add on

[badface]

This is second time that ive been hacked in a few weeks.
And although I got my computer protected, it isnt enough.

So I got the feeling that these keyloggers are on Curse, where I get my addons from.
I dont trust this site anymore, but I still need addons for this game.
So are there any other big addon sites that you know off and trust?

[Rocktard]

www.wowinterface.com

(They have loads of compilations aswell, I love it!)

[Deleted]

http://www.wowinterface.com

You may want to get the Authenticator anyway

[bbr]

So I got the feeling that these keyloggers are on Curse, where I get my addons from.
I dont trust this site anymore, but I still need addons for this game.
So are there any other big addon sites that you know off and trust?

They are, twice in the last few weeks.
Auth key never hurts to have at least.

[david58]

They are, twice in the last few weeks.
Auth key never hurts to have at least.

Yeah, Authenticators are awesome. I've been hacked twice, first time got completely wiped, second time they only took 4950g... Yes, that was my epic mount savings. Yes, I cut myself. My fancy new Starcraft-design Authenticator has been sitting at Blizzard's HQ with the promise that someday it will freaking ship... damn "processed but not shipped"... /emo, it's been a week...

[Ess85]

AH! most likely i got my keylogger from there aswell.
Got my Authenticator tho, with the fancy StarCraft design, got mine in only two days.

[Samin]

And although I got my computer protected, it isnt enough.

Your computer is not protected. Obviously.
Doesn't matter where you download your addons, they can be corrupted from every source.

[Heretushi]

How do someone get a keylogger from an addon site? Aren't you supposed to just use .lua files? I use a third-party program to extract my zip files by right-clicking them then "extract to". That way, the file I download never get executed.

I'm just clueless on how someone would catch a keylogger from zip and lua files... :S

[Taryble]

Heretushi, some nasty places hide keylogger installs in specially made flash or java "advertisements". These are HARD to catch. They're just paying for ad space like all the others, nothing suspicious to the website company.

Personally, I use the MMOUI Minion from WoWInterface as well as the Curse Client from Curse. This lets me check for updates. The Curse Client lets me check the change log for the addons without ever visiting Curse, while the MMOUI Minion makes me go to that addons page on their site to see the change log.

Also, make sure, as Heretushi mentioned, that you're not running executables to install addons. They should all be .zip or .rar files, and should include only .toc, .lua, .xml, and .txt files. There may also be .tga or .blp files (images/textures), and .ttf files (fonts). There should be no .jar, .dll, .exe, .com, or .lnk files.

[Heretushi]

Thanks for the informative replies. I guess my system is well protected against those malicious banners.