I bet the authenticator is on your phone.Originally Posted by Rammellaar
I bet the authenticator is on your phone.Originally Posted by Rammellaar
create a problem.present the solution you have planned ?
To play those millions of minds,to watch them slowly respond to an unseen stimulus to guide theyr aspiration without theyr knowledge-all this whether in high capacities or in humble,is a big and endless game of chess of ever extraordinary excitement
I have a suspicion this is the most accurate answer we'll get as of this moment. Nobody except the hackers themselves and maybe Blizzard know exactly what happened.Originally Posted by Stormwolf64
My account was hacked and I'm on a Mac so a keylogger is close to impossible, and I don't recall filling out any forms that were suspicious, but in my line of work I do have to fill out quite a few forms. At the same time I use different emails for that. I use a program called little snitch which alerts me of outgoing connections my computer tries to make and I can approve those or not. Never saw anything suspicious.
There are still a few other options even if I eliminate phishing from the equation. In the end I'm not sure I'll ever know how exactly happened. I guess you just have to continue to try and play as securely as you can and hope for the best.
Its very much possible, not all keyloggers come in the form of .exe files.Originally Posted by Chimpzilla
I'll be gutting myself if it so happened to be that gearscore or some file that was attached to gearscore without the developer's knowing is a keylogger. Coincidence on the timing and magnitude of account compremizes??
CPU - Intel® Core™ i7 CPU 870 @ 2.95GHz (Oct-Core) (Factory Clock)
Memory/GPU - 16GB DDR3 / Zotac Nvidia GTX 750 TI
HDD - 4.5TB HDD - 2TB 60GB/s, 1.5TB 60GB/s, 3x300GB 128MB/s
Mouse/Keyboards - Microsoft Gaming 7-Button Mouse / Microsoft Multimedia Keyboard / Logitec G13 Gaming Keypad
Monitor - 22 Inch 1920x1080 DVI / 22 Inch 1920x1080 VGA
either because people are misinformed, ignorant or just plain stupid.
take my friend for instance: he's gullable to the point where he thinks any e-mail pertaining his account must be from Blizzard because how would they know his account name. but your account name can be discovered in numerous ways.
also people who check their emails by cellphone and what not. the fomatting and text on a cellphone can be particularly deceiving, compared to your standard email.
also, people not bothering with authenticators. i don't bother with one, but then again, i've never been phished or hacked before.
also, leaving your password the same for months/years or using a common password for many things, including other WoW related sites. bottom line is, never trust a WoW related site with a common password. use different password sets and change your account password if you get suspicious disconnects.
edited: third party programs. try to use stuff that's popular and moderated, software that has open lines of communication between author and users. try not to use obscure addons, as those could be host to malicious software hidden in the documents.
A more likely case is the new armory features. There have been several cases in the past couple years of key loggers getting embedded into flash and the launch seems to correspond to the influx of "hacks." That or a leak when they converted to battle.net and the chinamen slowly reaping the benefits.Originally Posted by Isolyphic
Or, all of us that have just been "lucky blizerd player and won free trial mount"
"Remember that text is going to be how you make your first impression over the internet; if every third word you type is misspelled, people will automatically assume that you're a moron."- Cracked.com
There are no known keyloggers in the wild for a Macintosh running the current operating system. There are apparently 2 keyloggers that are like net nanny / spy on your spouse apps, but those aren't hacking wow accounts, and you'd have to install that yourself.Originally Posted by Samurai
I have three separate emails. One for personal/business use like sending cover letters, resumes, etc. I have a 'play' one where I sign up for forums, facebook, etc. And I have one for my world of warcraft account, bank account, credit card, paypal. I keep them separate. So if I get silly emails from blizzard on my play account, I banish them to the junk folder and not think twice. If I get them from my bank/wow/cc/pp account, I never click on the link- I type the URL for blizzard straight into my browser and change my password, and then log onto WoW. I've learned never, ever to click on links or open forwarding emails, no matter how entertaining my uncle thinks they are. I may add a familiar name or whatnot into my password but it's always followed up by a group of numbers that are random which I keep written on a post-it note taped to my laptop. I have an authenticator. I don't download addons from unknown sites and never anything that's in beta or outdated or from an author i don't recognize. My personal question for all of my accounts from banking to wow, are completely obscure... frankly, I don't even remember the answer for my blizzard personal question! Haha!
I think the most important thing is vigilance. You can have a computer that is a data fort knox, but it only takes one time if you leave the keys in the door. And yes, sometimes these things happen- you can't be 100% safe. You can be neurotic about your data safety like I am but I'm under no illusions that I'm completely safe, nor are my methods savvy. Hackers are smart. Much smarter than me, I will readily admit.
But in saying all that, I've never been hacked. *knock on wood*
Blizzard is the one putting out hacks to sell Authenticators ! /tinfoil hats
I totally believe it is human error. I have been playing for three years, download mass quantities of junk, have ZERO antivirus, use the same password everywhere, and only just recently (<1month) did I buy an authenticator and have never been hacked.
When I download files if it's say a movie and its a .exe....something's wrong.
I have such terrible luck I would never be a special winner...so that's out of the question.
And I bought gold before but hey...if I give em my account name or pword thats my bad and I'm dumb.
Just be weary of your info and you should be good, don't fall for dumb things.
I signed up for 3 free MMO's and im pretty sure one of these was used to gain access to my hotmail account info. From there the "hackers" guessed my secret question and changed my password..... HOWEVER they couldnt get past my authenicator, so my account was secure.
I have now changed the password on my hotmail, my secret question and my password.
A lot of "internet savvy" people do stupid things like turn Windows UAC off because "they don't need it". I'm an IT contractor and I don't know a single IT professional who thinks that's a good idea, only "internet savvy" people who aren't as aware as they think they are of the number of ways you can be compromised.Originally Posted by Merkicus
I spend at least half the time at my computer on torrent sites/other dodgy back-end type places. I DO run firefox with noscripts, a virus checker and generally aren't a dumb-ass about spam/fake e-mails. I've had the same password for about the last year, before that the same for probably the last 2 years.
I have an authenticator and yet to have the slightest bit of hassle. Now considering the "pointless POS authenticator" is basically the ONLY thing keeping my ass covered in the face of a general disregard for good practice I FAIL to see how anyone can bitch about 4/5 drinks worth of keyring attachment that will generally make your life better.
At some point i'll pick up the infection that screws with where the data is sent during login and yeah, i'll likely have problems. HOWEVER: considering even IF you theoretically had the authenticator/man-in-the-middle style trojan they still need you to NOT spot the fact you entered all the correct details 3+ times on the trot to actually get control of your account.
First keycode: into account management
Second keycode: first of 2 needed to remove authenticator
Third keycode second of 2 needed to remove authenticator
With this in mind the authenticator IS still bulletproof. Get 1 and take a few seconds care logging in with all the right details each time. If you ever get turned away twice when you KNOW you entered the right details, you're still safe.
At this point you VERY rapidly whip out some other form of internet connection (call a friend, use mobile internet, fire up a laptop/netbook) and change you're password before properly cleaning your main system or just formatting and going again.
Let's have less idiots with the "i'm safe cos i'm not stupid" and more sensible folks with the "for christs sake, have 1 less night out this month and buy the authenticator!", yes?
Originally Posted by BoubouilleOriginally Posted by xxAkirhaxx
Yes, and the highest form of stupidity is to think that you're smart and therefore safe when in reality you're neither. The software on your machine is full of bugs that can be remotely exploited without requiring you to click any link, answer any email or even open your browser.Originally Posted by Shinshiva
I play in a guild of about 25 active members. Iv been in it for bit over 2 years. From when i started to about 2 months a go i can recall 2 insidents of account theft. Last week we had 2, the week before we had 6. Total is at about 12 thefts in past month and a half.
Now, im not saying that all of our people are doing everything they can to not get hacked. Indeed, some of them have major broblems, like children who use the family computer and thus make the system vulnerable to human error. Still, it cant be that 1/3 of our players magically got "dump" after good 2 years of being "smart". 2 Of the thefts happened to accounts that had been unactive for months. One of them did not have play time on it. I got hacked and the thief(s) payed one months game time to it. Quite a few of the hacked people are what i consider to be "street smart" when it comes to computer related stuff. People who earn their pay by "fiddling" with computers and web relatede services.
Clearly something is giving away vital info of our accounts in a manner that leaves eaven the seasoned players wondering...
At current, our guild has "no authenticator, no acces to g-bank" policy. Our GM simply got fed up doing reports of stolen goods twice every week.
Ipit, Finnish speaking 25 raiding guild on Lightbringer-EU is recruiting. Check our website for more info.
How your account is being 'hacked'.
Based on personal experience, insight, and reports from a bunch of places..
- Malicious software/Malware - Rare
- Links / Social Engineering - Most Common
- Keyloggers that logs all keyinputs
- Keyloggers or malware that logs only selected application
- Bruteforcing - Rare
- "You are visitor number 999,999,999...."
- Malicious links through MSN, ICQ, IRC etc..
- Keywords; Cataclysm, Alpha, Beta, Rare Mount.
- Ingame whispers: Congratulations....Visit this adress to: ......
- Emails; reply to this email, include your password .... or you will be banned
- Fake webpages
- Are you buying gold/powerleveling? Oh snap...
- Malicious websites and insecure databases
- If they got your email, they try & fail till they got your password, both with total random generated passwords, or premade passwordlists.
- If you have been 'hacked' before, you're guaranteed to loose your account again, if you ever use your old password again.
- Buying userlist & passwordlists from other sites, theres always someone using the same info everywhere
- Many websites out there haven't done enough to secure their users information, many are sending unencrypted data back & forth between website and database. This information could be picked up by someone knowing how to exploit this.
- Other websites are not encrypting user info on purpose, and selling this info to people who might use it to try getting access to say Battle.net accounts. Even if they dont get the password you use on your Battle.net, they might get access to you email, where they then could ask for a password reset for your Battle.net account. This is what most likely happens if even the email on your Battle.net account is changed.
Even if the 'hackers' dont have access to your WoW account, they might be surveiling you email.
Then when they got your wow-account, they delete all traces of passwordchange etc, so it will take you longer time to discover (aka they get more time to empty your account).
When logging in to my gmail account this morning, I recieved this warning:
"Warning: We believe your account was recently accessed from China.", and Im most certain that its the wow account they're after..
How to protect yourself?
- Change password once every month or so.
- Never use the same password on you wow-account as on anything else.
- Use special chars, numbers etc to build your password, and have a lenght of atleast 12chars.
- Even a password like c0mpl3x1ty (easy to remember, aint it?) is better than most commonly used passwords
- DO NOT SHARE ACCOUNT WITH ANYONE, what if your dumb littlebrother clicks on that link with Cataclysm Alpha Early Access omglolz1!?
- Get yourself an Authenticator: US | EU | Android | iPhone | Blackberry | Other Phones | Windows, its safer than many of the banksolutions out there. (Also available on Zune Marketplace for Windows Mobile 7)
- The numbers generated by an authenticator is infact not as random as then seem, theyre calculated by a long and hard-to-break algorithm. It is, though, possible for 'hackers' to break this algorithm, by harvesting enough data from when you enter the numbers from you authenticator. It is therefor also important to have a up-to-date antivirus solution picking up those nasty trojans, and a firewall stopping them of sending any data at all.
What the 'hackers' do when they got your account
- Sell every BoP item, and items not worth anything on AH. (+Disenchanting)
- Put every valuable item on AH (some ship them off to another account they own)
- Do you have any farming professions? Its Botting time !
- Sell stuff farmed by botting on AH
- Sending every penny off to another account
- Create Goldspammers
As for the question about them attaching authenticator to your account.
This is to stop you from resetting the password the ordinairy way, you have to contact a GM to remove an authenticator from your account.
I think its possible to use one authenticator on several accounts aswell, so their expences in buying authenticators wont be that big.
I've started working on a webpage wich will confirm if the email you recieved from Blizzard really is from Blizzard.
This will hopefully help those who's uncertain/ just click the links in emails they recieve, it'll be a way for them to check first.
I've tried contacting Blizzard about if its possible to get information from them that will identify their emails, but so far I've only been forwarded back & forth between different tems.
Thats why I ask here, if anyone could be so kind to send me their headerinformation from emails they've recieved from Blizzard / Battle.net.
Posting headerinfo from scam emails will also help, as I get more info on how to filter both of them out.
If you indeed are so kind that you'd help me out, take a look here on how to find header info for most used email providers, and click here to submit them.
There is no information within these headers that would compromise your account (other than I know the email you use for it), and I will delete all the info as soon as I'm done working through it.
Exactly. Or they disabled their authenticators and didn't admit it- or something along those lines. Keep in mind- people may "say" one thing, but usually there is something more to it. We watch our guild closely for hacks, and EVERY one of them either had no authenticator, or they had it disabled just before the hack.
Hackers do this for a living. They just watch and wait. Then they attack when they find a weak point.
My guess is that there aren't more hacks, you've just been witness to more. Any account is a potential target for a hacker. Inactive ones, or careless players are easier targets.