- Joined
- 15 Mar 2004
- Posts
- 3,184
- Location
- Oxford
my account has been linked to battle.net account which is blizzard fault because they took no steps in which to e-mailme to ask for confirmation.
so pls get off your horse and walk out this thread. TY
WoW Account hacked :O
- Thread starter MadMan-JaMeS
- Start date
my account has been linked to battle.net account which is blizzard fault because they took no steps in which to e-mailme to ask for confirmation.
so pls get off your horse and walk out this thread. TY
I'm not on any horse. I just don't see how you can be blaming Blizzard for what is essentially your fault. I know your situation really sucks, but this kind of thing has been happening since the beginning of WoW. If you haven't taken steps to protect yourself from it, then you can't really blame Blizzard for what has happened. Why would Blizzard email to ask you for confirmation when merging your account on their system? You have to create a Battle.net account to merge into, then you log into that account. Finally, you then enter your WoW account details to begin the merge. All confirmation is done through their site. Why should they have extra laborious steps to ensure your account isn't being merged by some hacker opportunist? They give you ample advice on how to protect your account. They can only do so much you know.
At the end of the day, what has happened is crap, and it sucks that it has happened to you, but I've posted up a few useful bits in this thread about how to look after your computer's security and ensure that your WoW account will be safe in future. It could have been a lot worse, they could have stolen your internet banking details, and if you don't improve your security in future, then that is something that may well happen.
My question to you now is, what steps have you taken to ensure something like this doesn't happen again?
- Joined
- 15 Mar 2004
- Posts
- 3,184
- Location
- Oxford
Well i've ran a virus scan, i've used ad-aware. i will be changing my password when i get my account back.
i've e-mailed them but i guess i gotta wait till monday for a response
i've e-mailed them but i guess i gotta wait till monday for a response
because the email would have been sent to the email account it was merged with...
Soldato
- Joined
- 16 May 2004
- Posts
- 7,210
- Location
- Derby
I too had these emails yesterday and I havent played WoW for over a year now let alone logging into the forums or account pages.. Ill have to email support to see what they say.
You can get gear back, i've been hacked twice and got all my gear back everytime. You do however have to pay the cost you sell the items for vendor for e.g. if your gear comes to 100g after the hackers sold to vendor, you have to pay that 100g to get it back. Small price to pay tho imo.
Just wondering - how can they link a WoW account with a Battle.net account without knowing the WoW accounts password and security questions to authorise it - presumably by sending an "ok to link account" email to the WoW email account?
From the way many people have posted in this thread it's almost as if all they need is the WoW account username/password and they're good to go. Surely at some point the WoW account should be kicking out an e-mail warning of changes to e-mail/account status.
It sounds like whoever is doing the hacking is spamming mergers on the battle.net site with random account names.
It's a sad day when you have to start buying bank style authentication devices to protect a game account from fraud, sounds like Blizzard should have forced password changes every few months on accounts with more strict password strengths.
From the way many people have posted in this thread it's almost as if all they need is the WoW account username/password and they're good to go. Surely at some point the WoW account should be kicking out an e-mail warning of changes to e-mail/account status.
It sounds like whoever is doing the hacking is spamming mergers on the battle.net site with random account names.
It's a sad day when you have to start buying bank style authentication devices to protect a game account from fraud, sounds like Blizzard should have forced password changes every few months on accounts with more strict password strengths.
Last edited:
There are, unfortunately, quite a few ways to pick up a keylogger.
As far as the bank style authenticators, yup, it is rather sad but at least Blizz have taken steps to do all they can to protect you. It really is down to the user to keep PC's safe.
Firefox+noscripts is pretty much required for playing wow. Anyone who cares to even "look at" a gold selling site "just to see" will have a trojan installed if they don't have some sort of java supression on their browser (noscripts being one of the better all rounders). The occasional goldselling advert on random fansites gets the odd trojan slipped in too. None of it is really Blizz's fault, they made a popular game and do what they can to close the ******* down. Problem is far too many dumb users, once the hackers get on those accounts they have more access to the game and hydra style - you kill one and 3 pop up in it's place.
If you play wow:
1) Get a decent (free if you have to ) antivirus
2) Get Spybot, run all the updates and built in bits it has to deny access to the worst of the dodgy sites. Turn on the teatimer too as that makes it very hard for stuff to change system registry keys.
3) Go the firefox+noscripts route
4) Get an authenticator
Of the above only option 4 costs anything. With the above you ARE pretty much bulletproof hacks wise.
Regardless if hacks happen Blizz are generally pretty on the ball these days getting your account sorted.
Played since release and had zero issue account wise.
Last edited:
That's exactly what happens, but if a hacker gets your username and password, the first thing that they will change on your account is the email address. This then allows them to have complete control over it because all authorisation emails are sent to the new address.
As above, this is all they need to get into your account and take ownership of it.
They are definitely not spamming at all. They have the username and password for all accounts that they want to merge. You can't merge an account without this information, so that means that there is a keylogger, trojan or malware on the PC that the account information was stolen from. Most of the time they capture the username and password when you log into WoW. They then use this to go through the merge process into a new Battle.net account, and finally they clear out all your stuff on your characters. There is no uncertainty involved, they do this all with the information that is required.
I agree but Blizzard implemented their Authenticator system when they realised that a lot of accounts were being targetted, and that a lot of people are lazy with their internet security. As mentioned above by Mercutio, and by me earlier, it is very simple to maintain a good security routine. I don't understand why people don't seem to bother, especially when they have so much to lose. You can get very decent security packages for absolutely nothing if you go to the right places. I'll list them again:
AVG Free Edition
Spybot S&D
Comodo Personal Firewall
Mozilla Firefox
NoScript Addon for Firefox
These are what I use at home. I scan my PC for viruses and spyware at least once a week, and my firewall is always up. I pay attention to all programs that initiate outbound connections, and monitor inbound events on a regular basis. Not everyone will understand all the terminology in Comodo, but it isn't difficult to work out when a program is dodgy or not. Google is your friend, and most spyware and trojans often have very obscure names. Keeping to a routine like this doesn't take up much time, if any at all, since most of these programs can be scheduled to run whenever your PC will be free. In addition to all of that, NoScript, although quite annoying at times, blocks off a lot of elements in webpages and so keeps you fairly safe when browsing (unless you enable all content on dodgy websites, at which point your security routine will come into its own).
Associate
- Joined
- 27 May 2007
- Posts
- 230
why do the hackers not get caught? Do they make gold if the victim gets his stuff back?
Associate
- Joined
- 22 Jul 2009
- Posts
- 356
- Location
- United Kingdom
buy a blizzard authenticator, i bought 1 just incase and never have been hacked (touch wood)
- Joined
- 15 Mar 2004
- Posts
- 3,184
- Location
- Oxford
they make gold even if you don't get it back.
they sell allyougear and mats.
They completely emptied my bank andi had two bags of gems in then, they sold all my gear, even my mining bag, but for some reason not my ores ? :S
then they either send the gold to another account or trade it to another account.
i got my account back just not my gear yet.
i had 3 bags full ores :S and 10gold left.
one of my guildies said somebody was on the account talking to them like it was me :S
they sell allyougear and mats.
They completely emptied my bank andi had two bags of gems in then, they sold all my gear, even my mining bag, but for some reason not my ores ? :S
then they either send the gold to another account or trade it to another account.
i got my account back just not my gear yet.
i had 3 bags full ores :S and 10gold left.
one of my guildies said somebody was on the account talking to them like it was me :S
meh mine got taken over today
on the 2nd of august i visited curse.com for a mod kaspersky analyzed B.exe but didnt find anything wrong then it analyzed D.bat but didnt stop it making any files
today i wake up and my account is suspended all my gear on wow armory is gone.
but because kaspersky atleast logged the files that got downloaded from the flash exploit i knew what time the keylogger was created and i found in
C:\Documents and Settings\snoop\Local Settings\temp
59240kou.dll which is a 20kb dll running in the background acording to hijackthis and it was created at the exact same time as b.exe and d.bat were on my HDD
spybot didnt find anything which acording to the forums can get rid of the keylogger b.exe installs , kaspersky full scan again didnt find it so i just assumed it had disapeared and changed my password.
which was a little naive i did have the sense to change my account to a battlenet one though since someone else in my guild got hacked earlier this month and they merged his account so hopefully that makes it easier to get my account restored and the suspension lifted.
on the 2nd of august i visited curse.com for a mod kaspersky analyzed B.exe but didnt find anything wrong then it analyzed D.bat but didnt stop it making any files
today i wake up and my account is suspended all my gear on wow armory is gone.
but because kaspersky atleast logged the files that got downloaded from the flash exploit i knew what time the keylogger was created and i found in
C:\Documents and Settings\snoop\Local Settings\temp
59240kou.dll which is a 20kb dll running in the background acording to hijackthis and it was created at the exact same time as b.exe and d.bat were on my HDD
spybot didnt find anything which acording to the forums can get rid of the keylogger b.exe installs , kaspersky full scan again didnt find it so i just assumed it had disapeared and changed my password.
which was a little naive i did have the sense to change my account to a battlenet one though since someone else in my guild got hacked earlier this month and they merged his account so hopefully that makes it easier to get my account restored and the suspension lifted.
- Joined
- 15 Mar 2004
- Posts
- 3,184
- Location
- Oxford
just dnt plan on playing for atleast 3 days cos i still ain't got my gear back yet.
they werent in the addons there was a flash exploit where someone could upload a file onto your hardrive , it was fixed in the newest version of flash but i havent been reading the wow forums recently so didnt know.
curse had it so people could use flash in the comments field so someone went around adding a flash object on the comments of a bunch of popular addons all people had to do were visit a page where the guy had a left a comment with a flash signature or whatever inserted and you would be infected unless you had the most recent version of flash installed on your computer, and lets face it who bothers to check the flash player for updates ?
Associate
- Joined
- 21 Nov 2006
- Posts
- 285
Sounds like typical method of account swiping. I've been lucky enough to not have any problems but I could imagine it being really annoying.
