weeks to remove the thing from my account in the end...
Feel free to use my referral link for SW:TOR if you want to test out the game. You'll get some special unlocks!
" On-Screen keyboards are also an excellent way to type in passwords and other sensitive information if you feel you may have a keylogger on your machine. In Windows, you can press the Windows Key + U in order to bring up your On-Screen keyboard. In Vista and Windows 7, you can also simply type “on screen keyboard” in the Search field of your Start window.
Using an On-Screen keyboard by clicking the “keys” with your mouse prevents the keylogger from recording your keystrokes, because you are not physically typing anything on the keyboard."
This, is where so many people I know or have talked to fail.
They either respond with, "its the same as me typing with the kboard, why take 2x longer to log in" or "onscreen keyboard, wtf would i use that, i have a keyboard".
A game is just that... a game, not an emotional crutch.
I think that is the longest comment I have ever seen.
Ditto.
There isn't a "right" or "wrong" way to play, if you want to use a screwdriver to put nails into wood, have at it, simply don't complain when the guy next to you with the hammer is doing it much better and easier. - Allein
"Graphics are often supplied by Engines that (some) MMORPG's are built in" - Spuffyre
tnx for the info. i'll check my account with WOW right away...:)
Glad it went well for you.
I am one of those for which the experience was so bad I quit playing any Blizzard game for good. I had the long phone wait, got my account restored, was re-hacked, called Blizzard security, replaced my computer (old one died anyway) so no addons, keyloggers, etc..., changed by bnet login, put my password on a random generator and added an autheticator, got Blizzard security to confirm the changes were all good . . . got re-hacked again. Quit Blizzard games.
I understand my circumstances are rare, but for me it was too much hacking and seems to be someone inside Blizzard either using the account, letting one of their friends use it or sold it because I dealt with Blizzard's security service multiple times to make the account as secure as possible and it still got "hacked".
Gaming since Avalon Hill was making board games.
Played SWG, EVE, Fallen Earth, LOTRO, Rift, Vanguard, WoW, SWTOR, TSW, Tera
Tried Aoc, Aion, EQII, RoM, Vindictus, Darkfail, DDO, GW, PotBS
Actually a few thousand accounts got leaked by ... oh wait... this is Blizzard and not NCSoft. Nevermind then, carry on.
Sometimes it doesn't matter how often you keep changing your password, downloading addons or cleaning your PC: Without an authenticator you're bound to get hacked sooner or later. I clean my PC with four different anti-spyware/virus programs at least once in a week, always watch out for where I'm surfing and downloading from and haven't downloaded any addons since DBM which was about a year ago. There might be a keylogger here somewhere, but then it certainly is quite a sly one.
My account got hacked about one month ago. I was visiting my family, and on monday morning my friend called and asked was it really I who was online as I wasn't replying to him and kept running between Honor Hold and Ramparts. After a brief heart attack I got to my sisters PC and tried to login to my battle.net account. Turned out I couldn't. The hacker had added an authenticator to my account, so no go with that. I submitted a ticked through Blizzard's webform and an hour later had my account succesfully banned. I think it took about four days for them to remove the wrong authenticator and change my email address, and about an hour to get all my stolen money/stuff back. I suppose that I could've handled it all with a single phone call, but I wasn't in hurry (and not feeling confident enough with my spoken english) so I handled the whole situation vie emails.
Recently I saw this quite interesting interview with a gold seller at youtube where the guy stated that gold farmers actually get majority of their logins and password by hacking the game forums and such, not individual PC's. The seller seemed quite a nice guy actually, he even had a method in mind that would reduce the amount of hackings by about 90%: Password should be changed once every month and never into something you've used even once before. He had many other interesting things to say also but that was what surprised me the most.
One, have not heard of one account with an authenticator being hacked. Banks use those devices and never had a problem getting hacked when I worked for one. So that is a sure fire way to prevent getting hacked.
Had a different problem, had not played since they changed logins to a battlenet account and I obviously could not log into my account so I had to call them to get my account transfered to my battlenet account, took about 5 calls to get through and about a 40 minute wait. I also had a bad key for my expansion pack, but they would not do anything about that even though whoever was using it had obviously stolen it. Had to return the package to the store and get another.
I got hacked too, and Blizzard did a good job of helping me get it back and got most my stuff back. They said they could only give me a certain amount of stuff back ( for some reason ) I guess because I have so many dang characters.
To start things off, im a network admin so i know how to setup firewalls, antivirus and antispyware programs.
Ive been hacked 5 times now. The last time was 3!! weeks after getting my account back after the 4th hack.
Everytime ive been hacked ive completely formatted my hdd and reinstalled everything. im 99.9% sure the problem isnt on my side. Ive had about 20 other mmo's where ive never been hacked, among others LOTRO SW:G Warhammer online, Conan, EVE online, guildwars.
Its gone so far with wow hacks that almost everyone i know has been hacked at least once. (and most of my freinds have been playing wow since the game came out).
BTW hardware authenticators seem just one more way for blizz to make money. NO OTHER game that i know of needs a peice of hardware to make it more secure.
After the 5th hack i finally gave up.
The worst security problem i got related to games in my life was with NCsoft and Aion and with Blizzard and Wow.
Aion i played like few months and the fishing email beging to kicks in. I just cacnceled the subsciption the same month and never will ever buy any other products from them whatever they will be. It was very well known at this time that their email listing was hacked yet the always denyed it. To be honest i always had the feeling this company had strange affair with the gold seller affair, and i stand firm behind this now. I dont know if their listing got sold or robed but something happened for sur, and something very smelly. I will never trade with internet company that have internal security problems, even if it is just a game.
Few month later i tryed Wow, just because i had to try it one day, since i play mmo since the early Uo lunch, and wow is "WOW". I knew it wasn't a game for me, and it really isn't, so i didn't even baught the first month, it was just the try it stuff, and didn't even last more than few days. Since then the email i used for this test is still spammed with phishing or real Wow account security sector sending me email about the fact my account is hacked (i mean like twice a weeks for month now lol), to be honest i don't give a shit since i never payed and will never. Not only because of the game, but i don't want my mails spammed with crap all my life time, so thank you guys, byebye.
Just to be clear i never ever got any phishing email attempt but from those 2 companies in 20 years of mmo gaming. So guys i hope you'll take this as a lesson to learn something. And i play almost every day of those 20years, f2p, p2p anyking you could dream of i tryed it... Yet the only security holes i got was from you, the 2 biggest companies ever??? I mean should i repeat it twice to make it clear?
Coincidence?... come on, i'm 40 years old now.
Some pieces of advice....
1) Use Firefox with the NoScript Add-On installed when browsing. This prevents websites from running potentialy harmfull scripts on your machine. It will break alot of sites "functionality", you can choose to allow those sites to run scripts in your browser on a one on one basis...as you trust them....and I would generaly only allow temporary permissions. Run no other add ons in any of your browsers (or game clients). Period.
2) Never ever install any file sharing or P2P applications on your machine. In general avoid "widgets" as well.
3) Install a personal firewall with a default rule of DENY ALL IN & DENY ALL OUT and poke. Unless you are running a server, no traffic coming INBOUND is legitimate. Outbound traffic MAY be legitimate, but you want to only allow that traffic on a case by case basis for connections that you KNOW you are making on purpose. That way, even if you do get infected... you are preventing the malware from dialing home.
4) Avoid IM, period.
5) Set your e-mail client to read e-mail in PLAIN TEXT only. That way you can see the addresses of the places a link tries to take you....make sure those domains are legitimate ones. In general, never click a link in an e-mail that you aren't SURE you generated by some action YOU TOOK. Your best bet is to avoid links and type in the URLs to your sites manualy (or access them from favorates entries). If a site is telling you there is some problem with your account in an e-mail, DO NOT click a link provided in that e-mail. Goto that site the normal way you always get there yourself... chances are the e-mail was a bogus phishing attempt.
6) Avoid fishy sites....especialy any site that deals with gold selling, you are just asking to be hacked.
7) Use a strong password ....something at least 8 characters long with both letters and numbers, upper case letters and puncuation marks if possible. Alot of people are hacked simply because they use easy to guess passwords.
8) Use different passwords for different sites. It's probably too hard to remember a unique password for every different site you access...but having like 4 that you use works. Designate 1 garbage password to use with sites you don't trust that much.... and 1 one that you only use for sites that are truely important and you know have strong security (like your bank), etc. In general, don't use your super sensitive password for gaming sites. Even though their security is better then most end users....it's generaly not all that hot....and there is some risk of them getting hacked and loosing your acct credentials.... you DON'T want to entrust them with the same password that you use for banking, etc.
9) Don't give out your password to ANYONE. No legitimate company well EVER ask you for your password over the phone. They may ask your permission to change/reset your password for you...but they'll NEVER ask you what your password was. Companies that care about your security won't even give thier employees the ability to lookup users passwords, only change them.
10) For any site that allows it, DO NOT use your e-mail as your username and don't use the same nickname/forum name/screen name as your login user name. Having some-ones username is 50% of the puzzle of breaking thier account.....don't make the hackers job easier for them by giving that piece of the puzzle away for free.
Following the above won't make you bullet-proof....but it should avoid about 99% of the common traps people fall into.
Actually, in regards to accounts with authenticators being hacked, a number of incidents happened a bit early this year. http://www.tomshardware.com/news/blizzard-warcraft-authenticator-hack,9821.html
Now you've heard about it... :-)
I never have trouble when informing Blizzard my account was hacked. I just get annoyed at how often it happens.
Sorry, I don't see how this is worth an article.
Some guys account got hacked. So? Happens constantly to people. Yes, it's annoying. Still, it's their fault, since it was a security problem on their side.
He got his account back, his equipment was gone, and that didn't take long. Soooooo? Does that article give us any new information about anything? No. Any creative points of view? A review of something? Fresh ideas? Interesting screenshots or videos to look at?
Nah. It's just some guy describing something that happens constantly. If I'd describe how I'd go to the bakery and buy some bread, that would be more worth of an article, because it's as mundane as getting your wow account hacked, but it's not as often talked about.
Sorry if I sound negative, but that really is not worth a read.
Let's play Fallen Earth (blind, 300 episodes)
Let's play Guild Wars 2 (blind, 45 episodes)