I know it sounds like a stupid question, but I have a friend who has been hacked like twice. He did all the keylogger checks, blah blah, and he keeps calling me asking about it.

It can't be a keylogger, can it? He does banking and stuff like that - I would think his bank stuff would get hacked... not some stupid WoW account. And, how do people make money off ripping that stuff off? I would assume Blizzard would track it down and shut it down.

I Googled it, and it keeps saying "key loggers", but he has never had one found, used Malware etc. I think he keeps up-to-date on all his patches. He uses Vista and all the auto-updates should be there.

Anyhoo... just curious if anyone has a good link that says something other than keyloggers, because I am not sure I buy it. But, I'm not all that motivated to reserach it.

Actually, it happened to my wife. I had suspected it was an addon, but here's the strange part: It wasn't actually gutted until RIGHT after I'd removed an authenticator which had been present for well over a year (I removed it since we were moving, and I didn't want to have to recover the account in the event it was lost during the move). My cousin's fiancee's sister works for Blizzard (yeah, I know how that sounds, insert Dark Helmet reference <here>), and had mentioned there was an unusually high rash of them, and in many cases they were lapsed accounts (which my wife's was).

Very VERY strange. We had no idea until my wife got the ban notification a few weeks after we'd moved in. At least the hacker was courteous enough to send themselves (or a mule) a refer-a-friend invite which was traced back.

All in all very strange, especially given how I'm a freak with regards to security. I've a Cisco PIX sitting behind my business line at my house in front of my SharePoint/Exchange servers, so I'm THAT paranoid ;P

There's not much that one can do with a login to online banking. As much as they want to make folks paranoid about it. If it targeted WoW, it could be the registered email is compromised, someone got the authenticator code, a friend is shady, etc. Or a WoW-related site, toolbar, or something he uses is malicious.

It's a good idea to change your password regularly even if an authenticator is there. For the super paranoid, you can do your sensitive stuff from a Ubuntu boot CD or through VMWare.

Scanning tools are signature based and only pick up malware that is known, including keyloggers. A new piece of malware can take a long time to be identified. Most malware uses legitimate processes in illegitimate ways, so patching doesn't really affect it. Patching only affects someone's ability to install it. There are also some nasty tricks to evade scanning. One of which also makes it about 99% impossible to remove.

It's also a hugely bad idea to do any sort of authentication over unsecure (i.e. not yours and not encrypted) wireless. Especially H0arbucks.

I highly recommend LastPass as an fyi. Truly awesome fucking app.

Actually depending on the bank there's a LOT they can do with online banking information -- if you can get the routing number and account number you can drain an account within 24 hours.

Also, there are a LOT of ways to hack wow accounts -- keyloggers aren't necessarily the issue either. If you sign up for a wow forum using your battle.net email address and just happen to use your battle.net password, or your email's password on the forum, and it gets compromised in some way? (happens more than you'd think) that's easy access to your account.

I think blizzard should start giving the authenticators out for free and make them mandatory.

_________________

World of Warcraft: Kallaystra, Gweila, Steakumn, Tarathia [ Feathermoon/Horde ]

It *is* interesting how folks are getting hacked out the blue and a lot of them are like Tali and are extremely security conscious. A lot of them seem to be accounts that are closed or folks coming back to a long closed account to find someone else has been using it..etc

I get the feeling it's something/someone on the blizzard side. It happens in banks and credit companies all the time. Why would blizzard also not have a bored/disgruntled employee with access to billing/account info and willing to sell it?

That or with the sheer number of chinese hackers and goldsellers it wouldnt surprise me if they weren't actively hitting the Blizzard databases and capturing info that way.

I just get tired of the apathy on the forums where immediately the trolls swoop in and blame the player for watching/downloading porn, cheats, hacks, buying gold...etc. I know plenty of folks that do nothing but play wow on their puters and have no email associated with the wow account anywhere yet get hacked. They do not access the internet in any form other than wow on said computer, and still get hacked..etc

_________________
Larreth Wolfsong (long retired)
Lanys T'vyl, Everquest

Zinky, Lvl 60 Warlock
Thunderhorn, WoW

do you realize how protected the blizzard databases are from outside access? There's no way they're getting it that way, unless blizzard has a malware infection the size of Aurora inside their corporate network, which I doubt.

relying on password only authentication at this point in the game, where the bad guys have proven that they're smarter than most of the good guys, is silly. Blizzard needs to play this game better and just make authenticators both mandatory and free (and since there's an authenticator app out there for almost every phone in existance, this won't be hard)

_________________

World of Warcraft: Kallaystra, Gweila, Steakumn, Tarathia [ Feathermoon/Horde ]

Do they log in to battle.net (even the website to manage their account or the forums) from any other computer? Do they use the same password for every online account they have, including WoW? If so, then they've already lost.

_________________

World of Warcraft: Kallaystra, Gweila, Steakumn, Tarathia [ Feathermoon/Horde ]

They could bundle with retail boxes honestly...they've said they don't make money off them anyways (something I highly doubt even if it's a small profit).

Or people could like... fork out 6 bucks and get their own. There's no excuse to NOT have one (even if they aren't 100% fool-proof).

convincing people to pay money for security is a lost cause, that goes from the home consumer to fortune 50 companies.

_________________

World of Warcraft: Kallaystra, Gweila, Steakumn, Tarathia [ Feathermoon/Horde ]

My account got hacked one time in pretty much the same manner as described here. I was inactive for quite some time, didn't log on at all, used a dummy e-mail address that I didn't even use as my B-Net username, used a password that was unique to the account, etc.

Then, after some inactive time, I come back and boom...account is compromised.

Strange how a lot of folks are saying it happens while they're inactive.

Nah, it's a good business model for the hackers. You can see on battle.net account management the last time you logged in, and inactive accounts have a low risk of getting caught.

_________________

World of Warcraft: Kallaystra, Gweila, Steakumn, Tarathia [ Feathermoon/Horde ]

Yeah, $6 is not much to pay for security, but it seems a little ridiculous that to cancel my WoW account the first thing I have to do is spend money.

_________________

Well, the logic is this --

If your account is active, please god have an authenticator.

If you're going to cancel your account, chances are you don't care, so why bother, unless you're planning on reactivating at some point.

_________________

World of Warcraft: Kallaystra, Gweila, Steakumn, Tarathia [ Feathermoon/Horde ]

And if you have an iPhone, you REALLY have no excuse..

Or an android phone, or an ipod touch, or any of the other phones it runs on, heh.

_________________

World of Warcraft: Kallaystra, Gweila, Steakumn, Tarathia [ Feathermoon/Horde ]

Anybody that doesn't have a blue first gen authenticator is a faggot.

<- Faggot

Also Final Fight.

I was hacked once, it was when my account lapsed.

_________________
"Creating Havoc and Pie Since 2001!"
My Website: http://www.anthonyhays.com
Facebook: http://www.facebook.com/cakvala

So if I have an iPad I can use that as an authenticator? I never knew that, I'll have to check it out tomorrow.

They're climbin in yo 'puter, they're snatchin yo logins up, tryna hack'm so ya'll betta hide yo keys, hide yo pass, hide yo keys, hide yo pass, hide yo keys, hide yo pass...and hide yo email cuz they hackin errbody out here.

That's honestly what my friend thought. I know him well - he doesn't use the comptuer for anything but WoW. He swears he doesn't hit porn sites out of sheer fear. Anyway... still reading the thread, but it just seems so strange and makes me wonder if people who have access to the data dole it out.

And help me out - what makes bank accounts more secure? I never hear about bank accounts getting hacked. If this is so easy, and people are lifting WoW accounts, I would think bank accounts would be getting torn up. I toss money between my brokerage and external accounts quite a bit. Doesn't seem it would be that hard if it's so easy to lift a password.

Some banks take action against scams that use that kind of information. There can be limits placed on online transactions, and limits on where money can be transferred/wired. It's harder to siphon money out that way than it is to get money through carding.

Blizzard doesn't insure their customers virtual assets to the same degree a bank does.