Old WoW account 'hacked'

Matmulder · 9 Sep 2010 at 21:26

Had 2 (very legit looking) emails from Blizzard today. First one telling me someone had requested a password change, second one telling me my account had been suspended.

I'm a suspicious person, so despite all the hotlinks in the email being legitimate, I went direct via the website and sure enough, account suspended for 72 hours for the use of hacking/botting tools used on my old, inactive account (that had recently had a 7-day trial code used to reactivate it).

What I don't understand is:

- How did they request a password reset when they need quite a lot of info to do so (secret question, full name)
- My WoW account password was unique to the account, and I've not logged into my account for *at least* 18 months. Passwords weren't reset, so how did they get my password? Can't be a recent key-logger, I've not typed that in since my last login! They had my details all this time?

I reset all my account passwords, I just find the whole thing bizzare. I've asked Blizzard to try and recover my account if possible, as I was looking to rejoin when Cata is released - and I don't want to come back to naked characters and 0 gold!

Anyone had similar? I feel violated

Dan7 · 9 Sep 2010 at 21:40

Although I quit over a year ago, my account got hacked a few months ago, only realised it was hacked when a friend MSNed me wondering why I came back to WoW as he saw me online on his friends list.

After getting the account back (emailed Blizzard to recover it) I got this email....

Greetings,

We are writing to inform you that we have, unfortunately, had to cancel your World of Warcraft account:

Account Name: xxxxxxxxx
Type of Violation: Confirmed use of unapproved Third Party Software Investigation Concluded: 15/06/2010 Consequences for Account: Account Cancellation

This account has been found to have employed third party software designed to automate many aspects of the World of Warcraft game play experience. Such software runs contrary to the essence of World of Warcraft and provides an advantage over other players. In addition, use of this software can lead to exploitation and destabilization of the World of Warcraft server economy. As such, this account has been closed and will not be reopened under any circumstances. Any recurring subscription plans active on the account have been disabled to prevent further charges.

Mailed them asking what on earth was going on...and got:

Greetings,

Following a review of your case, we can confirm that the evidence presented was correct, and that the subsequent action taken was appropriate. Our decision in this matter stands, and will not be overturned.

Please note, it is our policy never to reveal details regarding account investigations, beyond the information given in the original notice mail, for privacy and security reasons.

We now consider this matter closed, and would not look to enter into further communication on the matter.

Obviously my account was being used for gold farming/botting :/

Was going to return for Catalysm too which is a little annoying!

Hopefully you've caught it before it was used for any further botting, good luck getting your account back!

z3r0 · 9 Sep 2010 at 21:41

Wow.

Metatron · 9 Sep 2010 at 23:01

Weird.

And Dan7 that is hella gay.

Matmulder · 10 Sep 2010 at 00:19

Dan7, thats seems really harsh - Blizz have got back to me and said:

We have determined that your account has been compromised using a Key Logger or Trojan virus which can be used to obtain the account name and password of Battle.net or World of Warcraft accounts used on that computer, or through means such as account details scamming via malicious websites or e-mail.

We have also lifted any temporary suspensions or closures on your account, and you should now be able to access the game again.

Finally, we have escalated your issue to look for anything that may be missing from your account. A Game Master will contact you in-game within the next few days with the results of their investigation; in the meantime, please refrain from submitting tickets regarding this issue.

Which is great, except I explicitly said in my message I've not played for the past 18months, nor do I currently play, but a GM is going to contact me in game

Guess I could make use of my 'free' 7days, courtesy of some dirty hacker....

m4cc45 · 10 Sep 2010 at 06:30

IMHO the password reset system is crap. It resets your password without even emailing you a clickable link. Obviously they are pushing there authenticator but, for gods sake, why not just send a clickable link as well for that extra layer of security.

M.

'Wes · 10 Sep 2010 at 07:51

I get hacking emails constantly on my previous WoW address. The first email i got was basically saying my account had been hacked and my details had been changed, i found it odd at first because this email didn't greet me with my first name, just a plain 'Hello'. So i changed my email address to my Xbox Live address just as a precaution.

Now, i never get emails on my Xbox Live address saying my account details have been changed, or an email trying to shaft me in more ways than one to try and get me to initiate their attempts to hack my account even further, i get all that crap on my previous email address and the real Blizzard contacts me through my Xbox Live address, so the hackers fail yet again as it seems their little hacking tool sticks with your first email address.

iviv · 10 Sep 2010 at 10:12

'Wes said:
I get hacking emails constantly on my previous WoW address. The first email i got was basically saying my account had been hacked and my details had been changed, i found it odd at first because this email didn't greet me with my first name, just a plain 'Hello'. So i changed my email address to my Xbox Live address just as a precaution.

Now, i never get emails on my Xbox Live address saying my account details have been changed, or an email trying to shaft me in more ways than one to try and get me to initiate their attempts to hack my account even further, i get all that crap on my previous email address and the real Blizzard contacts me through my Xbox Live address, so the hackers fail yet again as it seems their little hacking tool sticks with your first email address.

That's not hackers, and its not using tools. Its simple spam that gets sent out to thousands of email addresses that they've collected. Most people that get the email won't even play WoW.

'Wes · 10 Sep 2010 at 11:17

iviv said:
That's not hackers, and its not using tools. Its simple spam that gets sent out to thousands of email addresses that they've collected. Most people that get the email won't even play WoW.

You sure? Because i've had various of them having fake links which require you to login [didn't click on them but it's pretty blatant they're after your details] and i recieved these emails as soon as i signed up to WoW.

Sleepery · 10 Sep 2010 at 11:21

Well they don't need your personal details to set up a fake login page. Just set up the page, and spam the bejeesus out of every email they can scrape from the web.

Just look at it as a way of removing exceptionally stupid people from the mmo genre