Bunch of guildies Accts Hacked

[Jaed]

Hey, Over the past 48 hours a bunch of my guildies accounts have been hacked. Some stripped and toons xferred, some just used as spammers. Is anyone else seeing this problem? I did see a bunch of posts on Official Forums but wanted to check MMO! This is why I severely limit bank access, even to my Officers and require them to have Auth on accts! Please let me know if anyone else is seeing this happening. Thanks so much!

[Doez]

Were they botters? It's hard to imagine that accounts get hacked without using some shady 3rd party software, and not have the sense to get a free authenticator.

[Tziva]

Although it's possible, it's pretty unusual to be hacked with an authenticator. Or are your officers fine, just the guildies?

[Jaed]

One Officer was hacked, but all they did was make macros and spam trade to sell stuff. One Acct was hacked, stripped and all 10 of his 90's xferred to other realms. They also tried to use his credit card on the xfers, but could not guess his ccv code and after 3 tries got locked out of that part. This is what originally triggered the emails to him telling him about unusual activity. The Officer that was hacked, they didn't touch the guild bank, the Raider they took the weirdest stuff out of GB, like stam flasks instead of int or agi, primordial saronite, just strange choices. I severely limit everyone's guild bank access because of past problems. One has an auth one did not. We have several others that were probably hacked but they are on break til WoD so no telling for sure, just sudden xfers, gb activity, etc...when we know they are on break. Blizz has been amazing, restored everything within 10 minutes of speaking with my raider. Funny thing is that during raid last night they appearantly tried to hack the raider again, as it triggered an email to him that his pw reset had failed, when he was online!

[Therougetitan]

Did the guildies who got hacked close enough friends to share accounts? Yes I know you're not supposed to share accounts but lots of people still do it.

Just saying that if they shared accounts and one got hacked, then any accounts they logged on would be vulnerable too. Not to say that's bad, but that could be why it happened to target a lot of guildies.

[Xe4ro]

Hacked? Or clicked on some links in emails, using some 3rd party software , having trojans/keylogger?

Don't confuse social engineering or phishing for hacking.

[IRunSoFarAway]

If they talk regularly inside/outside of the game, I'd assume that they were probably all involved in doing the same thing, whatever that thing was that lead to them being compromised, or, it's just mere coincidence.

[Tharkkun]

There was a rogue curse client out there for a week about 6 months ago. Make sure they didn't recently download the Curse client (or any other autoupdating client) mistakenly from the wrong website. Make sure you not only require the authenticator from your officers but that it's enabled for the rank.

You can test this by kicking them and reinviting. They won't be able to be promoted to your authenticator rank for 72 hours if it's enabled. (Same thing if they just added one to their account).

The items that are stolen are very typical. High value flasks, ore and gems usually.

[FearXI]

Could also show (if you use one) guild website was hacked.
A lot of people use the same e-mail account for signing up on guild web site (and others) and badly enough the same password they use for their WoW account.

This is also why I have multiple and masked e-mail accounts and never use anything remotely close to my WoW account password.
I've never been hacked since launch.

[Paula Deen]

I can tell you that gold prices on a few bad sites haven't changed, and Owned Core isn't having a flip out, so this is an isolated incident.