Thursday, June 26, 2008

Double Hax

Got hacked again while I was at dinner. This time both my accounts got compromised.
I had to call Blizzard and speak with someone to get everything changed.

Luckily nothing was taken. Except I did notice that all my badges of justice were gone. I'm pretty sure it was from the night before though.

Now everything had been stripped from my toons by me except gear and offloaded to multiple accounts and toons of people I trust even some not in the guild. So there's nothing of value in my banks or the guild bank now. There won't be profit in hacking my account but that doesn't mean that they won't try to be malicous and destroy my acccount anyhow.

I just heard that the #6 alliance guild on our server's GM account got hacked last night as well. He wasn't lucky like me. EVERYTHING in their guild bank (and it was stacked) was stripped. His character was completely stripped and to make things even more insulting, his toon was transfered to another server. And Blizz said that since it was paid for he is going to have to wait the full 6 mo. duration waiting period to get his toon back on this server. HOLY COW.

OMG. can you believe that? I can NOT even comprehend how horrible things could have gone last night if I hadn't be online.

Also as well, the GM of cykos said that in his friend's raiding guild, 6 people got hacked yesterday.

We told all of our guild members to change their passwords as well. It is a freaking nightmare.

WTF is going on? I am so ubelievalbly paranoid now.

7 comments:

Starman said...

No more keyloggers!

http://www.wowinsider.com/2008/06/26/blizzard-authenticator-to-be-introduced-at-the-worldwide-invitat/

Dalmore said...

Oh you've got to be kidding me! One of my guildies just got hacked yesterday as well, they were nice enough to delete his char.

Blodwin said...

Also on WoW insider they have written up 2 trojans that are doing the rounds right now. I'm definitely going to be getting one of those authenticators when I'm at the WWI.

Lonewolf said...

That is terrible! You are extremely lucky that you were on-line at the time and were able to boot the intruder.

I wouldn't refer to an attack like this as hacking, but rather as a criminal act. There are many ethical hackers out there, as I'm sure you know.

Unfortunately, the incentives to compromise wow accounts are simply too great these days. I can see companies like IGE and the like hiring software developers without a conscience to write these exploits.

/bow
Wolf

rollo tomasi said...

i have found that creating a notepad and typing in account name and password on it then using ctrl-v to paste that stuff in after starting up the WoW client is fairly safe. you just need to make sure there are no keyloggers on your pc when you create the notepad (i'd recommend doing a full system wipe and then creating this notepad) thus never typing your password into the WoW client again!

Foden said...

Please for the love of all things good and right IGNORE all these people that are telling ye copy/paste a password out of text file.

Modern keyloggers know that when you press "crtl+c" that they need to scan whatever it is you copied from the clipboard and if it's a text string, to regard it as inputted text.

There is *NO* safe haven in the clipboard, regardless of what anyone else may tell you.

Further, WoW specific keyloggers don't need your account name to be inputted and ticking "remember account name" at login time provides you NO protection. All the loger has to do is scan /wtf/account/ folders to find every account name that the WoW client has used to login with on your machine.

Look yourself. The folders are the account names.

Alachia, do you have any idea where this came from? Heart of hearts best guess?

God damn I'm buying a login dongle as soon as they come out.

Blodwin said...

The authenticators were sold out in about 3 hours. The great low cost really makes it a no brainer. I'm glad I queued up early to get mine.

Design by Dzelque Blogger Templates 2008

WOWCAST BLOG