Behind the Curtain: My turn to get hacked

Age of Conan: We have news of the first Conan expansion! Plus, we just went to Zeltana and Conall's Valley! Go check em' out and then go roofjumping with our MMO Urban Exploration article or tour the guild cities!

Lord of the Rings Online: Turbine has teamed up with Warner to release Moria! We toured Book 14, the last patch. Plus scan our new info on the Mines of Moria expansion, our vanity pets guide, and our intro to LotRO housing!

World of Warcraft: The Lich King Beta is open! The WoW recruit-a-friend program is all-new, and we've got a WWI roundup. Check our WoW guide for Guild Wars players and an opinion on WoW vs. WAR comparisons.

Massively Features: Massively has been everywhere! We went to E3, we went to PAX, we went to Gen Con, and we went to Fan Faire! Plus make sure to go deep into our Warhammer launch coverage.

EVE Online: Do you follow the 10 Commandments of EVE? Committed one of the 7 Deadly Sins? Learn what you should do before you undock, learn about EVE's backstory, and make some money for nothing!

Warhammer Online: Waagh! Massively goes to WAR with the Elves of Warhammer! Check out our PAX 2008 coverage for dev talks, and then look into the state of the game, 'ask a Beta tester', and a Beta tester's journal!

Behind the Curtain: My turn to get hacked

by Craig Withers Jun 19th 2008 at 9:00PM

Filed under: World of Warcraft, Fantasy, Culture, Opinion, Behind the Curtain

It's official – my guildies are 'teh awesomez'. The reason? My World of Warcraft account was hacked yesterday afternoon, and I've already been inundated by offers of assistance and gold from my friends, should things go South once I log back into my account.

To clarify – I came home from work yesterday evening to find a nausea-inducing email from Blizzard informing me that my account had been suspended due to activities which made them suspect it has been compromised. They advised that they had reset my account password, and suspended the account for three hours as a precautionary measure. Unable to actually access my account in-game, I check the Armoury to see what state my characters were in, only to find that of my three level 70 characters, only one is now showing up, and he's completely naked. So it seems that not only have all my items been sold off, but at least two of my characters have been deleted. It's that last part that really annoys me.

Having warned my guild, it seems that the guild bank was left alone, which is a relief. Given that I've only got the standard level of access to the bank, there wouldn't have been too much damage the hacker could have done, but that's not to say it wouldn't have mattered.

I follow all the usual security procedures – I run Firefox with NoScript, AVG and Zonealarm Pro, I only access WoW from one machine, and I've never shared my account info. I have XP patched up, and I reformatted my PC just under a fortnight ago. Although I do use Addons, I'm careful to only download them from WoWAce or Curse, and nowhere else. I haven't even logged into WoW for a week or so, so I'm absolutely bewildered as to where the infection has sprouted from.

I ran Virus and Spyware scans last night, and both came back clean, but I'm taking no chances and I'm doing a complete reformat on my PC over the next couple of days.

Until I've got my machine back on its feet I won't be logging in to WoW, just to be on the safe side, so it's going to be a couple of days before I'm able to properly assess the scale of the damage. Once I've done that I still have to get in touch with a GM, explain the situation and try to recover my gear. Unfortunately, I'm well aware of the horror stories related by players who've found themselves at the tender mercies of Blizzard's Customer Service team.

With the help of my guild, I'm sure that I'll manage to get myself back on my feet, but even if I do manage to gear my characters back up, nothing is going to remove the feeling of worry every time I log into WoW from now on. Like Amanda Dean over on WoW Insider, and probably every other person who's been hacked in the past, I feel angry and violated, and also, oddly betrayed. I'm not entirely sure who I feel betrayed by, considering the whole thing is my own fault, but I've never been one to second-guess my own subconscious, so I'll just go with it.

So there you have it – that turned out not be the hate-filled diatribe I expected it to be. Watch this space, and I'll keep you updated on how things go, but in the meantime, why not hit the comments below and share your experiences of a similar situation, or simply flame me for whining about my own stupidity? Your choice.

Tags: behind-the-curtain, featured, hacked, hacked-account, world-of-warcraft

Related Headlines

Behind the Curtain: Gone for good? (51 days ago - 2 Comments)
Ask Massively: You are not a beautiful and unique snowflake. (2 days ago - 25 Comments)
Player Consequences: Getting back to Grouping (2 days ago - 14 Comments)
Anti-Aliased: I should market fanboi pesticide (Yesterday - 9 Comments)
Ask Massively: Second chances in MMO's (9 days ago - 24 Comments)

Reader Comments (Page 1 of 1)

6-20-2008 @ 2:49AM

Reader said...

Wow dude that really sucks. I'm curious as well to how your account information was acquired.

6-20-2008 @ 3:31AM

iisdev said...

Not a huge fan of ZoneAlarm. If I may suggest an alternative - Comodo is a much better at leak prevention.

You probably don't want to hear this but an immediate reformat doesn't help determine *how* this happened (which is important if you want to avoid this from happening again). Before you destroy any evidence you should image your computer so that you can compare it later to a (fresh) baseline install.

6-20-2008 @ 4:56AM

onetrueping said...

Comodo also has a tendency to be extremely draconian and very hard to access the settings of once it's set up. I know a man, good friend of mine, who had it installed and found that he could not access a forum because Comodo was set up to block all cookies. He found a work-around of sorts: boot the computer in safe mode, load the site that uses cookies so the cookies download, then reboot to normal. Once the cookies are in place, they aren't bothered... it's just a pain to have to jump through all those hoops.

6-20-2008 @ 4:01AM

Poozle said...

I remember hearing about a bug in flash player that was somehow allowing people to create ways of getting your WoW user data just by getting you to run an infected flash file. Could it have been something like that? It sounds unlikely but its the only thing I can think of that could have got through your levels of security...

6-20-2008 @ 4:49AM

Fizzl said...

You say you only use wow on the one machine, do you look at the forums only on that machine as well?
Maybe looked at the forums while at work or while at an internet cafe?

Its the same username and password and your browser is probably saving it unencrypted.

Another thing to think about is if you use web mail it might actually be your email account that is compromised. Again work or internet cafe PC's are the biggest culprits.

Hope it all gets sorted out.

6-20-2008 @ 7:39AM

crsh said...

It happened to my WoW account in November '06, took a whole month to get full restoration (I hear Blizzard does that a lot faster now in most "legit" cases now); my two lv60s were stripped bare, gold and mats gone, I was fortunate enough they didn't lose their maxed-out professions.

During that month of waiting I still played regularly: I leveled a warlock to lv40, and I ran AV defense on my naked priest (while getting an awful lot of tells asking me wtf I was doing naked in AV).

I still don't know for sure how I caught that keylogger, probably from some addon I downloaded off Curse (or perhaps a banner). Anti-spyware shield, regular scans and only using Firefox with NoScript since then.

6-20-2008 @ 8:32AM

ScytheNoire said...

And I'm sure there will still be those people who disagree with me that the most important thing all MMO's should have these days is a secure login that goes beyond just a password. It's so easy to do, but no one is doing it.

And Comodo is a great firewall program. If you don't know how to operate it, try reading, or perhaps switch to a Mac.

6-20-2008 @ 9:52AM

Riggler said...

I was hacked over a year ago via a keylogger I picked up unbeknownst to me from mmorpg.com...didn't require clicking on anything just visiting the website...I petitioned a GM and though it was elevated to their investigations department...apparently it was not...I repetitioned a month later after not hearing back and was met with the ultimate response "sorry but we cannot verify your loss"...needless to say, I let my account expire and haven't given Blizzard a nickle since...

6-20-2008 @ 11:32AM

Ghen said...

My wife got her account hacked after downloading an addon from Curse.

As a matter of fact I don't know a single person that got hacked that didn't use curse-gaming.

6-20-2008 @ 11:36AM

danarchy said...

It may not be your fault at all actually. There is some other way for them to get account info. My roommate reactivated my dormant wow account a few months ago. She had never had a pc powerful enough to run the game and decided to try it after we built her a new one. She logged in and ran around on Thursday and Friday evening. On saturday afternoon she logged in again only to discover all my characters were gone and every character slot was filled with guys named Sgsfsfst and such. She had never typed the user name and password into any message board, and wouldnt know what a mod was. Brand new system that I had nuked and paved to get all the "bonus added" crap off it the thursday before she installed and played. At no time was she surfing the web or typing my info into any page. Multiple complaints to the gm's about this only yielded me "We are investigating your issue and will get back to you". I got the same exact reply for 3 weeks straight and the only other response I got was a email telling me how to protect myself from keyloggers. I can guarantee you there were no keyloggers on that system. I have worked in IS for 18 years and I went over it with a fine toothed comb. So it may not be you at all, there is someway to get your info other than infection.

Add your comments

Your comments:

Remember me

E-Mail me when someone replies to this comment

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

Massively Features

Events Calendar

Name	Date
Dragon*Con	Aug 29-Sept 1
Penny Arcade Expo	Aug 29-31
Warhammer Online Launch	Sept 18
GAMES LIST »

Hot Topics

Title	More like this
PAX 08: Hands on with Mines of Moria	PAX 08
PAX 08: Champions Online Content Lead speaks	PAX 08
PAX 08: WAR patches, Open Beta and content rumors	PAX 08
PAX 08: Interview with Champion's Online writer	PAX 08
EVE Evolved: Money for nothing	EVE
5 attention stealing MMOs	Digital Continuum
How to put Massively on your personal website or computer	New Titles
MASSIVELY FEATURES »