Extremely simple solution, when the password is submitted, lock the authenticator code to that IP address.
Extremely simple solution, when the password is submitted, lock the authenticator code to that IP address.
Retired hunter
If it can intercept a code before submitting a wrong one to blizzard then it can just submit the password from their end as well. It probably already does.Originally Posted by Nnug
Ouch. Do you think when the majority buys a Mac "hackers" will focus on Mac? Take IE for example its not just because Microsoft tends to slack at security its also because a lot of people are using it as it is the standard windows brower.Buy a Mac.
At least Blizzard is being honest. Most of the time they dont say a word about things like that and surely none of their tools can fail. "i got hacked" "well, delete WTF folder and addons"
Ofc nothing is 100% safe, that must be understand. But i didnt think anyone would bother doing so much for a WoW account. Well i dont know its real worth but i thought the prices dumped because gear is so easy to get and people are richer than ever before.
Who needs gameplay when you have ACHIEVEMENTS? Don't worry about beating levels, finding ways to kill enemies, or beating the final boss... there are none. Focus solely on your ultimate destiny... doing random tasks that have nothing to do with anything. Metagame yourself with ease! Self-satisfaction never felt so... artificial!
PANIC
Repent all ye sins! The end of days has arrived.
I'm afraid we have a slight apocalypse on our hands
Making the authenticator secure against man in the middle attacks is trivial. Blizzard hasn't released details of the attack, but it's unlikely to be a real man in the middle attack (given that the authenticator is a 3rd party product designed by people who should know what they're doing - unlike Blizzard). Instead, the attack likely relies on the attacker being able to modify the client endpoint rather than only being able to observe and modify bits on the wire. There is nothing that can be done to stop such an attack on any OS.Originally Posted by Nezoia
i getting an error i think 2 months ago , when i use the authenticator code its says that is not correct...
but anti-malware cant find anything.
I'm super new to mac's, is there something I should be looking for here? I know I won't find a .dll so does that mean I'm safe? Sorry for a newbie question
I guess my brain will never work right. At least I’m pretty.
Question, if you waited for the last say 10-15 seconds off your authenticator code then entered it before it changed wouldnt you still be perfectly safe? As by the time they get the code and use what ever bot to get into your account a new code will be needed?
Btw, it's fine for people to refer to it as a 'virus', although it doesn't have the characteristics of one, people have been using the word in this context so much that it's just become generally acceptable for any type of malware, at least outside of professional areas.
DLL's are for Windows operating systems, so you are indeed fine for this trojan.Originally Posted by Atallicus
Yes, that's fine.Originally Posted by Yoe
Bit of a contradiction there,Originally Posted by TobiasX
If the only reason people try to hack them less is because the majority of home users are on pc's (you mean windows), then macs ARE safer because they're being targeted less, however the whole popularity contest is a flawed and dumb reason that only idiots use.
No it's NOT, excusing people for being fucking dumb is not a valid reason to keep using the incorrect term, half of this shit happens because of dumb fucking people who can't put 1+1 together.Originally Posted by Ryoushii
http://en.wikipedia.org/wiki/Malware...uses_and_worms
Thankyou much!Originally Posted by Ryoushii
I guess my brain will never work right. At least I’m pretty.
Hmm, wouldn't tying MAC address of you Ethernet card to the Authenticator make it very hard on the hackers?
Another way would be to input 2nd Authenticator number just after log in (in that log-in Auth phase player still cannot interact with anything).
Changing MAC address takes like 10 seconds. And reading it when you have a trojan installed on your victim's computer is piss easy.Originally Posted by Puntar
Yeah they target all PCs, too bad that "they" are exe files and don't work on Macs.Originally Posted by TobiasX
so what do we do.
A guildie had his authenticator account lost last week.
He got his account reset on friday afternoon.
3 hrs later it was hacked again.
so they didn't say anything to him except he was the first they had ever heard of that lost account with the Authenticator.
yea right, don't want to cause a panic.
all they did was say change your password and you will be fine.
NO mention of something like this.
Just search for a file named "emcor.dll" on your computer, it is most likely located in "C:\Users\(Your user name)\AppData\Temp" but I suggest that you check everything just to be sure. If you do find the file, delete it and make sure you update your anti-virus to prevent any further problem.
and I think that the Authenticator is telling people that are stupid that its ok.
Well, as I understand Wiki article there is no chance a hacker would get your MAC address if you are behind a router.
So, even if hacker would get you Auth key from user behind a router, he would need to brute force the MAC address within the time frame of valid key.
DLLs are also for Linux and Mac, when used in applications written in Mono (C#).Originally Posted by Atallicus
And file extensions rarely means anything. The reason to use a DLL is you can hook it into the load process of WoW, or load as a global hook on say, keyboard input (think keylogger).
I probably wouldn't use a .dll for it on Mac, but it's still doable
If anyone one should do it to disguise stupid users who think they're safe since it's a "windows file".
The trojan not good marina gonna be mad the e Quests be good marina be happy
Well hacker would get your routers MAC address. So would Blizz servers. And hacker would change his MAC to your routers. Eh?Originally Posted by Puntar