1. #1

    Don't want to get hacked? Update your Java and Adobe Reader!

    I've been playing World of Warcraft since release. I've always been careful of my account. I don't visit dodgy sites.

    I however have been hacked. Yes, it was my own fault. My own dumb fault. The most scary part was the "hacker" bypassing my Mobile Authenticator. Ouch! However, instead of complaining about it, I'd like to take this opportunity to warn people not to make the same mistake as I did.

    I fell victim to a trojan-type keylogger. I contacted Blizzard immediately, and got lucky with the support tech on the other line. She was quite a genious about this. She looked into my account, did some in-depth checking and concluded that I was caught by a trojan spread to people through various means. The way I got this was by being exploited through an old version of Java and/or Adobe Reader.

    I installed a few anti-virus/malware/spyware programs and found 4 traces of Trojans on my pc. I regret to inform you that I can't remember what the name was of the trojan, but I did my research on it. It spreads through outdated java/adobe reader, and is dangerous on a severe level.

    Long story short: This would never have happened if I updated my Java and/or Adobe Reader. Hackers are known to exploit certain vulnerabitilies within these applications. I never thought it'd happen to me, but it did.

    Thanks to Blizzard's fast responsivity (is that even a word?) though, I was able to secure my account. I got rid of the trojan, and am back in action.

    Again, I'm not trying to complain. Being hacked is NEVER Blizzard's fault (except for extreme rare occassions, but you'd more likely get hit by a meteorite than to get hacked because of Blizzard).

  2. #2

  3. #3
    But I would have to install them first before I could update them...
    It is by caffeine alone I set my mind in motion. It is by the beans of Java that thoughts acquire speed, the hands acquire shakes, the shakes become a warning.

    -Kujako-

  4. #4
    When you say bypassed your mobile authenticator do you mean you have an app on your phone that generates codes and they somehow bypassed it?

  5. #5
    Quote Originally Posted by Trendy-Ideology View Post
    When you say bypassed your mobile authenticator do you mean you have an app on your phone that generates codes and they somehow bypassed it?
    What he means is that you pissed off someone enough to want to specifically target your system with a man in the middle attack after totally taking over your OS through a remote exploit via Java. Then you respond to your modified WoW client when it asks for your authenticator code twice and the person on the other end uses those two sequential codes to remove your authenticator from your account.
    It is by caffeine alone I set my mind in motion. It is by the beans of Java that thoughts acquire speed, the hands acquire shakes, the shakes become a warning.

    -Kujako-

  6. #6
    in other words if your wow account ever asks for yer authenticator code twice wait 5 mins and run a virus scan
    Have you ever stepped on a lego piece while barefoot?

    Can you recall that exquisitely piercing and utterly unforgettable pedal agony? Now imagine what would happen if you were to step on between 10 and 25 angry, well armed lego pieces which are all acting in brutal concert, and tell me how that would go for you.

    Plus they have magic and sharp objects.

  7. #7
    Bloodsail Admiral melak's Avatar
    Join Date
    Nov 2011
    Location
    Lordaeron
    Posts
    1,054
    Why did you not have any anti-spyware or anti-virus software on your computer to begin with :/? If you had such software it would flag and most likely delete those Trojans as soon as they set for on your hdd
    Quote Originally Posted by Runecapeman
    I try not to post anywhere anymore, due to fear of being infracted. Feels like there are too many mods that aren't screened well enough. "Dirty cops" if you will.

  8. #8
    I can confirm this, there's a hacker afoot. My Recruit-a-friend account has been compromised, as well as two guild accounts.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •