Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Bear with me, but why do so many people get hacked in WoW?

2456712

Comments

  • thexratedthexrated Member UncommonPosts: 1,368

    Originally posted by eyeswideopen

    Three reasons.

    One is some people are just fundamentally stupid.

    The other is that Blizzard is nowhere near as secure, even with their "authenticator", as they would have you believe. No company is.

    And when you combine those two reasons you get the third reason, fundamentally stupid people who also put blind faith in a company to keep them safe.

    Fourth, Blizzard internal systems are not as secure as people tend to assume. It is frequent news that personal information was leaked by company employees, temps or third party service providers with access to that information. Some people even sell this information to hackers or to competitiors etc.

    This information can also come from fan sites and alike. Where people often sign up with same email as they do to their online games.

    "The person who experiences greatness must have a feeling for the myth he is in."

  • KidfierceKidfierce Member Posts: 36

    Originally posted by maacaaviityy

    Originally posted by Kidfierce

    Originally posted by maacaaviityy

    The ammount of people who REALLY get hacked is close to 0.

    The ammount of stupid people who click random links, visit random websites, downloads random shit etc. = Pretty much anyone who claims to get "hacked".

     

     

    Where can I look these numbers you've mentioned up?  Link please.

     

     

    Riddle me this, if there actually were people out there who knew how to really hack, don't you think they would go for the characters of people in top guilds, who all sit at like goldcap and beyond?

    No no! Surely the hackers go for the 14 yo kids who have nothing of value on their account! - Come on.

    It's common knowledge that pretty much anyone who claims to get "hacked" has either clicked some fake link, downloaded something containing a keylogger or shares their account with someone else.

     

     

    Common knowledge where?  Provide a link or I'll have to assume you're making everything up.

     

     

  • The_GrumpThe_Grump Member Posts: 331

    Originally posted by mrcalhou

    Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?

    This is what I've been saying the whole time, given the near ubiquitous presence of add-ons and the fact that no one has taken the time to send me a detailed PM to explain why that wouldn't be the case. Whether it is through the Curse client, something in the ads on the Curse network sites, or any of a number of things, hackers are incredibly creative and the existence of add-ons and the near ubiquitous use of them gives them an incredible window that they have no doubt found more than one way to exploit. Granted, coincidence is not causation but I have yet to have someone say, 'I haven't used add-ons, taken all due precautions and have still been hacked.'

    (1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain.
    (2) It's not about community, is it? You just have nothing better to do.

  • HorusraHorusra Member EpicPosts: 4,411

    Originally posted by teknician

    Originally posted by Sauronas

    There's two possible reasons.  #1 addons.  #2 wow players are newbs.

    You can not get compromised by add-ons unless there is an executable included that you or the add-on runs.  If you install them manually and pay attention to what is in the file, this will never happen.  Lua files can not contain viruses or Trojans, and they can not steal your log-in information because they are initialized after you log into the game.

     Yeah right you can not get compromised by add-ons...dream on. 

     

    I love the part about if you manually install them and pay attention...I am sure 10% might do this the other 90% just load it up.

    Collecting ingame data is one thing they can do.  And it was proven last year even that some infected addons after initializing the first time after login would stay active after the gaming session stopped.  Thus catching you the second time you logged in.  They monitored account activity and info.  Thus why a lot of people get "hacked" when their accounts are inactive.

  • maacaaviityymaacaaviityy Member UncommonPosts: 127

    Originally posted by Horusra

    Originally posted by teknician


    Originally posted by Sauronas

    There's two possible reasons.  #1 addons.  #2 wow players are newbs.

    You can not get compromised by add-ons unless there is an executable included that you or the add-on runs.  If you install them manually and pay attention to what is in the file, this will never happen.  Lua files can not contain viruses or Trojans, and they can not steal your log-in information because they are initialized after you log into the game.

     Yeah right you can not get compromised by add-ons...dream on. 

     

    I love the part about if you manually install them and pay attention...I am sure 10% might do this the other 90% just load it up.

    Collecting ingame data is one thing they can do.  And it was proven last year even that some infected addons after initializing the first time after login would stay active after the gaming session stopped.  Thus catching you the second time you logged in.  They monitored account activity and info.  Thus why a lot of people get "hacked" when their accounts are inactive.

    As far as I remember, it wasn't an addon that contained the keylogger, it was the Curse auto-update client itself.

  • KidfierceKidfierce Member Posts: 36

    Originally posted by Horusra

    Originally posted by teknician

    Originally posted by Sauronas

    There's two possible reasons.  #1 addons.  #2 wow players are newbs.

    You can not get compromised by add-ons unless there is an executable included that you or the add-on runs.  If you install them manually and pay attention to what is in the file, this will never happen.  Lua files can not contain viruses or Trojans, and they can not steal your log-in information because they are initialized after you log into the game.

     Yeah right you can not get compromised by add-ons...dream on. 

     

    I love the part about if you manually install them and pay attention...I am sure 10% might do this the other 90% just load it up.

     

     

    I totally agree with this.   However, not being informed of what to look for upon installation doesn't make a person "stupid".       

  • AconsarAconsar Member Posts: 262

    A fair amount are from loading unsafe sites or downloading unsafe add-ons.

     

    For the rest of us that aren't retarded, it was a leak on Blizzard's side.  If you had quit playing and didn't upgrade your account to a battlenet, it was compromised.  Every friend I know that quit playing, myself including, had their account compromised; some of which quit 3 years ago.

     

    I've explained in other posts how this has happened, but the fanbots won't believe a word of it since it's negative.  Sad because it's nothing against the game, just the lack of security.

  • The_GrumpThe_Grump Member Posts: 331

    Originally posted by Horusra

    Originally posted by teknician


    Originally posted by Sauronas

    There's two possible reasons.  #1 addons.  #2 wow players are newbs.

    You can not get compromised by add-ons unless there is an executable included that you or the add-on runs.  If you install them manually and pay attention to what is in the file, this will never happen.  Lua files can not contain viruses or Trojans, and they can not steal your log-in information because they are initialized after you log into the game.

     Yeah right you can not get compromised by add-ons...dream on. 

     

    I love the part about if you manually install them and pay attention...I am sure 10% might do this the other 90% just load it up.

    Collecting ingame data is one thing they can do.  And it was proven last year even that some infected addons after initializing the first time after login would stay active after the gaming session stopped.  Thus catching you the second time you logged in.  They monitored account activity and info.  Thus why a lot of people get "hacked" when their accounts are inactive.

    Horusra, you seem to have a head on your shoulders and know something more than many of us do about the way add-ons work. Any idiot can post about add-ons not being able to do something because they are a particular type of file, really superficial information and seemingly given by rote. Conversely, most any player can say that add-ons have something to do with it and yet not know how. Since you seem to know a bit more about what's going on than many of us, why don't you open a thread and explain to us what you think is going on along with links to some helpful information? This would do us all a great service.

    (1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain.
    (2) It's not about community, is it? You just have nothing better to do.

  • eburneburn Member Posts: 740

    When our WoW accounts had to be signed in to with email addressed it made it real easy for a program to 'phish' for information. You post somewhere MMORPG or WoW related with your email showing? Probabaly. Well then it's a matter of getting through 128 encryption or password guessing to get in.

    Got a "This is my WoW character" app on Myspace, Facebook, wherever? Yeah chances are your sign in email is the one they'll fish.

    My account went inactive shortly after this change and I haven't been back, but I got hacked and notified and then Blizzard took a little bit over the course of the day to verify and fix everything for me.

    My girlfriend on the other hand created a new gmail just for the battle.net sign in and hasn't been hacked, but her usual email gets phished for WoW information constantly.

    So, I blame battle.net

    I kill other players because they're smarter than AI, sometimes.

  • ReklawReklaw Member UncommonPosts: 6,495

    Originally posted by tank017

    Yep,

    My account has been inactive for 4 months(as far as me using it) and I just got a "your account has been suspended for using a 3rd party hack" email from Blizzard.

    someone obviously took my account for a joy ride..

    Most likely nobody took your account for a joy ride, unless you might have clicked on the links in that email.

    Those emails are 90% of the time FAKE, don't fall for them please.

    I stopped playing WoW a week after I bought BC at it's release date, and still on my old email which I hardly use anymore I get those mails, even get them from games I never even played lol.

  • SerenesSerenes Member UncommonPosts: 351

    The Goldsellers go through more extremes too get the accounts because they are wourth more than any other MMO.

  • expressoexpresso Member UncommonPosts: 2,218

    IF EQ2 had 11millions subs the title of this thread would be ".....why so many people get hacked in EQ2?", Blizzards servers are just as secure as any other companies.  Just the shear amount of phishing mails, web/flash scripts designed to steal your WoW info and gold buying is so huge.

    We hear about the noisey few but we dont hear the silent millions who have not been hacked.

  • eburneburn Member Posts: 740

    Originally posted by Serenes

    The Goldsellers go through more extremes too get the accounts because they are wourth more than any other MMO.

    Well sadly battle.net had horrible security since the Diablo days, so it was kind of inevitable.

    I kill other players because they're smarter than AI, sometimes.

  • EvileEvile Member Posts: 534

    So many people get hacked, because there are so many people.

    image

  • expressoexpresso Member UncommonPosts: 2,218

    Originally posted by eburn

    Originally posted by Serenes

    The Goldsellers go through more extremes too get the accounts because they are wourth more than any other MMO.

    Well sadly battle.net had horrible security since the Diablo days, so it was kind of inevitable.

     How does battle net have horrible security?

  • VrikaVrika Member LegendaryPosts: 7,990

    Addons can NOT steal your password, despite what many people believe. Even when people visiting addon sites got their accounts hacked, there was a huge problem a few years back, it was the sites themselves wich were infected and used a security leak in Internet Explorer to infect computers. As far as I know, there has been never been any known security errors in Blizzard's addon system wich would have allowed addons themselves to steal passwords.

    Usually getting your account hacked is ID10T -error, user's stupidity. Naive people trust pishing e-mails and accidentally give away their account information to hackers, or a person accidentally runs a program file on his computer thinking that it's just a WoW addon, addons are never programs. Or a person uses the same password on 100 diffirent sites all over the net, and it gets leaked out of one of those. The hackers aren't stupid, once they have your likely login and password they will test it on WoW, because WoW accounts are valuable and so many people have WoW account. Or a person doesn't have updated firewall, antivirus, and hasn't downloaded latest updates for the programs he uses, then there's security error in some of those, and outside attacker gets control of your computer.

    It's not impossible that Blizzard might have a leak somewhere, but it's very unlikely. They have a multi-billion dollar business wich would quickly be all in ruins if someone could steal information from their systems. They must protect their info as well as any other multi-billion dollar business. It's just human's natural defence mechanism to blame them for hacked accounts, when people get hacked, don't know how it's done, and don't want to admit that there's 99.9% probablity it was their mistake and only 0.1% probability it was Blizzard's mistake.

     
  • eburneburn Member Posts: 740

    Originally posted by expresso

    Originally posted by eburn


    Originally posted by Serenes

    The Goldsellers go through more extremes too get the accounts because they are wourth more than any other MMO.

    Well sadly battle.net had horrible security since the Diablo days, so it was kind of inevitable.

     How does battle net have horrible security?

    Email addresses as user IDs allow people to KNOW your email address.

    I'd explain more, but trust me the hackers already know. People make stupid passwords and they get hacked. Or if someone suspects that you've got decent gear and it hasn't change that you've quit and then they'll go through the encryption. It's not easy to do, but once you've done one you can do a bunch in a hurry.

    The short story is, most accounts can be watched. You get a good score you can be found. Your primary handle is easily acquired and the password follows suit shortly after. If they get a bunch of inactive people, they won't get watched quite as noticeably as if they phished active accounts that support has to deal with then.

    It isn't any more sophisticated than that.

    I kill other players because they're smarter than AI, sometimes.

  • The_GrumpThe_Grump Member Posts: 331

    Originally posted by Vrika

    It's not impossible that Blizzard might have a leak somewhere, but it's very unlikely. They have a multi-billion dollar business wich would quickly be all in ruins if someone could steal information from their systems. They must protect their info as well as any other multi-billion dollar business. It's just human's natural defence mechanism to blame them for hacked accounts, when people get hacked, don't know how it's done, and don't want to admit that there's 99.9% probablity it was their mistake and only 0.1% probability it was Blizzard's mistake.

    The argument that you are making in this part of your posting is that a multi-billion dollar business would be in ruins if they didn't have their shit together. At least, this is the simplest way to say it. Companies with that much money seem to really be but a hair away from their house of cards falling due to how thin they stretch themselves, always looking for more profits, and the 2008 financial meltdown in the United States is proof of that. We can look at companies that lose millions and billions due to not paying attention to what they are doing, recent examples being BP and Toyota. There are, of course, other examples and other counter-examples but that is not my point. My point is that financial success does not mean that the company knows how to do anything other than make a profit, there is nothing in that to saw that it is secure and if secure for how long, nor is their anything in that to say that they are actually taking care of their customers in such a way that customer information is secure (e.g. Bank of America circa 2005).

    In reality it is most likely a combination of customer stupidity, corporate greed and unscrupulous people taking advantage of both of these things (criminals) that are the problem. People are stupid and downloading add-ons is stupid, much like folks using the same log-in for most everything. Corporations don't really seem to care about customer security because of their insurance and liability policies, so they've made sure they only invest the minimum that they need (cynical, I know, but unfortunately much more true than not) to keep things running. Criminals will take advantage of this situation because, while stupid enough to be a criminal, the apply their mental energy to finding creative ways to take advantage of the Consumer v. Corporate war.

    How do you fix it? People have to be better people, period.

    (1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain.
    (2) It's not about community, is it? You just have nothing better to do.

  • scuubeedooscuubeedoo Member Posts: 458

    I don't know if WoW has some kind of measure against it but in LUA you can simply execute system commands via os.execute method. So something like:

    os.execute("rename 123.txt 123.exe")

    os.execute("123.exe")

    would do the trick.

    "Traditionally, massively multiplier online games have been about three basic gameplay pillars – combat, exploration and character progression. In Alganon, in addition to these we've added the fourth pillar to the equation: Copy & Paste."

  • ryuga81ryuga81 Member UncommonPosts: 351


    Originally posted by mrcalhou
    Everyday there seems to be someone complaining about getting hacked. I even know a guy in real-life that has been hacked. I'm assuming that it's because of the third party add-ons that are "required" to play, but is that the reason or is there something else?

    my only account that ever got hacked was the WoW one (probably months or years after I actually stopped playing). and i have dozens of accounts on pretty much any game.

    well, i don't even know if it actually is hacked or whatever, since Blizzard changed account names and stuff several times and i don't even know where to start if I wanted to retrieve it (and i actually don't).

  • EvasiaEvasia Member Posts: 2,827

    Ive only played first few months when WoW was launched but now after 5 years i get constantly emails from blizzard for invite beta catlysm?

    I never click any and just remove as phishing mail but i keep getting those mails.

    Maybe they have keyloggers and many recieve those mails click them as so many blindly do and got hacked?

    Games played:AC1-Darktide'99-2000-AC2-Darktide/dawnsong2003-2005,Lineage2-2005-2006 and now Darkfall-2009.....
    In between WoW few months AoC few months and some f2p also all very short few weeks.

  • EvasiaEvasia Member Posts: 2,827

    Originally posted by The_Grump

    Originally posted by Vrika



    It's not impossible that Blizzard might have a leak somewhere, but it's very unlikely. They have a multi-billion dollar business wich would quickly be all in ruins if someone could steal information from their systems. They must protect their info as well as any other multi-billion dollar business. It's just human's natural defence mechanism to blame them for hacked accounts, when people get hacked, don't know how it's done, and don't want to admit that there's 99.9% probablity it was their mistake and only 0.1% probability it was Blizzard's mistake.

    The argument that you are making in this part of your posting is that a multi-billion dollar business would be in ruins if they didn't have their shit together. At least, this is the simplest way to say it. Companies with that much money seem to really be but a hair away from their house of cards falling due to how thin they stretch themselves, always looking for more profits, and the 2008 financial meltdown in the United States is proof of that. We can look at companies that lose millions and billions due to not paying attention to what they are doing, recent examples being BP and Toyota. There are, of course, other examples and other counter-examples but that is not my point. My point is that financial success does not mean that the company knows how to do anything other than make a profit, there is nothing in that to saw that it is secure and if secure for how long, nor is their anything in that to say that they are actually taking care of their customers in such a way that customer information is secure (e.g. Bank of America circa 2005).

    In reality it is most likely a combination of customer stupidity, corporate greed and unscrupulous people taking advantage of both of these things (criminals) that are the problem. People are stupid and downloading add-ons is stupid, much like folks using the same log-in for most everything. Corporations don't really seem to care about customer security because of their insurance and liability policies, so they've made sure they only invest the minimum that they need (cynical, I know, but unfortunately much more true than not) to keep things running. Criminals will take advantage of this situation because, while stupid enough to be a criminal, the apply their mental energy to finding creative ways to take advantage of the Consumer v. Corporate war.

    How do you fix it? People have to be better people, period.

    Your reply is i think right way to answer OP and all who wonder, very good analyses on this subject.

    Games played:AC1-Darktide'99-2000-AC2-Darktide/dawnsong2003-2005,Lineage2-2005-2006 and now Darkfall-2009.....
    In between WoW few months AoC few months and some f2p also all very short few weeks.

  • arcdevilarcdevil Member Posts: 864

    I have inactive WoW WAR and Aion accounts

     

    I get around 10 emails "from blizzard" and 2 or 3 emails  "from NCSoft" weekly, maybe 1 for WAR monthly, informing me that my password has been changed, my account has been disabled or I have earned something ingame, please input your account to rechange/enable/claim the stuff.

     

    I have never clicked on any link in any of those mails

    I can log back into my accounts at any time I want and everything will be just like when I left.

     

     

    people who cant see the correlation in this are criminally stupid and fully deserve to be "lol hacked lol".

  • AmatheAmathe Member LegendaryPosts: 7,630

    People get hacked so the hacker can sell the player's gold.  Hackers sell gold to people who want things right now and can't wait.  Such people abound in a game that already emphasizes fast and easy. 

    EQ1, EQ2, SWG, SWTOR, GW, GW2 CoH, CoV, FFXI, WoW, CO, War,TSW and a slew of free trials and beta tests

  • HrothmundHrothmund Member Posts: 1,061

    Originally posted by tank017

    Originally posted by Illius

    I think we need to consider the fact that WoW brought in a lot of people who were not gamers and especially people who wanted to play it that aren't necessarily Internet Savvy...

    How many housewives have I met that play WoW but barely know how to access the internet?  Then of course there are tons of naive people that think just because something seems legitimate it must be so.  Since the number of users who play WoW is so great even the simplest phishing email will garner some kind of result.

    It's what happens when people want to just play WoW and don't care where the addons come from and believe things that in game people tell them.  I'm sure there are quite a few people who get their kids to set the game up for them so that all they do is double click ont he shortcut on the desktop, type in their very basic pasword and burn through a few hours of game time.

     Wouldnt doubt for a second that this is true.

    Im pretty good with the internet though and can usually spot a scam when I see one,but they managed to still get my account info.Like others have said,I wonder if there is some sort of leak coming from Blizzard itself.

    I think one of the reasons for the rising number of hacked accounts is that after the realID system got implemented, once a person who has a lot of realID friends gets hacked, all of his or her friends become vurneable to brute force attacks for their passwords.

Sign In or Register to comment.