Authenticator's Useless

[RedMageNeko]

My account was hacked tonight. I've had an authenticator for months and no one has access to it but me. Its on my keyring and kept either on my desk infront of me or in my pocket at all times. So it appears I wasted my money on a useless security device. GG Blizz, you useless bastards. Now I have to wait and HOPE some idiot at customer support answers my request, changes my password so I can get back on, and recover all my items and gold, which I KNOW are gone by now. I had almost 8 eighties, a massive stockpile of gold and mats for every profession divided up amongst a half dozen characters on my main server, not to mention I had spent months gearing out and enchanting a number of them to their best in slot.

If you've got an authenticator, you might as well throw the damn thing away because apparently Blizz makes useless crap now.

[Enhshamanlol]

My account was hacked tonight. I've had an authenticator for months and no one has access to it but me. Its on my keyring and kept either on my desk infront of me or in my pocket at all times. So it appears I wasted my money on a useless security device. GG Blizz, you useless bastards. Now I have to wait and HOPE some idiot at customer support answers my request, changes my password so I can get back on, and recover all my items and gold, which I KNOW are gone by now. I had almost 8 eighties, a massive stockpile of gold and mats for every profession divided up amongst a half dozen characters on my main server, not to mention I had spent months gearing out and enchanting a number of them to their best in slot.

If you've got an authenticator, you might as well throw the damn thing away because apparently Blizz makes useless crap now.

Youre in the 1% chance of people geting hacked with authenicators GG sir

[Benitora]

Ever heard of the middleman spyware?

Here is some basic info:
A trojan virus have been confirmed by Blizzard to be able to break the Authenticator protection.

What it does:
It stops the code you are sending to Blizzard from the Authenticator, and it sends another code instead, giving you a error message.
The code that it have intercepted will give the Keylogging person a few seconds to log in and change/destroy the account information that you have.

How to check if you have this trojan:
Search your computer for a file called "emcor.dll", and delete it. It's most likely put itself into the "C:\Users\(Your user name)\AppData\Temp" folder, but do a complete search just to make sure you get it.

Problem is, if you find the virus, then it probably means your account is already compromised.

Get a good Anti-virus program and make sure that you do a virus check atleast once each second day at a minimum.

However, if you already have a good Anti-Virus program and a Authenticator, then you are very likely to be safe already.
If you have a Anti-Virus program where you can modify what files to get, then I suggest you type in that Trojan name at once, so that you can avoid this ever coming onto your computer.

I borrowed that info from another Benitora I'm stalkin.

[Deleted]

You are either troll or very stupid if you can get MITM'd. http://en.wikipedia.org/wiki/Man-in-the-middle_attack

[Rogge]

1. If you get hacked, the problem is with you.

2. If you get hacked with an authenticator, the problem is still with you.

The difference between these is that option 1 has hundreds of ways to get hacked, and option two basically has one way to be hacked.

People are still much better off with authenticators, but if you don't have control over your own computer, you're never completely safe.

Now stop blaming blizzard for your shortcomings, they can't send an employee to your house to babysit you.

[Geckomayhem]

So you had your account compromised and you blame a device that increases security? Imagine how much sooner you would have had your account security breached if you didn't have an authenticator...

People should really stop pointing the finger at Blizzard and take some responsibility for not being security conscious. Let me guess: you didn't have a unique password for your account or you downloaded or installed something that allowed for keylogging (not to mention this sounds an awful lot like a mitm attack).

The problem lies with the user, not with Blizzard's authenticator system. But hey, feel free to come to the MMO-Champ forums to vent so other people can just slap their forehead at yet another account breach. :/

[Deleted]

Shit happens man. ITems will be restored though, happened to me in a more stupid way.

You can only get hacked in a window of seconds, with a certain particular trojan that Benitora kindly shared.

It's annoying, i know.

[lopus]

My account was hacked tonight. I've had an authenticator for months and no one has access to it but me. Its on my keyring and kept either on my desk infront of me or in my pocket at all times. So it appears I wasted my money on a useless security device. GG Blizz, you useless bastards. Now I have to wait and HOPE some idiot at customer support answers my request, changes my password so I can get back on, and recover all my items and gold, which I KNOW are gone by now. I had almost 8 eighties, a massive stockpile of gold and mats for every profession divided up amongst a half dozen characters on my main server, not to mention I had spent months gearing out and enchanting a number of them to their best in slot.

If you've got an authenticator, you might as well throw the damn thing away because apparently Blizz makes useless crap now.

actually it would be more useful if a smart guy in customer support answers you, an idiot one wont help much

[Apoc11]

My account was hacked tonight. I've had an authenticator for months and no one has access to it but me. Its on my keyring and kept either on my desk infront of me or in my pocket at all times. So it appears I wasted my money on a useless security device. GG Blizz, you useless bastards. Now I have to wait and HOPE some idiot at customer support answers my request, changes my password so I can get back on, and recover all my items and gold, which I KNOW are gone by now. I had almost 8 eighties, a massive stockpile of gold and mats for every profession divided up amongst a half dozen characters on my main server, not to mention I had spent months gearing out and enchanting a number of them to their best in slot.

If you've got an authenticator, you might as well throw the damn thing away because apparently Blizz makes useless crap now.

Also having them change your passwords won't fix your problem, next time you log in they will just hack you again.. Lol and you are the 1% a authenticator does not make it hack proof but just provides extra security.

[TurdFerguson]

You are either troll or very stupid if you can get MITM'd. http://en.wikipedia.org/wiki/Man-in-the-middle_attack

If you're going to be a jerk, try not to be ignorant thus making you look like a fool. In this case "the man in the middle" would just be either the communication rerouted or simply stopped within winsocks . Point being, it's not more difficult to get a trojan that does this than any other kind. Certainly there are no browser exploits out there to run code on your machine thus installing a trojan right? /eyeroll

[RedMageNeko]

Ever heard of the middleman spyware?

Here is some basic info:
A trojan virus have been confirmed by Blizzard to be able to break the Authenticator protection.

What it does:
It stops the code you are sending to Blizzard from the Authenticator, and it sends another code instead, giving you a error message.
The code that it have intercepted will give the Keylogging person a few seconds to log in and change/destroy the account information that you have.

How to check if you have this trojan:
Search your computer for a file called "emcor.dll", and delete it. It's most likely put itself into the "C:\Users\(Your user name)\AppData\Temp" folder, but do a complete search just to make sure you get it.

Problem is, if you find the virus, then it probably means your account is already compromised.

Get a good Anti-virus program and make sure that you do a virus check atleast once each second day at a minimum.

However, if you already have a good Anti-Virus program and a Authenticator, then you are very likely to be safe already.
If you have a Anti-Virus program where you can modify what files to get, then I suggest you type in that Trojan name at once, so that you can avoid this ever coming onto your computer.

I borrowed that info from another Benitora I'm stalkin.

Thank you for they information. I did a file search and did not find the file you mentioned, but I'm running two seperate virus scans now to try and track it down.

Second, allow me to appologize for my tone in my earlier post. As I imagine many can understand, I was and still am angry about having my account hacked. I have put a lot of work into my characters and I have no certainty or confidence that Blizz will restore all that was lost, which at current server economy on my server and the large variety of mats, gems, and other auction house items the hacker could take and then dump into the auction house would come to what I estimate to be 20,000 gold.

As for how the virus got in, the only things I have downloaded today is an update to Healbot and DBM via the Curse gaming client and what I am tentivly pointing the finger at, as I had downloaded an update to Healbot and then logged on a short while later for about an hour or so three hours before the hack. I would not have even noticed if I hadn't gotten up to use the bathroom just as the e-mail from Blizzard saying I had just changed my password came and I clicked it immediately thinking perhaps I had gotten a beta invite or something.

Again, I appologize for my town, but as anyone can imagine I was and still am very upset and worried about what I'll find out when blizz contacts me.

[Horrid Crow]

Buy a Mac.
5 years and still playing hack-free, without any authenticator shit or other bullshit.

[unillenium]

Buy a Mac.
5 years and still helping contribute to Steve Job's flagrant narcissism and hatred towards independent software developers .

fixed.

[Benitora]

Buy a Mac.
5 years and still playing hack-free, without any authenticator shit or other bullshit.

Or just get a actual computer. Which can play other stuff.
And free Anti-Virus/Spyware programs such as Malwarebytes and AVG. Much much cheaper.

[Nartalath]

Unfortunately there is no safe way to use the internet without fear of hacking. No matter how advanced the latest-and-greatest security measures are, there will always be someone who hacks his way through it simply because he can. And because he can break that security, he feels he is entitled to a reward- your stuff. Your credit card info, savings accounts, emails, photos, gaming info, anything he wants he will take. That's how hackers work: they take because they can.

However the more security measures you use, the less likely you are to encounter a trojan, worm, virus, keylogger, etc. etc., that can break through all of those securities. Which makes an authenticator worth the measly $6 I paid for mine.

[Kidoeng7]

Dude stop going in certain site they are not safe

[Kokiron]

Buy a Mac.
5 years and still playing hack-free, without any authenticator shit or other bullshit.

Pay $1000+ for a decent Mac just so I can play WoW with less danger of getting hacked when I could instead buy a $6 authenticator that leaves me with about a 1% chance of getting hacked?

I'll take the $6 authenticator and keep they computer I already have.

[Benitora]

Hm, let me see... You paid $6 for the authenticator, OMG UR GONNA BE POOR NOW.

Blizz never guaranteed that the authenticator will 100% prevent hacks. Any half-savvy web surfer knows that any security measure will be broken within a few days, maybe a week, of implementation. People hack because they -can-. Were you born yesterday, thinking that you can be 100% safe of the intarwebz?

But even then, I'd rather take my chances with the few hackers that know how to break the authenticator than deal with the multitudes of hackers that would have the opportunity to hack my account without one.

I am actually gettin a tiny bit tired of people callin em hackers. They are KEYLOGGERS. Far far different from an actual hacker.

[Horrid Crow]

Or just get a actual computer. Which can play other stuff.
And free Anti-Virus/Spyware programs such as Malwarebytes and AVG. Much much cheaper.

I can play any game on my Mac that you are playing on your Windows machine.
Probably even better too.

[Simca]

As for how the virus got in, the only things I have downloaded today is an update to Healbot and DBM via the Curse gaming client and what I am tentivly pointing the finger at, as I had downloaded an update to Healbot and then logged on a short while later for about an hour or so three hours before the hack. I would not have even noticed if I hadn't gotten up to use the bathroom just as the e-mail from Blizzard saying I had just changed my password came and I clicked it immediately thinking perhaps I had gotten a beta invite or something.

This isn't actually possible, btw. Addons run on lua script, which can't actually affect the system of the user, UNLESS you go into your World of Warcraft/Addons/Healbot/ folder and ran a program called Healbot.exe after somebody uploaded a malicious version.

Basically, you'd have to be stupid to get hacked via Curse Client AND somebody would have to hack the author's login information.

Don't blame your own security issues on Curse Client.