Hacked

Nehaxak

Uttik wrote: »

I am still unsure how the feck i was hacked.

Uninstall Internet Explorer from your system for a start

Didn't you login and play on your server for a few days when your pump went bust ? Are you sure your server was 100% secure, no virus, no malware ?

Just throwing some options out there.

I was 100% sure my system was perfectly fine when I was hacked a while back, I'm still of the belief my actual email account was hacked via the server I was hosting it on and they used access to that to request a new password and get in to my account.
Reason I think that is because when I logged in and was chatting with a GM about being hacked, I got an email giving a link to reset my password from Blizzard, confirmed with the GM that it was the case also, so did indeed look like they had changed my password through the request option from Blizzard.

If that makes sense hard to explain but an easy uneventfull hack of sorts to do that doesn't require a virus on the persons computer, just access to their email held online (google, whatever).

In essence, change your email passwords and if you have hosting that your email is being served from, change those passwords too. It might not have been your computer being infected at all.

Oh and yeah, uninstall Internet Explorer.

Overheal

In fairness Blizzard goes pretty beyond the realm of normal to keep accounts secure. But shipping 11 million authenticators out is neither practical or warranted.

They've set up a new security page on the main website discussing potential warcraft vulnerabilities, including the use of gold and power leveling services. Gold services because when they look up the transaction history, the funny Gold is almost in all cases traced back to hacked player accounts.

Uttik

Nehaxak wrote: »

Uninstall Internet Explorer from your system for a start

Didn't you login and play on your server for a few days when your pump went bust ? Are you sure your server was 100% secure, no virus, no malware ?

Just throwing some options out there.

I was 100% sure my system was perfectly fine when I was hacked a while back, I'm still of the belief my actual email account was hacked via the server I was hosting it on and they used access to that to request a new password and get in to my account.
Reason I think that is because when I logged in and was chatting with a GM about being hacked, I got an email giving a link to reset my password from Blizzard, confirmed with the GM that it was the case also, so did indeed look like they had changed my password through the request option from Blizzard.

If that makes sense hard to explain but an easy uneventfull hack of sorts to do that doesn't require a virus on the persons computer, just access to their email held online (google, whatever).

In essence, change your email passwords and if you have hosting that your email is being served from, change those passwords too. It might not have been your computer being infected at all.

Oh and yeah, uninstall Internet Explorer.

after i do a format, I have my own check list

IE is the first to go.

As for my server, its updated daily, And i clean my network daily. I did two scans suits today, Using 4 programs to make sure.

And as you say it, I think it was my email account they got, As i had 4 password requests.

I use 16 digits in my passwords Upper and lower case letters and numbers. So they are not easy to get.

Its not my first time on the block

As i said i have been playing 6 year, This is the first time i got hacked. And it will be my last.

But i would love to know how they did it.

Blowfish

Overheal wrote: »

In fairness Blizzard goes pretty beyond the realm of normal to keep accounts secure. But shipping 11 million authenticators out is neither practical or warranted.

tbh though it wouldn't suprise me in the least if they are planning on including a free authenticator in the box with their next MMO. The amount it'd cost to mass produce them is probably less than the amount it costs in support etc. to restore accounts/track down gold sellers.

Uttik

Blowfish wrote: »

tbh though it wouldn't suprise me in the least if they are planning on including a free authenticator in the box with their next MMO. The amount it'd cost to mass produce them is probably less than the amount it costs in support etc. to restore accounts/track down gold sellers.

You are correct here mate,

The man power/Time they are spending, On looking in to hacked accounts and restoring items is a big drain on them.

me-skywalker

thinking about this now ive used this website offgamers.com to buy a wow sub card. as I dont have a CC and it was middle of the night when my accoutn expired I needed to get in quikc so I used this site and back end of last year.

They accept Irish Laser and send you and email with a link in it, then you click on that link and it brings you to another page with the sub code.

This is where I might have got hacked from this year when I eventually relogged!!

Overheal

It would be a cool move to include the authenticators in new box sets alright. Either new Battlechests or the Expansion kits.

][cEMAN**

There aren't 11 million current subs going. They give out free month subs to people coming back to the game. They could easily take 1 month sub €10 or so, and justify that cost against an authenticator. The authenticator costs less than a 1 month sub.

The biggest issue they'd have after that would be finding a place to store all the closed hack cases.

Nehaxak

Install a copy of Secunia PSI on your computer and do a full scan, I bet people would be surprised at the amount of insecure software they have installed with known exploits.

http://secunia.com/vulnerability_scanning/personal/

Couldn't recommend it highly enough. It's not a virus scanner, it just scans your computer for unpatched and insecure programmes.