No, it just needs malware for that purpose on the victim's computer (such malware would probably include code to intercept logins for most popular MMOs). The only tricky part is that removing a Battle.net authenticator requires entering two consecutive authenticator codes. The malware needs to trick victims into entering two consecutive authenticator codes (this is required for removing an authenticator). That's not too difficult, because most people will do that normally when a login fails (assuming that they mistyped the code or the password or the code expired).
Note that a simpler form of a man in the middle attack was observed in the wild. That one was limited to just taking over a gaming session, though, so the harm was limited to clearing out the victim's possessions, without the account having actually been stolen.