Behind the Curtain: My turn to get hacked
Filed under: World of Warcraft, Fantasy, Culture, Opinion, Behind the Curtain
It's official – my guildies are 'teh awesomez'. The reason? My World of Warcraft account was hacked yesterday afternoon, and I've already been inundated by offers of assistance and gold from my friends, should things go South once I log back into my account.
To clarify – I came home from work yesterday evening to find a nausea-inducing email from Blizzard informing me that my account had been suspended due to activities which made them suspect it has been compromised. They advised that they had reset my account password, and suspended the account for three hours as a precautionary measure. Unable to actually access my account in-game, I check the Armoury to see what state my characters were in, only to find that of my three level 70 characters, only one is now showing up, and he's completely naked. So it seems that not only have all my items been sold off, but at least two of my characters have been deleted. It's that last part that really annoys me.
Having warned my guild, it seems that the guild bank was left alone, which is a relief. Given that I've only got the standard level of access to the bank, there wouldn't have been too much damage the hacker could have done, but that's not to say it wouldn't have mattered.
I follow all the usual security procedures – I run Firefox with NoScript, AVG and Zonealarm Pro, I only access WoW from one machine, and I've never shared my account info. I have XP patched up, and I reformatted my PC just under a fortnight ago. Although I do use Addons, I'm careful to only download them from WoWAce or Curse, and nowhere else. I haven't even logged into WoW for a week or so, so I'm absolutely bewildered as to where the infection has sprouted from.
I ran Virus and Spyware scans last night, and both came back clean, but I'm taking no chances and I'm doing a complete reformat on my PC over the next couple of days.
Until I've got my machine back on its feet I won't be logging in to WoW, just to be on the safe side, so it's going to be a couple of days before I'm able to properly assess the scale of the damage. Once I've done that I still have to get in touch with a GM, explain the situation and try to recover my gear. Unfortunately, I'm well aware of the horror stories related by players who've found themselves at the tender mercies of Blizzard's Customer Service team.
With the help of my guild, I'm sure that I'll manage to get myself back on my feet, but even if I do manage to gear my characters back up, nothing is going to remove the feeling of worry every time I log into WoW from now on. Like Amanda Dean over on WoW Insider, and probably every other person who's been hacked in the past, I feel angry and violated, and also, oddly betrayed. I'm not entirely sure who I feel betrayed by, considering the whole thing is my own fault, but I've never been one to second-guess my own subconscious, so I'll just go with it.
So there you have it – that turned out not be the hate-filled diatribe I expected it to be. Watch this space, and I'll keep you updated on how things go, but in the meantime, why not hit the comments below and share your experiences of a similar situation, or simply flame me for whining about my own stupidity? Your choice.
_thumbnail.jpg "Aion Beta: Asmodian Ascension Quest")
Reader Comments (Page 1 of 1)
Reader said on 2:49AM 6-20-2008
Wow dude that really sucks. I'm curious as well to how your account information was acquired.
Reply
iisdev said on 3:31AM 6-20-2008
Not a huge fan of ZoneAlarm. If I may suggest an alternative - Comodo is a much better at leak prevention.
You probably don't want to hear this but an immediate reformat doesn't help determine *how* this happened (which is important if you want to avoid this from happening again). Before you destroy any evidence you should image your computer so that you can compare it later to a (fresh) baseline install.
Reply
onetrueping said on 4:56AM 6-20-2008
Comodo also has a tendency to be extremely draconian and very hard to access the settings of once it's set up. I know a man, good friend of mine, who had it installed and found that he could not access a forum because Comodo was set up to block all cookies. He found a work-around of sorts: boot the computer in safe mode, load the site that uses cookies so the cookies download, then reboot to normal. Once the cookies are in place, they aren't bothered... it's just a pain to have to jump through all those hoops.
Poozle said on 4:01AM 6-20-2008
I remember hearing about a bug in flash player that was somehow allowing people to create ways of getting your WoW user data just by getting you to run an infected flash file. Could it have been something like that? It sounds unlikely but its the only thing I can think of that could have got through your levels of security...
Reply
Fizzl said on 4:49AM 6-20-2008
You say you only use wow on the one machine, do you look at the forums only on that machine as well?
Maybe looked at the forums while at work or while at an internet cafe?
Its the same username and password and your browser is probably saving it unencrypted.
Another thing to think about is if you use web mail it might actually be your email account that is compromised. Again work or internet cafe PC's are the biggest culprits.
Hope it all gets sorted out.
Reply
crsh said on 7:39AM 6-20-2008
It happened to my WoW account in November '06, took a whole month to get full restoration (I hear Blizzard does that a lot faster now in most "legit" cases now); my two lv60s were stripped bare, gold and mats gone, I was fortunate enough they didn't lose their maxed-out professions.
During that month of waiting I still played regularly: I leveled a warlock to lv40, and I ran AV defense on my naked priest (while getting an awful lot of tells asking me wtf I was doing naked in AV).
I still don't know for sure how I caught that keylogger, probably from some addon I downloaded off Curse (or perhaps a banner). Anti-spyware shield, regular scans and only using Firefox with NoScript since then.
Reply
ScytheNoire said on 8:32AM 6-20-2008
And I'm sure there will still be those people who disagree with me that the most important thing all MMO's should have these days is a secure login that goes beyond just a password. It's so easy to do, but no one is doing it.
And Comodo is a great firewall program. If you don't know how to operate it, try reading, or perhaps switch to a Mac.
Reply
Riggler said on 9:52AM 6-20-2008
I was hacked over a year ago via a keylogger I picked up unbeknownst to me from mmorpg.com...didn't require clicking on anything just visiting the website...I petitioned a GM and though it was elevated to their investigations department...apparently it was not...I repetitioned a month later after not hearing back and was met with the ultimate response "sorry but we cannot verify your loss"...needless to say, I let my account expire and haven't given Blizzard a nickle since...
Reply
Ghen said on 11:32AM 6-20-2008
My wife got her account hacked after downloading an addon from Curse.
As a matter of fact I don't know a single person that got hacked that didn't use curse-gaming.
Reply
danarchy said on 11:36AM 6-20-2008
It may not be your fault at all actually. There is some other way for them to get account info. My roommate reactivated my dormant wow account a few months ago. She had never had a pc powerful enough to run the game and decided to try it after we built her a new one. She logged in and ran around on Thursday and Friday evening. On saturday afternoon she logged in again only to discover all my characters were gone and every character slot was filled with guys named Sgsfsfst and such. She had never typed the user name and password into any message board, and wouldnt know what a mod was. Brand new system that I had nuked and paved to get all the "bonus added" crap off it the thursday before she installed and played. At no time was she surfing the web or typing my info into any page. Multiple complaints to the gm's about this only yielded me "We are investigating your issue and will get back to you". I got the same exact reply for 3 weeks straight and the only other response I got was a email telling me how to protect myself from keyloggers. I can guarantee you there were no keyloggers on that system. I have worked in IS for 18 years and I went over it with a fine toothed comb. So it may not be you at all, there is someway to get your info other than infection.
Reply