Hacked.. again.

[Deleted]

Hey there.

This is the second time within a fortnight that my WoW account has been hacked, and I have no idea how it could possibly get hacked?

I've scanned my computer with multiple anti-virus/spyware programs, and not one of them has come up with anything..

I've changed my password several times aswell.

Any ideas of what is causing me to get hacked?

Thanks.

[Sephiracle]

Have you checked in the account settings to see if the person that hacked your account put in a secondary email address?

[Biosync]

after i got hacked like 3rd time or so i called Blizz support and asked them to do something about it. We changed all the Info i had into fake ones + secret questions etc. this was early Wrath and been safe from then
Id say u just call em and ask what can they do about it

[Deleted]

I had this a couple of times aswell.
After a while Blizzard will 'Ban' your account, and they helped me to move my battle.net to another email. Hacking has stopped ever since.
Maybe you can request a transfer aswell.

[Deleted]

Currently waiting on blizzard to get back with resetting account details with fresh e-mail address, security question, etc.

Have you checked in the account settings to see if the person that hacked your account put in a secondary email address?

Never thought about that, I'll double check once I get hold of my account again.

[Deleted]

have you made sure they've not hacked your e-mail or added a secondary e-mail as Sephiracle mentioned?
Also, Authenticator?

[Majesticii]

Probably a keylogger, that just records the new password as soon as you login again. And your scanners are inadequate to detect it.
Either don't login until you get a authenticator (but really, why wouldn't you have one already -_-) or format your windows partition, and reinstall it.

[Cantii]

e-mail hacking, you could get keyloggers in the torrents you download if you get them from public trackers. if you buy gold, you get them through the website, many ways you can get hacked. I suggest using firefox with the addon No-Script, also actually using an anti-virus and anti-malware help a lot.

Getting hacked twice means YOU'RE doing something you're not supposed to or your computer is far from protected. You're probably sitting in your router's DMZ without an anti-virus or any kind of daemon running (AV, firewall, anti-malware, etc). So these are my suggestions to you: Get yourself out of the DMZ and actually forward the proper ports, get yourself a good AV and anti-malware, turn on your router's firewall (this goes along with forwarding ports), turn on NAT filtering, change the password on your router from "admin" or something else less guessable, stop going to questionable sites, stop buying gold...

And buy yourself a damned authenticator. Getting hacked is 100% of the time the player's fault, no sympathy here.

[Deleted]

e-mail hacking, you could get keyloggers in the torrents you download if you get them from public trackers. if you buy gold, you get them through the website, many ways you can get hacked. I suggest using firefox with the addon No-Script, also actually using an anti-virus and anti-malware help a lot.

Getting hacked twice means YOU'RE doing something you're not supposed to or your computer is far from protected. You're probably sitting in your router's DMZ without an anti-virus or any kind of daemon running (AV, firewall, anti-malware, etc). So these are my suggestions to you: Get yourself out of the DMZ and actually forward the proper ports, get yourself a good AV and anti-malware, turn on your router's firewall (this goes along with forwarding ports), turn on NAT filtering, change the password on your router from "admin" or something else less guessable, stop going to questionable sites, stop buying gold...

And buy yourself a damned authenticator. Getting hacked is 100% of the time the player's fault, no sympathy here.

Sorry, but do you think I'm a complete idiot?

I DO use anti-malware/spyware, I DO use firewall (of course..), and I'm not stupid enough to go near sites such as gold-sellers, let alone desperate/sad enough..

The one thing that I don't currently have is an authenticator, as I was in the process of receiving one when I got hacked for a second time.

I was simply posting to receive more constructive feedback, like the ones earlier as of checking account details for secondary e-mails, rather than the usual OLOL GET ANTIVIRUS

[prZ]

(Mobile) Authenticator.

[Cantii]

Sorry, but do you think I'm a complete idiot?

I DO use anti-malware/spyware, I DO use firewall (of course..), and I'm not stupid enough to go near sites such as gold-sellers, let alone desperate/sad enough..

The one thing that I don't currently have is an authenticator, as I was in the process of receiving one when I got hacked for a second time.

I was simply posting to receive more constructive feedback, like the ones earlier as of checking account details for secondary e-mails, rather than the usual OLOL GET ANTIVIRUS

I did more than tell you to just get an anti-virus, I told you settings to enable on the firewall which will help prevent it from happening again, as well as the No-Script addon for Firefox to keep from automatically executing and downloading malicious scripts and software, which is the main way of delivering keyloggers outside of those hilariously bad e-mails from "bllzzard". Other browsers such as Chrome, maybe be a sandbox for every tab, they're still far from as secure as Firefox is. Still, thorough examination of account details should ALWAYS be done if you're hacked, and I still 100% whole-heartedly believe that if you get hacked, it's your own fault.

However, as prZ said, if you have an iPhone, Android phone or an iPod Touch, you can get the FREE mobile Authenticator.

[Senaelanna]

Change your e-mail passwords.

[Tyrianth]

Sorry, but do you think I'm a complete idiot?

I DO use anti-malware/spyware, I DO use firewall (of course..), and I'm not stupid enough to go near sites such as gold-sellers, let alone desperate/sad enough..

The one thing that I don't currently have is an authenticator, as I was in the process of receiving one when I got hacked for a second time.

I was simply posting to receive more constructive feedback, like the ones earlier as of checking account details for secondary e-mails, rather than the usual OLOL GET ANTIVIRUS

If you're getting comprised (hacked != compromised) it's most likely because you're doing something that you shouldn't be doing (ie clicking links in fake emails etc, etc). If you truly aren't doing any of that then check your software is all up-to-date; Antivirus/malware, flash, adobe-reader (if you have it installed, reader is a common source for viruses if it's not up-to-date and the vulnerabilities patches). That being said I'm guessing most wow-targeted viruses/keyloggers are administered through flash vulnerabilities.

[The Doctor]

Don't try to get back into your blizzard account until an authenticator has been put on it, you'll continue to be hacked until you do so.

[Purplz]

I would change my password on some sort of mobile device (ipod, iphone etc.) that way at least he cant log into your account, and after that get everything figured out with blizzard over the phone, run every anti virus/malware/adware program available and secure your computer. Dealing with this kind of stuff can be very time consuming, but its the only way.

[llDemonll]

Reformat.

Don't run antivirus, don't download more antivirus.

Just reformat.

Edit: Also, buy an authenticator now.

[Tyrianth]

Reformat.

Don't run antivirus, don't download more antivirus.

Just reformat.

Edit: Also, buy an authenticator now.

You'd make a horrible computer repair person. =\ Reformatting should be the last thing he does, especially since it's most likely a simple keylogger.

[Sephiracle]

msconfig, check startup programs, make sure the ones that are checked are ones you actually want to start up. Restart computer. Open Task Manager, note what processes and how many are running. Open WoW, see if anything other than WoW opens up. Open web browser, note the same. Probably download Hijack this, but don't delete anything, just note anything that looks out of place, search the web on those things that seem out of place. Change PW's for anything, i.e. WoW, emails, facebooks, etc. Authenticator go.

That's where I would start.

[Tyrionlol]

You don't have an authenticator...

[Zyzzyx]

At this point OP should have probably done a fresh install to be safe. If it's still happening, you're either making horrible passwords or have a really smart keylogger on your hands. There are some programs that are virtual keyboards for passwords that don't save to the clipboard, but I'm having trouble finding the one I used offhand, might be worth looking at. Unless you change some habits, time to get even more secure with it. Also, if you are ever unsure of a download or something you can use VMPlayer to make a virtual machine, test it, then see if it has any weird effects (many of those spyware type programs have some obvious side effects).