Before WoW i never had phishing emails aimed at games
i wouldn't go that far
i had phishing emails for Everquest preWOW
Fair play, but WoW's popularity made it a victim of it's own success & this type of thing
escalated, along with chinese farmers etc
It isn't the game at all. That success is millions of people joining the market. The emails, farmers, hackers are all just the drug dealers of the gaming world. But as we've seen in real life, you can arrest drug dealers till the cows come home and there will always be more of them.
It's the people buying that cause the problem. The demand is always the cause of the supply. The supply is just a scapegoat for people who don't want to point the finger where it really belongs.
Originally posted by ukforze Is anyone surprised?I mean the game launched with the most basic UI ever & lacked any depth of options,so few you could count on one hand, in fact the game didn't even have a timestamp in chat!In comparison to previous mmo's at that time such as SWG with full UI customisation & anoptions menu deeper than WoWs crafting system to date. Im not surprised players welcomed mods, yet i always thought this was a bad move, i meanfirstly you have to consider security of the user via the sites the mods come from, plus themod itself, but the fact that game code can be fiddled with was alarming enough for me tostart with. Im not saying mods are the cause of this virus, but Blizzard's laziness is/was shocking forallowing mods in the first place as this is an potential security hole, but players neededmods to make up for their slack work, any MMO that requires/allows 3rd party mods etcis poor imo, but with the money Blizzard make it's a complete joke & is not surprising whenthings like this happen. i've never been hacked as im not dumb
Wut.
I can not remember winning or losing a single debate on the internet.
Originally posted by ukforze Considering they have been a high profile target for a long time maybe Blizzard should
use some of their mass fortune & work with the AV companies on protecting their
product & customers better, the fact their authenticator isn't doing the job says a lot.
The authenticator is an excellent, low cost, non intrusive solution. If players are not going to take the paranoid measures that are necessary to surf the internet these days, then no amount of effort on Blizzard's part is going to protect players though.
One thing they could do is require a cell number, and text or call players whenever they log in to make sure the player is actually trying to log in. They could even have an app that does it so the player can just hit a button that says, "Yes, it's a real "login". That might do it for a little while.
I can not remember winning or losing a single debate on the internet.
Originally posted by ukforze Considering they have been a high profile target for a long time maybe Blizzard should
use some of their mass fortune & work with the AV companies on protecting their
product & customers better, the fact their authenticator isn't doing the job says a lot.
The authenticator is an excellent, low cost, non intrusive solution. If players are not going to take the paranoid measures that are necessary to surf the internet these days, then no amount of effort on Blizzard's part is going to protect players though.
One thing they could do is require a cell number, and text or call players whenever they log in to make sure the player is actually trying to log in. They could even have an app that does it so the player can just hit a button that says, "Yes, it's a real "login". That might do it for a little while.
I agree it is down to users to be more savvy about protecting their PC & virtual property etc.
But still those same users should not have to install mods to play a game, before you say
"they don't" maybe not so much these days but mods were needed (in vanilla especially)
to make up for the lack of features come to expect from most other mmo's of the time or
even previous to WoW.
The Deathstar destroyed planets...Lucas Arts destroyed Galaxies
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Played: SWG | EVE | WOW | VG | LOTRO | WAR | FML | STO | APB | AOC | MORTAL | WOT | BP | SW:TOR
Originally posted by Zaradoom I wonder why so many people think an add on a porn side would include trojans to hack a very specific game. Maybe try to stay closer to realism and stop making up stuff that may sound "cool" or "fun" but coult not be further away from truth.
It's actually far closer to realism than you think.
Popular non-porn sites have a lot of choice when it comes to advertisement because in general, search engines will rank clean sites over porn sites in search results unless the user is clearly looking for porn.
Porn and 'warez' sites have less choice - ad space on these sites are not as valued by advertisers here because in general, typical Internet users are more likely to land on a non-porn or non-warez site due to the way search engines work.
Less reputable advertising companies realize this and make a market for themselves to porn site hosts. Generally, these companies offer relaxed restrictions and possibly a lack of accountability for submitted ads, which in turn allows for things like malicious scripts to run when you open a porn or 'warez' page.
World of Warcraft is a very popular game, so it's pretty reasonable to say that a mass-distributed keylogger designed to pull the passwords and authenticator from the client will at least bring back a few bites. It doesn't really have to do with WoW players being 'no life nerds' that browse porn sites every day, it's more just a fact that WoW is so popular that the chances of getting a hit are high.
This isn't to say that malicious ads only appear on porn/warez sites, but they are much more common there. The only way to be 100% safe is to never browse the Internet, but running Firefox with NoScript is probably as close as you'll get to safe at the moment.
Originally posted by ukforze Originally posted by lizardbonesOriginally posted by ukforze Considering they have been a high profile target for a long time maybe Blizzard should use some of their mass fortune & work with the AV companies on protecting theirproduct & customers better, the fact their authenticator isn't doing the job says a lot.
The authenticator is an excellent, low cost, non intrusive solution. If players are not going to take the paranoid measures that are necessary to surf the internet these days, then no amount of effort on Blizzard's part is going to protect players though. One thing they could do is require a cell number, and text or call players whenever they log in to make sure the player is actually trying to log in. They could even have an app that does it so the player can just hit a button that says, "Yes, it's a real "login". That might do it for a little while. I agree it is down to users to be more savvy about protecting their PC & virtual property etc.
But still those same users should not have to install mods to play a game, before you say
"they don't" maybe not so much these days but mods were needed (in vanilla especially)
to make up for the lack of features come to expect from most other mmo's of the time or
even previous to WoW.
WoW Mods and hackers targeting WoW players to sell their account credentials have nothing to do with each other.
I can not remember winning or losing a single debate on the internet.
Originally posted by ukforze Originally posted by lizardbonesWoW Mods and hackers targeting WoW players to sell their account credentials have nothing to do with each other.
Players are hacked not from anyone thing or place, most players are wise enough not to
fall for obvious phising emails, but hacking is big business & their means & motives are not
limited to the obvious, i remember some websites hosting game guides & mods infecting
the visitor mearly by entering the site & not just downloading.
A lot of pirate software these days comes modified with dormant malicious files speciifcally
to evade the initial obvious detection, the days of a old obvious pop up virus are long gone.
To belive otherwise is naive to say the least, not all guides & mod sites are there to help
Yeah, I'm going to go with you don't know what you're talking about. The trojan isn't coming from WoW mods. There are two reasons why. One is that the trojan is living in the user's temporary appdata folder. The other is that it must execute outside of WoW. Something that can run outside of WoW, is connected to the internet and which can access the user's temporary appdata folder must be the source. Let's see, what could possibly be running on a player's computer that fits the bill for all three of these requirements? Why, the web browser, of course!
What other reasons could it be for not being the mod repository website itself, or an individual mod? Because the level of effort required to hack the mod repository server is non trivial, and traceable. Inserting malicious code in an existing ad network, that can target many millions of people is not only easier, it's a known quantity. Hackers looking to make a profit will, like everyone else on the planet, take the easiest path to making that profit.
WoW's mods having nothing to do with hackers targeting WoW players.
I can not remember winning or losing a single debate on the internet.
Comments
i wouldn't go that far
i had phishing emails for Everquest preWOW
EQ2 fan sites
Fair play, but WoW's popularity made it a victim of it's own success & this type of thing
escalated, along with chinese farmers etc
The Deathstar destroyed planets...Lucas Arts destroyed Galaxies
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Played:
SWG | EVE | WOW | VG | LOTRO | WAR | FML | STO | APB | AOC | MORTAL | WOT | BP | SW:TOR
It isn't the game at all. That success is millions of people joining the market. The emails, farmers, hackers are all just the drug dealers of the gaming world. But as we've seen in real life, you can arrest drug dealers till the cows come home and there will always be more of them.
It's the people buying that cause the problem. The demand is always the cause of the supply. The supply is just a scapegoat for people who don't want to point the finger where it really belongs.
Wut.
I can not remember winning or losing a single debate on the internet.
Considering they have been a high profile target for a long time maybe Blizzard should
use some of their mass fortune & work with the AV companies on protecting their
product & customers better, the fact their authenticator isn't doing the job says a lot.
The Deathstar destroyed planets...Lucas Arts destroyed Galaxies
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Played:
SWG | EVE | WOW | VG | LOTRO | WAR | FML | STO | APB | AOC | MORTAL | WOT | BP | SW:TOR
The authenticator is an excellent, low cost, non intrusive solution. If players are not going to take the paranoid measures that are necessary to surf the internet these days, then no amount of effort on Blizzard's part is going to protect players though.
One thing they could do is require a cell number, and text or call players whenever they log in to make sure the player is actually trying to log in. They could even have an app that does it so the player can just hit a button that says, "Yes, it's a real "login". That might do it for a little while.
I can not remember winning or losing a single debate on the internet.
I agree it is down to users to be more savvy about protecting their PC & virtual property etc.
But still those same users should not have to install mods to play a game, before you say
"they don't" maybe not so much these days but mods were needed (in vanilla especially)
to make up for the lack of features come to expect from most other mmo's of the time or
even previous to WoW.
The Deathstar destroyed planets...Lucas Arts destroyed Galaxies
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Played:
SWG | EVE | WOW | VG | LOTRO | WAR | FML | STO | APB | AOC | MORTAL | WOT | BP | SW:TOR
It's actually far closer to realism than you think.
Popular non-porn sites have a lot of choice when it comes to advertisement because in general, search engines will rank clean sites over porn sites in search results unless the user is clearly looking for porn.
Porn and 'warez' sites have less choice - ad space on these sites are not as valued by advertisers here because in general, typical Internet users are more likely to land on a non-porn or non-warez site due to the way search engines work.
Less reputable advertising companies realize this and make a market for themselves to porn site hosts. Generally, these companies offer relaxed restrictions and possibly a lack of accountability for submitted ads, which in turn allows for things like malicious scripts to run when you open a porn or 'warez' page.
World of Warcraft is a very popular game, so it's pretty reasonable to say that a mass-distributed keylogger designed to pull the passwords and authenticator from the client will at least bring back a few bites. It doesn't really have to do with WoW players being 'no life nerds' that browse porn sites every day, it's more just a fact that WoW is so popular that the chances of getting a hit are high.
This isn't to say that malicious ads only appear on porn/warez sites, but they are much more common there. The only way to be 100% safe is to never browse the Internet, but running Firefox with NoScript is probably as close as you'll get to safe at the moment.
I agree it is down to users to be more savvy about protecting their PC & virtual property etc.
But still those same users should not have to install mods to play a game, before you say
"they don't" maybe not so much these days but mods were needed (in vanilla especially)
to make up for the lack of features come to expect from most other mmo's of the time or
even previous to WoW.
WoW Mods and hackers targeting WoW players to sell their account credentials have nothing to do with each other.
I can not remember winning or losing a single debate on the internet.
Players are hacked not from anyone thing or place, most players are wise enough not to
fall for obvious phising emails, but hacking is big business & their means & motives are not
limited to the obvious, i remember some websites hosting game guides & mods infecting
the visitor mearly by entering the site & not just downloading.
A lot of pirate software these days comes modified with dormant malicious files speciifcally
to evade the initial obvious detection, the days of a old obvious pop up virus are long gone.
To belive otherwise is naive to say the least, not all guides & mod sites are there to help
The Deathstar destroyed planets...Lucas Arts destroyed Galaxies
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Played:
SWG | EVE | WOW | VG | LOTRO | WAR | FML | STO | APB | AOC | MORTAL | WOT | BP | SW:TOR
Players are hacked not from anyone thing or place, most players are wise enough not to
fall for obvious phising emails, but hacking is big business & their means & motives are not
limited to the obvious, i remember some websites hosting game guides & mods infecting
the visitor mearly by entering the site & not just downloading.
A lot of pirate software these days comes modified with dormant malicious files speciifcally
to evade the initial obvious detection, the days of a old obvious pop up virus are long gone.
To belive otherwise is naive to say the least, not all guides & mod sites are there to help
Yeah, I'm going to go with you don't know what you're talking about. The trojan isn't coming from WoW mods. There are two reasons why. One is that the trojan is living in the user's temporary appdata folder. The other is that it must execute outside of WoW. Something that can run outside of WoW, is connected to the internet and which can access the user's temporary appdata folder must be the source. Let's see, what could possibly be running on a player's computer that fits the bill for all three of these requirements? Why, the web browser, of course!
What other reasons could it be for not being the mod repository website itself, or an individual mod? Because the level of effort required to hack the mod repository server is non trivial, and traceable. Inserting malicious code in an existing ad network, that can target many millions of people is not only easier, it's a known quantity. Hackers looking to make a profit will, like everyone else on the planet, take the easiest path to making that profit.
WoW's mods having nothing to do with hackers targeting WoW players.
I can not remember winning or losing a single debate on the internet.
Its not a Blizzards Security its Obama's NSA ...lol
The Authenticator is not 100% water proof. There will always be that one weak link in the security chain....the player.
"going into arguments with idiots is a lost cause, it requires you to stoop down to their level and you can't win"