The worst possible thing to happen to a MMO player is getting their account hacked. All the work that you put in to your account can be gone and the process of getting your character and items back is a painful and long process. Companies of course take steps to protect customers like Blizzard’s Authenticator for World of Warcraft but recent events show that even these aren’t fool proof.
The Authenticator for WoW has a reputation for being hack proof and because of that a lot of people own one. Basically what it does is it gives you a set of random digits that you put in with your original password. So every time you log in to your WoW account you get an extra random password that only the owner of the Authenticator can know.
From what I know there hasn’t been a case of an account that used an Authenticator getting hacked but that changed today. There is a virus going around that can hack the World of Warfcraft Authenticator. The virus intercepts the Authenticator code when you log into WoW and sends Blizzard a wrong one (which is why you can’t log in since you will get a “Wrong info” error) and then the people behind the virus have a few minutes to log into your account with the real Authenticator code. A Blizzard employee said this about the recently hacked WoW accounts that used Authenticators.
So the Authenticator is not a fail safe way to keep accounts safe but it is still a very good investment. If you want to check to see if you have the virus just search for the file “emcor.dll” on your computer. If you have it then your account most likely has already been hacked.
Tools like the Authenticator can only do so much. It is really unfortunate that people are getting hacked even with this security measure but it all comes down to the user. Safe browsing habits, a good anti-virus, common sense (against phishers) and things like an Authenticator can make your account virtually hack proof.
The code on your authenticator changes every thirty seconds, so the hacker does not have a few minutes to log on, but under half a minute. That is a pretty small window of time for a hacker to get into your account.
Not impossible, but it is a pretty resource intensive way to hack an account as it requires the hacker to be there when his system logs him in to steal your stuff. He cannot change your password or remove the authenticator from your account at that point.
Meanwhile, if you knew what was happening (which is unlikely, but it could happen) you can actually log your account out from Battle.net by toggling parental control options.
But yes, no tool is perfect.
February 28th, 2010 at 8:53 pmQuote
He’d log into your account rather than a game session, wouldn’t he?
February 28th, 2010 at 10:28 pm`
Also there’s some speculation rather than amazing new viruses which you get from even passes across a page* that it’s sometimes an inside job. Current employees or previous employees with a back door.
`
* Which is questionable, because if they were that good they could hack bank accounts easily and we aren’t seeing as many hacked bank accounts as wow accounts (granted, bank hacking is a real criminal offense with prison time attached – hacking a wow account will never result in jail, so maybe they target the safe stuff more)
Quote
If one hacks a bank account or anything of that ilk you have committed a federal crime. Hacking a WoW account means nothing.
The problem is not the hackers. I mean, sure, some people will hack just to do it. But the serious WoW hackers do it for the gold. So the real culprit here is not the hackers but the lazy players who buy the gold. No gold buyers == no hackers. It is just that simple.
March 1st, 2010 at 9:26 amQuote
Even if wow auth is “hacked” its like you said: players get hacked because they do bad things on their computers, such as downloading bots, hacks, miracles programs etc.
Hacked players deserve to get hacked and account banned!
March 1st, 2010 at 10:59 amQuote
This is not a hack.
March 1st, 2010 at 12:45 pmQuote
wow thx Bob. Care to share any more knowledge on the subject and how you came up with that brilliant response or were ya just trolling?
March 1st, 2010 at 2:15 pmQuote
I don’t know why but for some reason people that play MMOs are more subjective to getting “hacked”, virused, phished, etc.
March 1st, 2010 at 6:05 pmQuote
Well said ZaoZao. If people partake in unsafe surfing habits and are lazy with their account passwords/computer security/or let they ankle biting chav kids on their computer then they deserve to get hacked.
March 1st, 2010 at 6:47 pmDon’t come crying to me. LOL !!!
Quote
There’s actually roughly 10 minutes that each code remains valid for. Or so it was, last time I checked, which was about 3 months ago.
They function in that way, due to the margin of error needed because of the nature of the system clock inside of the authenticator itself.
FFXI uses a similar system, but last I checked, it had a 22 minute acceptance period. After that, the codes become invalid, automatically.
Of course, once a code is used, that and any previous to that, become invalid, that’s why it is generally safe.
March 1st, 2010 at 6:58 pmQuote
@Not a WoW player but a computer expert and @ZaoZao:
What a load of crap! So you say that stealing is ok?! Moron!! People like you have to get banned from the net, then the net would be a saver place! Idiots
March 1st, 2010 at 10:59 pmQuote
The authenticator hasn’t been hacked at all. If people were generating codes w/o the device in front of them then people are in trouble. This is simply a man in the middle attack where the authenticator code is stolen from an *ALREADY COMPROMISED* computer and relayed elsewhere.
March 1st, 2010 at 11:55 pmQuote
@ZaoZao and similar asshats:
.
“players get hacked because they do bad things on their computers, such as downloading bots, hacks, miracles programs etc”
.
True, but players also get hacked from a myriad of other non-cheating ways. All it takes is a single download of a single bad file. WoW is so big now, and the chance of getting in trouble for spreading these keyloggers/etc is so low, that this has started to become easy money for these thieves. They can come from anywhere, not just fake cheats and wow-hacks, its not like it hurts them to have keyloggers on computers that don’t play WoW.. As someone who was hacked years ago in classic wow, wishing that on anyone only meas YOU deserve to be hacked.
I can’t imagine how bad this must be in China where a large percentage of people don’t have their own computer, but log in at internet cafe’s.
March 2nd, 2010 at 12:41 pm.
That’s how I got hacked, logged in at a Singapore internet cafe. Looking back now, yea that was a dumb idea, but this was a LONG time ago way before even BC was out. I had a server first of getting the mace: Persuader (Which required 2 BOP regents). I got conned by the fact that ~50 other locals were there playing WoW at that moment (there was a Warcraft III tourney going on). Being in the Navy, I did not log in again for 4 months when we finally got home in Japan. Becasue of that, Blizzard would not replace any of my stuff. Instead my rogue got a full set of random greens, including a single weapon… a dagger of fiery wrath.
Quote
@Seapeabi Sorry, but hacking a wow account or hacking any computer is a crime. There are laws since 1986 that say that any unauthorized use of computer is illegal and punishable. The law makes no distinction between banks and WoW. And people like you who think the victim deserves what they get is indicative of the hacker mentality. It’s not the gold, stupid. It’s the people who think stealing by computer isn’t a real crime.
Time to start punishing the hackers by enforcing the existing laws.
March 2nd, 2010 at 12:48 pmQuote
What I would like to know is how does an authenticator end up on your account when it has been closed for three months. I have never activated an authenticator, but now it asks for one.
I can still change my password which helps. Now waiting for a reply from Blizzard who will hopefully answer intime to re-sub when Cataclysm rolls out
March 5th, 2010 at 5:32 pmQuote
Taranx, unless you play on Galakrond you are not the only one that this has happened to. I agree with Ianal, hacking a Wow account is just as much theft as going after banking information. A lot of time and effort goes into making these ‘toons’ and having some low life steal them on you is just as devastating as losing a car or other belongings to a thief. The laws should be enforced and not a slap on the wrist either.
April 5th, 2010 at 5:32 pmQuote
Well i am hacked becouse a sh*bag, he was selling Spectral swift tiger mount , he gave me code & site i entered and 1 min after someone putted a Authenticater on my account…. And Call center of blizzard is conjested
April 10th, 2010 at 2:59 pmQuote
I’m sorry you got hacked but just to remind you and everyone else that plays WoW….no one should fall for the Spectral tiger scams anymore. I know people spam trade chat all day offering this code but Blizzard made it so you can actually put the card mounts on the Auction House…..so yea…don’t get scammed.
April 16th, 2010 at 8:00 pmQuote
Recently, many accounts on WoW are getting hacked through their registration system. This has nothing to do with viruses, malware, trojans, et cetera. I’m glad I shut down the card that I tied to WoW. Do the same and get your payment information out of Blizzards system.
April 17th, 2010 at 9:15 amQuote
it can be used when you get hacked the hacker kan put it on your acc like there did to min to just been hacked so
April 18th, 2010 at 2:19 pmQuote
well for those of you who like to blame the ‘hackies’ for doing unsafe acts and think its ‘fair’ for it to happen to us your dead wrong.
I work on computers, fix them, and have always warned my brother of the sites he goes to on his computer. I am VERY safe and still, one day, with spyware doctor and avg on (updated of course) and a FRESH vista logged on and was hacked while i was at work…whats even worse that after blizz gave me everything back, a few days later i was kicked offline and checked my email…sure enough had a reset password email…so i huridly logged onto battle.net and reset everything again…i even had an authinticator on the whole time…so explain that…
If its not a disfunctioned/disgrountal blizz employee then idk what it’s…sad thing is i have had my AVG, Spyware Doctor, Adaware plus, and proccess scanner and NOTHING has popped up…i even searched everywhere for that .dll file…nothing…help?
April 30th, 2010 at 6:19 pmQuote
I got haxd yesterday… the funny thing is i dont play wow anymore.. The only reason i found out was for SC2 Beta. suddenly i required a bloody Authenticator code to log onto Battle.net (after logging just hours previous). /sigh xD
May 5th, 2010 at 9:59 amQuote
For those who recently got hacked, there’s something very fishy going on with the addon site, Curse. Also, My boyfriend helped me out with a few virus scans and it took him three hours of scanning using different programs to find the viruses.
May 5th, 2010 at 11:56 pmThe jerks not only deleted and stole all my gear but they completely DELETED a level 80 character. -_-.
I’m now in the process of bugging blizzard to restore everything that the hackers emptied, which includes and entire guild vault. /sigh
Quote
I was hacked earlier this week. I’ve always been careful and I run security software. Even after the hack my scanners didn’t find ANYTHING on my system. After four hours of scans (Avast, Comodo, Webroot, Spybot, CCleaner) I finally found the trojan responsible. Avast detected it while I ran a boot scan. I caught the bloody thief in action, two hours after the account was compromised. The damage seemed minimal. My 80 was stripped, all gold from all my toons gone, and a few stacks from a guild bank. Going on 5 days now & my account is still suspended *sigh* With all the recent talk of “hack increases” and authenticator hacks, I’m wondering if it’s even WORTH going back to playing.
May 6th, 2010 at 11:05 pmQuote
Blizzard made all that money on the Celestial Steeds, you would think they would put some into customer service. Our account got hacked twice in the matter of two days, all precautions were taken.
May 8th, 2010 at 9:09 amQuote
Qix. i cannot imagine how bad that would blow.
I’ve never had any issues with hacking period..
I know lately there have been some issues with addons from Curse.com, and also wowstead. So if your password on wowstead is the same as your WoW password, you should definitely considering changing it.
May 8th, 2010 at 12:53 pmQuote
is it possible for an authenticator be used to hack an account because i didn’t get an authenticator and the next day BAM it asks me for one and my brother says that he thinks someone got an Authenticator and used it too steal my account so now i cant get on and i use virus scans everyday to find the problem.
May 8th, 2010 at 2:07 pmQuote
This what i do every time i put password just like everyone but when I put the numbers from the authenticator I miss then for example I need to put 34114456 I start with 4456 then I click back and put 3311
or I start with 56 and I click back for 341144 you can make it they way you want it also I wait for the last 3 sec to hit enter so they don’t have time to play with numbers
Anotherthing I only use the computer to play wow I don’t even check mail or use internet browser I have a laptop for that stuff I hope this help you HF.
For Alliance!
May 15th, 2010 at 5:26 pmQuote
i had an authenticator key on my account and i got hacked, i have NEVER logged into anything besides Battle.net with that email and password. i know ALOT of people get hacked because they download Add-ons, so in reality we didnt deserve to get hacked. get your facts straight, now the ones that do log into other sites with the same info do deserve to get hacked but too much money gets put into these things for Blizzard too let people keep getting these. they really need a security system.
May 21st, 2010 at 6:22 pmQuote
I’ve used an authenticator for years, I’ve never been hacked. I visit any site I want, I install addons from Curse.
Dont’ be an idiot and install stuff, get an authenticator and you will never be hacked.
May 22nd, 2010 at 1:55 pmQuote
@mine didn’t get hacked: The whole problem here IS the authenticator code. Someone got hacked for who knows why, and the bloody no-lifer decided to put an authenticator code on there. Now, they can’t reach their own battle.net account. That’s the whole problem. The so called “safe” Authenticator code has everyone, including me, in a mess.
May 26th, 2010 at 11:45 amQuote
In Windows, there are many operating system “hooks” that are used by anti-virus, firewall, and other program applications. Malware applications, however obtained (stupidity, or zero-day system or application exploits not requiring stupidity), use these hooks too, especially keyloggers. If the malware has access to internet and it can see what tasks are running on the computer and it can see everything that gets typed or otherwise input (such as by USB) then, especially if the computer is fast and so is its internet connection, there isn’t really any way to design an authenticator that can not be thwarted if the user has to type something for the authentication.
But. If Blizzard were to record the “Machine ID” of each authenticator and keep that associated with an account and send a request for it at a randomly changing time during the login AND the authenticator replied to the WoW client that forwards that reply in encrypted format to the WoW server WITHOUT the user having to do anything (no typing!) but press a button on the authenticator then it seems to me that would make it impossible for a “man in the middle” attack happening on a compromised WoW client computer. Am I wrong? So why isn’t it being done?
May 29th, 2010 at 6:58 pmQuote
Heh the spectral tiger phishers are out, contacted blizz gave them my alt email but never received anything to chnange the email,now my accounts just floating around but the phisher can’t get it I believe
June 10th, 2010 at 4:49 amQuote
If you think your account can be hacked with an authenticator, Think again. Authenticators are proven Security Tools used by Many Governmental Agencies.
The Absolute sure fire way that your account can get hacked is if the hacker breaks into your house and steals your authenticator. (unlikely)
No other way possible & honestly i just don’t believe anyone who claims otherwise.
Sorry but i think all the stories of the Authenticator Hacked account are just total bullshit.
June 14th, 2010 at 6:08 pmQuote
@Moose and other non-believers…
June 15th, 2010 at 4:28 amOur Guild leader was just hacked over the weekend, along with 4-5 other accounts in the guild.
The GL had an authenticator on her account, and she still got hacked. Guild bank cleaned out, and all toons stripped. Explain how it happened to her please, because Blizzard can’t.
Oh that is right, everything I just typed is bullshit…open your eyes, it can and does happen.
Quote
i had no AUTHENTICATOR attached to my account.
June 19th, 2010 at 7:52 pmi was hacked gear,gold and items stolen.
and this is the wierd part, they, the hacker, attached an AUTHENTICATOR to the account.
after i got back on and after a fortnight wait to get my gear back.
3 days later i was hacked again and the AUTHENTICATOR is now active and i cant get on.
Quote
i cant get the password i never got the password and i never even had that and now today i have the dang authenticator and i cant log on to any of my stuff for wow so fix this cause i worked way to hard to lose all my stuff and account so pls just fix and i have been getting hacked before
June 19th, 2010 at 11:25 pmQuote
i am gm of my guild, and i got hacked. when i went to log in to my account it asked for an authenticator code, which i don’t even own one, so i dont know what happens from here.
June 20th, 2010 at 1:48 amQuote
I myself am a computer tech and have an authenticator. Untill last night I didn’t understand how anyone who has authenticator, internet security, and doesn’t buy gold or anything else to comprimise there account could be hacked. I have been playing for two years without a problem and have a deticated email just for my wow account. I came home and logged on to wow to find out my authenticator code wasn’t working. I tried to log on to my battle.net account and my password was invalid. I had to do the security question and send a password reset to my email and found that there was one in my inbox already. Ichangedmy password and my toon had been moved. I scanned my computer and searched for emcor.dll and found nothing.
June 22nd, 2010 at 10:16 amQuote
Yep, just got hacked, no emcor.dll file, am being asked for the authenticator code that i never had. never used addons, pw was unique to account, also reset, got middleman scammed.
It’s sad and I’m expecting the worse lol
June 30th, 2010 at 5:13 amQuote
Mark…the same thing happened to me today.
July 1st, 2010 at 3:14 amI got hacked and the thing is asking for the authenticator that i never had.
Im really fucking pissed
Quote
i got hacked andt said to put in a authenticator code that i never put on my account so now i cant play
i just wanna get rid of the code but that takes a while and i dont even know what to do to get rid of it
do any of you know the easiest way to fix this promblem i dont care if it takes a week i just wanna make sure it works
July 3rd, 2010 at 6:27 pmQuote
by the way if you could make it not a very complecated way that would be better
July 3rd, 2010 at 6:36 pmQuote
Justin, the best thing to do would be to contact Blizzard. In most all cases, their support staff can recover your account and replace stolen/missing items and gold, and also retrieve deleted or transferred characters (toons).
July 4th, 2010 at 7:44 amQuote
This authenticator thing is crap i have so many toons and all at 70+ i cant log into my account and all my ghard work is down the drain. and to beat that i dont remember getting a code
July 4th, 2010 at 11:23 amQuote
Hmm…well..I’m not sure if I happy I’m not alone or really depressed to see so many others with the same issue. Have an account that suddenly has an authenticator associated with it. Having not purchased or used an authenticator it appears I have been hacked. Have called help and told they have too high a volume to even leave a message. Got an auto reply to the online submission form for help. My advice, if you see this – is call for support right away. By the time you see this message I think you’ve already been compromised. Anything you do at that point to change the account info will only allow a screen reader to grab more info.
July 5th, 2010 at 3:56 pm“Blizzwinifre – Hello! Blizzard game system scan to your game account a violation of rules of the game’s virtual currency trading. Please vist our website http://wow.battlenet-account. info/ review your account information or we will suspend your account,”
Quote
my account also suddenly has an authenticator attached to it, sent a message to Blizz and got an auto-reply. i havent even played since may, and i DID have curse client, which i will never use again. im thinking that once i get my account back i should definitely do a complete reformat of my HDD.
July 6th, 2010 at 11:56 amQuote
Also, i dont think anything was stolen from my account since it was inactive when it was hacked lol, unless the hackers want to pay for my gametime, guess being a cheapass can pay off.
July 6th, 2010 at 11:57 amQuote
I’m in the same boat as everyone else…asking for the authenticator that i never attached. I logged into the WoW forums and looked at my own profile and i have about 20 new characters at lvl 1. I didn’t even have any time left on my account! So it looks like someone’s in my account. i keep scanning my pc for viruses and such but nothing comes up. Emailed Blizzard about 4 days ago and i haven’t heard anything. I hope this gets fixed soon.
July 6th, 2010 at 10:31 pmQuote
thanks tony do you know what the number for the support team is?
July 7th, 2010 at 1:29 pmQuote
Well I have just been hacked like all of you. What happened was I had recieved an in game mail in my mailbox that read something lik “Congrats on hitting lvl 80! Come check out the new hero class for Cataclysm at our web site xxxxxxxxxxxx and you will recieve an in game gift” Do not go to that web site. It looks exactly like the cataclysm web site even the links take you to real wow sites. If you click on the video below the goblin and wargen info links it wont work though. What I sugest is that if you get directed in game or out of game to report to a web site and you have to enter you login and PW for it, enter a false one first and if it allows you to log in then you know for sure it is false. as fare as viruses and those things i have no idea what to do. From reading all of these posts i have gathered that even the virus sacns arent picking them up. I think that maybe some of these computer experts that post on here should offer options blizzard and or the user can do to fix this problem. I feel as if someone has come into my house and stolen from me because that is pretty much what has happened. I pay for this account and I give my time to it and for someone to come and take that from me isnt right at all. If you have been hacked and you are scared of whats going on with your chars you can check them on the wow armory site. The first thing I recomend you to do is change your password asap. If they are using that authinticator (dont think i spelled that righ) to keep you from getting into your account then they also need the password. If you change one it should prevent them from gaining any more access to your account. What if one way to fix the problem would be for blizard to create their own anti hack softwear that they include in the instalation of the game that is spacific for their game and their softwear only? I dont know much about softwear and computer systems but that sounds like it could work better then using a program that is built for everything on your computer instead of a single program built to protect a spacific program.
July 8th, 2010 at 3:18 pmTell me what you think
Quote
All the comments I’ve seen have the same issue! My self also haves the same issue with the Authenticator code on my account, which I never bought or had bought one before! The first thing you need to do is contact Blizzard (US) or Blizzard (EU), it will take up to three weeks for them to fix it…
July 10th, 2010 at 4:31 pmQuote
I went to log in to play wow today and it asked me for an authenticator code and I’ve never purchased an authenticator. I went to wowheroes.com and all of my toons have been cleaned out. I refuse to start over and may again play WOW when Blizzard finds a way to outsmart these hackers.
July 10th, 2010 at 4:39 pmQuote
I’m just gonna quit playing WOW. What’s the point of starting all over and having this happen again. What am I gonna do with all my free time?
July 10th, 2010 at 9:51 pmQuote
I agree….same with my account. All of a sudden an authenticator shows up on the account. The account password or e-mail not changed, because those can be tracked to an IP address. Something wrong with the authenticators imho.
July 11th, 2010 at 2:12 pmQuote
this is the 3rd time my account has been hacked!!blizzard makes some much money, i dont understand why our wow account is so easily hacked..they need to out smart these hackers
July 14th, 2010 at 8:43 pmQuote
There is more to this than Blizzard is admitting. My account was apparently hacked — I got banned for sending spam email to people which I know I didn’t do. I run a clean machine, every patch up to date on 64-bit Vista (which is a lot tougher to infect than 32 bit if you leave all the administrator controls on). But just to be sure I hadn’t somehow slipped up in my old age, I ran multiple anti-virus product scans, spyware tools, and even root-kit detectors like GMER. I scanned everything. Multiple times. The machine is perfectly clean.
I didn’t visit any phishing sites, or use my email to log in to any other WoW site other than Blizzard’s own BattleNET forums and their WoW Armory. Still, I got hacked.
So you tell me — how did someone get my password? Methinks it’s about time they started looking at their own forum security because I am not the only person making this claim. Even the so-called “Authenticator” you can buy from them for $6.50 has now been hacked. The problem is completely out of control (customer service is so backed up you can’t even get through anymore) and they just keep blaming it on the users. And most of you keep buying their story and blaming it on user error. That’s the oldest developer trick in the book — it’s uh…user error…yeah.
Want to do some investigative journalism here at MMO Crunch? I suggest you set up 20 new accounts on crystal clean machines and keep them in a controlled environment. Log onto the Official Forums, the game and Armory daily, but don’t do anything else with those boxes. I bet you at least one of the accounts gets hacked within two weeks.
Then perhaps you will start to believe us.
July 15th, 2010 at 12:40 amQuote
Not only did I have an authenticaor put on my account and my shit all gone but the keylogger gave me a virus that ate my whole operating system….. wow hackers are becoming worse….
July 15th, 2010 at 5:50 amQuote
I started a new account on Wendnesday and I have been hacked already. I only have a lvl 14 priest on the account! I’m required to input an authenticator code which I didn’t even knew existed before this… It’s been literally 3 days and it’s been hacked!! I’m glad it happened so soon and I didn’t invest too much money/time into this account. No more WoW for me… maybe I’ll try a private server…
July 17th, 2010 at 3:03 pmQuote
I WUZ HACKED IT IZ BLIZ FAULT
Grow up you damn children… they’re on your side.
“They should be able to outsmart them”
You know what, that’s stupid. It’s been years and they can’t even stop music piracy, you think there’s a magic bullet for this? Invent it, sell it to them.
Fact of the matter is that they’re some creative fucks, and the auth was blizz’s counter to the general phishing bullshit that people fall for. I wouldn’t doubt that they’ll counter this in some way if it becomes common.
But the general whining feeling of entitlement that I’m seeing from you butt-hurt children is disgusting and you should be ashamed. yeah, you got hacked, but Blizz didn’t hack your shit and give out your password… some douchebag gold-farmer did. Direct your little pissy fit toward the problem, not the people who are trying to help.
Fucking modern culture… ‘baw, something went wrong so I should be treated special’
July 17th, 2010 at 10:02 pmQuote
I agree with dig on his comment. I also want to add that if your account has been hacked and you have the authenticator then most likely you gave out your authenticator to someone else. I’ve been playing a very long time and honestly out of all the times I’ve used my authenticator (which is on my iPhone) I have not once had a problem. For those who complain about authenticator codes newly on thier accounts I sympathize but also recommend getting an authenticator to avoid that from happening. Lastly a lot of emails have been sent to account emails about being banned for spamming and other suck nonsense. They’re fake even though they look real. The most obvious sign is bad spelling or sentences that sound unproffesional. I guarantee you go on your account and play you will notice there is no problems. They’re trying to get info from you by asking for account information. I cannot express enough times that blizzard does not need your password. I have recieved these emails as well.
July 18th, 2010 at 5:11 pmQuote
Well I just got hacked. after 5years of playing this game. I was a little shocked. All my money was taken. any items that could be sold for money sold. I changed the password on my account after it was changed.. I know my system is clean. Im a little shocked that it happen. I am and always have been maticulous in browseing websites. Not sure how or why it happened but. Oh wells I was just waiting for my prepaid account time to expire before stopping for good. However since my wow password is the same as my battle.net password its an issue since I would like to play Sc2 and other games that are tied into that account. its sad that the authenticator which i was thinking of getting to place on my battle.net to make it safe now is reported as being crackable. Some
July 18th, 2010 at 7:50 pmQuote
I returned from Lisbon and had a message regarding my account being suspended for three hours due to unauthorized activity. Needless to say, this wasn’t me so I tried to log on to see what happened. But I can’t because it wants an Authenticator code, and I never applied for one. I emailed WoW and got a response that they would get back to me but that it might take several days. This is it for me for WoW, time to try Red Dead Redemption.
July 19th, 2010 at 12:04 pmQuote
the exact same thing just happened to me Brooklyn Bar Man! I’ve never used an authenticator, also run a clean machine, and have been playing wow since it was first released without ever being hacked before. This is simply ridiculous.
July 19th, 2010 at 9:41 pmQuote
Same thing happened to me. I was asked to enter an authenticator code which I never applied to my account. THink I got hacked using a fake wow armory website. Sent an email yesterday to Blizzard, of coure I haven’t got a reply yet. If Blizzard was a Bank or a credit card company their security service would be a running gag.
Maybe I’ll be able to play again before Christmas.
July 20th, 2010 at 6:10 pmQuote
Funny how the authenticator has become hacker’s best friend.
July 20th, 2010 at 10:22 pmQuote
Anyone knows how long it takes to Blizzard to remove the hacker installed authenticator?
July 21st, 2010 at 6:41 amQuote
I keep getting emails saying i’ve done something wrong in WoW but thing is i havent been on since school was let out i dont have the file on my computer or say ive searched but my computer has a virus that causes many issues like it wont even turn on or it will crash with even the slightest movement really annoying (this is my 3rd attempt to write this using my computer)
July 21st, 2010 at 7:21 pmQuote
Oh and another thing why do these hackers want to hack us so badly if they keep it up they wont have any people to sell their farmed gold to since everyone will most likely quit
July 21st, 2010 at 7:23 pmQuote
Rikki, you don’t know what you’re talking about did you even read what people say when you said “i recomend everyone gets authenticator” why i would waste my money on getting one (i don’t have iphone) when people just reported it’s crackable. 2) No, the emails we got were not spam, it’s for real, we been banned for 3 days and our stuff was stolen.
And Dig, are you an idiot? How can you compare music piracy to hacking account? Nobody can stop you from making a copy of a music, but preventing hackers from stealing your account that should a be job done by a company that earns 165 million dollars every month (11 million users x 15 bucks a month) Next time your real bank account gets hacked, i’ll see what tune you’re going to sing next.
July 24th, 2010 at 9:04 pmQuote
this article or what it would be called is not for u who is hacked WITHOUT the authenticator… it is easly done when u do not have an authenticator… i was hacked and my dad said that i should have an authenticator and i have never been hacked since… all u got to do to not getting hacked is:get an authenticator(buhu 6$ buhu… comeon) and:only read mails that ends on @blizzard.com
July 25th, 2010 at 8:23 pmand dont download anything like wowkeygen or wowhack or anything like that it is all virus… virus, virus and again it is just pure virus.
Quote
A good idea would be download some good virus software. I deal with these problems all the time and the ones we use at my shop are, Avast, Malwarebytes and Spywaredoctor. Also Ccleaner is a good idea for keeping your computer running. These are almost all freeware except for spyware doctor which you can easily find a cracked version for. Please start using some protection people.
July 26th, 2010 at 4:51 amQuote
I got hacked and some one put a code onto my account and i dont know how to get the code so if u could tell me what to do i will be very greatfull
August 1st, 2010 at 6:08 pmQuote
Well i’ve recently been hacked luckily I got my account back but only with 2 accounts… My main and another account so i’m still grateful I have my main but they deleted all the others and then they made around 33 taurens 1 human and 1 orc to spam 3rd party services….. The reason it happened was because my friend got key logged and I played at his house and my other friend got hacked and put an authenticator on his account but I was lucky they didn’t put one on mine. $6 is totally worth it for the authenticator or download an app on the iphone/itouch GET THE AUTHENTICATOR!
August 3rd, 2010 at 11:53 amQuote
hi yeah this is the 2nd time mines been hacked and its really anoying as soon as i make another account that one has bee nhacked to and i keep having to repay the boxes so they should do something about that like a code that can only be used for that computer instead of binded to your account :S
August 5th, 2010 at 6:32 amQuote
see i got this problem solved once .. all you have to do is call blizzard .. ” u can call them for FREE using skype” waiting time is actually long .. took me about 1 hour 20 minutes
costumer support will help remove it directly when u give them the answer to your secret question and Classic wow CD key
might be something else .. but it’s just general info :)
———————–
but then i applied my OWN authenticator again logged in was doing icc 25 … all of a sudden i got Dced then i tried logging back again using my authenticator code and password .. it didn’t work :s and i dont even have the encor.dll thing .. anyone had this happening?
August 5th, 2010 at 6:09 pmQuote
The clean machine test has been tried, and failed (or succeeded depending on your viewpoint). They got hacked. It’s a problem with Blizzard’s own security. There are people who have disabled their accounts and haven’t logged in or typed their passwords for 8 or 9 months that have gotten hacked recently.
which isn’t to say run wild giving away your password and downloading viruses. you can still get hacked the old fashion way by being an idiot. but for those of you feeling like you’ve done everything right… you probably did. Sorry :/
August 5th, 2010 at 8:17 pmQuote
buy a mac. problem solved. i have been running on my osx for 2 years now, not a single virus ( and i visit some sites that would give a vista system a virus guaranteed ;)) i have been playing wow on this laptop for two years now and ive never had this problem. i have been sent e-mails from some blizzard impersonators before requesting that i “change my account information” or i have “violated the terms of use, and urgent action is required”, along with these messages would be a link for me to click, for example, a link like : http://www.usa.battle.net (pulled that out of my head) would be attatched. i did enter those sites, and my opperating system always told me ( on three occasions ) “that the website you are trying to view has been flagged as a PHISHING website, a report has been sent” and it would navigate me back to my e-mail where i would delete the messages. all im trying to say is, don’t fall for these tricks, and unless you running a mac (or a windows with government type security) don’t look at… well…. you know… those kinds of websites. trust me, i used to have a windows with norton security, it was loaded with trojans and keyloggers in a matter of months.
August 10th, 2010 at 5:13 pmQuote
I haven’t played WoW in months. I use a Mac. I’ve used only Google Chrome since it came out, with all the alerts in place for suspicious sites. I played WoW for five years without ever getting hacked. No viruses or trojans, always behind a firewall on a network protected with an absurdly secure password — I can’t even memorize it, we have to keep it written down and hidden in a locked drawer. The password on my account is very strong.
Today, I got e-mails from Blizz saying my password had been changed. I was dubious so I didn’t click anything and manually opened my browser and went to the account page myself. Yup, hacked… but how in the world?
I don’t know if it’s Blizz’s security itself that’s bad because I haven’t posted to the WoW forums in years; if it is Blizz, that means that the leak is not as clearcut as posting on the forums. I am skeptical that it is Blizz’s security, though; I’d like to hear more about the test Kim mentioned before I’m convinced. It would certainly make me feel like less of a fuck up to know it’s Blizz.
What I do wonder, however, is if some old WoW forum or website got hacked. Why? Because back when I started playing, your account name was not the same as your e-mail — it was just a word/name you made up. When I registered for WoW websites I didn’t think much of using my usual e-mail/password combo because it wouldn’t be connected to my account in any way. But after the Battle.net change, your e-mail address became your account handle, which suddenly makes the registration info I put into websites years ago a way to hack into my account. Plus, if that’s the case, it wouldn’t matter that I hadn’t played for months; the info is still lying dormant stored in those old website databases. I wouldn’t had to type it in months.
That, to me, seems more likely than Blizz not keeping their account info secure enough.
Granted, using the same e-mail/password combo for many sites is sloppy and I take responsibility for that — I’m not trying to blame anyone, but that is the weak point (at least for me) and where I would start looking to find the source of the hacking. I have a very strong password that no one could ever *guess* and that gave me a false sense of security — but if someone got access to a whole database of e-mails and passwords, it doesn’t matter how hard the passwords are to guess because they don’t *have* to guess. The passwords are just right there — maybe encrypted, not that it matters too much at that point. I’m sure some other people might be in the same boat: super-vigilant about websites and trojans, never signed up for a website with what was their WoW account info *at the time,* always made sure their password was really strong… but are a bit lax about using the same e-mail/password log-in for everything.
So, what sites could be the source of this? I don’t want to alarm anyone or point fingers, but we should share what sites we’ve registered for. Since it’s been so long since I looked at WoW stuff, the only two things I can come up with are:
Curse
Elitist Jerks
And maybe wowinterface.com; I can’t recall if I ever registered, but it seems plausible. I can say with some confidence I’ve never registered for any of the other popular off-site WoW forums or blogs.
Anyone else want to help me see if we can narrow it down? Note that you don’t necessarily have to use your e-mail to log-in to a site, you just have to give them the e-mail at some point in the registration process, and then have used the same password you used for your WoW account.
August 13th, 2010 at 3:34 pmQuote
for the authenticator…. use a soft keyboard… yes thats right a keyboard that you have to click and it scrambles the numbers every time you click… like on maple story
only reason why the hackers are getting your authenticator is because you’re typing it out.
When the window pops up for the auth. it triggers the virus or “key logger” as some would like to say it records your key strokes and sends them back to the originator of the virus and gives you the error message.
so, use the soft keyboard Microsoft gives you while running wow in windowed mode for that short amt. of time until blizz gets smart and puts their own soft keyboard in the wow program
August 13th, 2010 at 10:41 pmQuote
i have a authenticator and now it is not working and i cant log on
August 14th, 2010 at 2:58 pmQuote
can you help me
August 14th, 2010 at 3:02 pmQuote
Hacked… on a completely virus free computer…
August 16th, 2010 at 1:37 pmCan’t believe it took a hacking to realize I should finally give up on WoW.
I’m not spending money on getting a new account and all those upgrades again.
Quote
its your f**king addons u cant trust most of them out there ive been hacked twice and all i did was download the explorer addon it could not be detected by virus scans but i found it by my self in the addon
August 17th, 2010 at 9:07 pmQuote
well, my wow account was dead for about a month now and when i try to log in to add a time card, my battle net asks me for an authenticator which i did not but. my computer is completely clean too…
August 20th, 2010 at 1:19 amQuote
My character is hacked at this moment. I was suspended for 72 hours and they sent me a faq’s on blizzards website about antigold. this is the 2nd time I was hacked,, the first time was a gold seller, and the second time is probably.. a gold seller. So how did I get hacked?
1/ I have an auth – this auth NEVER leaves my house – I have no children – I do not account share. I’m not retarded enough to “give” someone my auth serial number.. or even codes.
2/ I have maybe, 5 websites I visit on a daily basis.. and if someone sends me a link.. im not going to go “OMG LINK! -click-!”
3/ I have never received a phishing email or any emails from “blizzard” telling me to visit their website, other then when I registered, and now telling me A) my password was changed and B) now im suspended.
4/ I do not have a file named emcore or emcor.dll on my machine
5/ Ran multiple scans with multiple AV’s and Spyware, nothing came back.
6/ My character was already logged in…I got kicked off, then my password was changed.
So what’s the deal?
August 20th, 2010 at 7:16 pmQuote
Yeah i just got hacked a few minutes ago too, everything coincides with what cynthia said. I was kicked off and password changed as i was levelling druid
August 21st, 2010 at 4:42 amQuote
Ya so sure enough my account was hacked today. I have played for 5 years. I get stupid emails but never even open them. I have an authenticator. I run a clean machine. How does it happen?
/still on hold with blizzard atm
August 21st, 2010 at 9:58 pm/sigh
Quote
If Blizz REALLY wanted to fix this problem without cost to the player, they could always add a VIRTUAL KEYBOARD on the login screen. Easy fix.. hook line, sinker.. DONE. A virtual keyboard with a password requirement of at least 2 caps, 2 numeric, 2 special characters and many other characters is nearly a foolproof line of defense against hackers.. I was hacked with a SQUEEKY clean machine. I ran spybot s&d, hitman pro, avg, norton, malwarebytes, stopzilla, TM security suite.. among others. No threats identified. Period. I run those every three days or EVERY single time I download ANY mod or update. No exceptions! I quit wow shortly before ICC came out. I was a hardcore raider, having Ulda on farm and many of the bosses down HM. Anyhow, I did not touch my account since that time. 3 months later, it was hacked. It took blizz 4 months to repair the issue.. the hacker did a back-charge to retrieve his/her money spent durring the hacked time. Blizz footed me the bill for 6 accounts being hacked for 7 months at $15 a peice. I ended up paying to get my accounts returned and re-secured in case I desired to come back durring cata. A couple months later, the entire process repeated it’s self and blizz is footing me another bill!
Long story short, here is an EXAMPLE of my email and pw (After the first time entered, my PW was placed on a word doccument along with the email addy.. to log in, they were copied and pasted into the login info tabs)
EXAMPLE EMAIL:
B!gS(urRyd3wd931@whatevea.com
EXAMPLE PW:
H3!!oJeLl031ILike
I think it has something to do with blizz’s security.. I haven’t logged into the account since quitting EXCEPT to re-secure it.. and I resecured it on a BRAND NEW out of the box laptop from ibuypower. Only items i installed were the antivirus and spyware protectors and registry cleaners for future use.. all were dl’ed at cnet.
August 22nd, 2010 at 1:30 pmQuote
This issue has been getting worse since the battle.net has been out and everyone having to use it for their account info. I’m not taking blame for viruses, spyware, addons, etc. This is a blizzard problem and not 100% player. They really need to get their crap together. As of next month when my game time runs out I’m quitting for good unless they start to get a handle on this situation.
August 23rd, 2010 at 5:30 pmQuote
I think the authenticator is worth every penny… my friend irl said that if you have an advanced keylogger and you have logged in 50 times with the authentiacator it would be cracked thats only if you have an advanced keylogger now i have been hacked 4 times 3 of those times were keylogged and i learned my lesson 1 of those times were just random. every time i got hacked i called blizz (1-800-592-5499) and i got my account back but im sure if u have the authenticator its a 99.9% chance that you wont get hacked and it’s a .1% chance that you will.
August 31st, 2010 at 10:08 pmQuote
my acct was hacked after 4 years. Thing is we caugt it within 2 weeks of them doing it. 23 minutes on hold with bliz, a username and password change, mail sent to in game gms authenticaor they put on removed AND Me being allowed to retrieve all my stuff…. Priceless. Blizz is there and will help. Yes it’s a pain in the butt to be on hold and have to wait but seriously..it only took like an hour before the guild crap was restored apology letters were out and my acct fully restored. See my acct had been frozen in jan 2010 and they just got it on sept 4th. I hadn’t used it in months nor had I used any sites. Thankfully a RL frend called n told me my toons were online and getting achievements and well to the hacker thx for the core hound pup and the gold you helped me make. Hope you enjoy a dead authenticator. :)
September 15th, 2010 at 10:52 amQuote
there are 2 ways you get hacked, either by malware (virus/keylogger) or by brute forcing your password.
the latter is easy to avoid with an authenticator, seeing as even the best passwords can be guessed given enough time.
the former is easy to avoid if even a little care is taken while browsing. don’t go to sites you don’t know anything about, if you are suspicious (and you should be most of the time) google it and see if its a malicious site.
and don’t go to a single site you ever see posted in-game. 99% it will be a keylogger
anyone with half a brain doesn’t get hacked. end of
even if you do get hacked it takes a week at most to get your stuff back, no big deal
September 18th, 2010 at 5:07 pmQuote
With everyone claiming a clean computer perhaps the issue is a server along the way? Perhaps your computer is clean, is your ISP?
September 23rd, 2010 at 12:21 amQuote
lets see , if u have an authenticator then the only way for u to get hacked is by a mate going on ur acc and disabling ur authenticator probs ?
September 27th, 2010 at 3:00 ambut everyone that complains about getting hacked etc. ive been hacked twice . both times i got everything back because i reported it to bliz with full evidence that its my account etc .
the only way for hackers to get ur username or email is if u bought wow gold or plvl or something like that .
easiest way to prevent it is get an authenticator . keep it with u at all times , dont let anyone else go onto ur account , DONT buy wow gold ! , play clean and follow bliz rules and u wont get hacked again .
Quote
Maybe i’m missing something. That isn’t exactly an authenticator failure, that’s a failure of WoW-players to secure their machines. In truth, a lot of people don’t bother themselves to secure their machines.
That last poster is also correct, buying gold is stupid and gives away your security. As well, this trend of everyone having each others password is baby-crap too, don’t give out your info to anyone ever, and it wont happen. Their is only ONE time I was ever hacked and that was the first week I had ever played WoW; I gave someone I trusted my info, and what I ended up with was a hacked account.
September 29th, 2010 at 11:24 pmQuote
The majority of all people who get their accounts stolen are because of key loggers. A virus scanner is no guarantee that you are protected. They can even slip through firewalls. No guarantee’s that anti-spyware will catch them either. These little buggers can be hid in very good places.
Key loggers can read anything you copy to clip board example (Ctrl + C), they can take screen shots, track your mouse clicks, access your web-cams. Some can even record sounds too. Virtual key boards can also be tracked. Just need to take a screen shot every time the mouse is clicked.
For people blaming blizzard. If wow servers were being hacked, they would want to fix that fast. Don’t you think that blizzard wants to protect their multimillion dolor investments? They probably use just as much protection as government servers.
A cool little add on for Firefox is called WOT. Get it! People have rated most web pages and will even leave comments. Avoid all the pages that have red circles next to them.
October 6th, 2010 at 10:03 amQuote
Check this one out:
October 7th, 2010 at 6:31 pmSo things in my life had got a little bumpy, and I decided to let my world of warcraft account expire. In February my account fully expired, and the game was turned off.
For 4 full months my account sat dormant without problems.
Then one day in June I received a call from a friend that still played and he was asking when I gotten back into the game?
I told him I hadn’t, and that I had no plans till the new expansion came out. I explained to him I was busy with my real life at the moment.
At that point he informed me that my character was running around the bank right in front of them.
I thought about it for a sec and got kind of happy. I knew I could just access my old account kick the hacker and regain control over my account for free.
I logged into wow got a bad password message than logged in to my account through the website and changed the password and downloaded the authenticator.
Next I logged back into WOW checked out the guild bank and my personal back and started chatting with old friends!!!!
Awesome, free games are more fun than paid for ones!
I Started thinking about the series of events that just occurred, and was relishing in the thought that I was now able to play WOW for free on some hackers dime!
But the party was short lived. The more I thought about it the more it didn’t make sense.
One of two things had to have happened for someone to get my account info and reinstate it the way they did.
Either someone had hacked my account long before that day, and never acted on it. Or someone inside Blizzard was reinstating old accounts for personal gain.
I figured the latter reason was pretty farfetched but not impossible.
The story gets stranger.
Next, Blizzard started sending me e-mails, and lots of them.
So many, that I started getting suspicious about whether they were real.
These emails where absolutely real looking.
There was no difference between them, and the ones that where a direct responses that I have received in the past from Blizzard.
Mostly these e-mails where asking me to take a quality survey, inquiries about account activity etc.
Well I never responded to them, but it didn’t take long for Blizzard to turn off my account.
I guess they figured out what the hackers had done, realized that I didn’t pay them for the time on the account, or perhaps even someone used a scroll of resurrection “Bring an old player back” offer to open the account.
Either way, the account was off again and that’s where I left it for several months.
So flash forward 3 months to now.
I recently read that the expansion will be coming out this Christmas, and I am in place in my life where I have the time to play again.
I go to log into my account again and cant.
Wrong information it says.
I contacted Blizzard and waited the traditional 45 minutes to talk to a rep.
The guy there listens to my little story and he says “no problem” will get you patched up.
“Use this temp link to reactivate your account and have a nice day”. That was painless minus the 45 minutes on hold.
Used the link, changed the password and waaaala! you have entered the wrong information.
OK maybe I did it wrong. Changed the password again, plugged in the authenticator code and still nothing.
At this point I have tried everything.
I have changed my password numerous times, contacted customer support several times, only to be told that there is nothing on their end stopping me from logging into my account.
I am at my wits end now.
I am starting to feel like maybe I am not supposed to play WOW anymore.
If anyone has any suggestions on what I could possibly try to fix this I would appreciate it.
After talking to the Blizzard representative I am pretty discouraged.
He pretty much told me that Blizzard has lost the battle in controlling the email situation.
He said the hackers can emulate anything they do and I quote “Don’t trust any E-mail period”.
He told me that the best thing I can do is just call them to deal with the problem.
Now I think I understand why they call it WOW!
Quote
Have you guys not realized Blizzard does it for the money.
i bet you the hackers are them.
October 14th, 2010 at 4:12 pmforcing you to buy that stupid little authenticator.
quick 5$ profit to their name, at 12million users that a shit load of cash :)
Quote
what they need to do is remove the desire to hack instead of focusing on making the actual process harder.
Disallowing prepaid visas would be a good start, this would keep hackers from easily being able to transfer your toons from server to server to pawn off your things while you sleep and be untraceable. Because this is what they are doing when they get into your account. Make this impossible and a lot of it will stop. The amount of people being hacked SKY rocketed when those type of prepaid gift cards were introduced to store shelves, dont bleave me? do the research it is proven, and not just for wow for lots of online games with similar capabilities.
The Most determined could still use stolen creditcards but then the FBI gets invloved and they face serious jailtime above and beyond what they are contending with using the prepaid card method.
It would immediatly reduce the number of hacked accounts, because the risk wouldnt be worth it to as many hackers out there/
ALSO worldofwarcraft.com COULD sell gold to users! this im sure will never happen but it would imediatly wipe out the gold farming comunitiy.
October 29th, 2010 at 6:31 pmQuote
Get a mac.
November 3rd, 2010 at 10:32 pmQuote
my account got hacked and i have athenticator….how is this?
November 4th, 2010 at 9:40 pmQuote
Unfortunately a lot of people are now complaining about these Authenticators. Blizzard (probably for legal reasons) are denying everything; but we now believe almost for certain that inside trading is going on inside Blizzard; selling accounts and gold and what have you without anyone’s knowledge. It is the sheer number of people being hacked that is the problem. A friend of mine recently got hacked and he had an authenticator on his account and didnt even use his computer 3 months. During the hack; Blizzard closed his account for gold selling. How is that possible?
Unfortunately Wow is no longer a safe game to play – and if you use Battlenet there is a risk you could give your bank details to hackers. It is big buisiness and probably the reason Game Masters could be selling peoples accounts without their knowledge.
Again – a belief; but I know heaps of people now (not a few) who are getting hacked and Blizzard claiming middle man attacks.
What is that? Especially when most of us know how to use antivirus programs.
Personally – it is time to quit Warcraft. Blizzard are not being honest; and this authenticator thing – is simply another scam made to make you spend more money.
November 24th, 2010 at 8:34 pmQuote
I agree something seems to be going on. I have used a Mac the entire time I have played WOW (4 years now) and just got hacked sometime before 10:00 PM Nov 25 and 3:45 AM Nov 26 MST. The ironic thing I got a “warning” supposedly from Blizzard on the Nov 21 that got caught in my spam box so I missed it (if it was genuine). So I am doing the battlenet restore thing and getting an authenticator.
November 26th, 2010 at 1:51 pmQuote
You people don’t really believe Blizzard are selling players account information do you? Honestly take a step back and consider this for a moment.
#1 The Authenticator is really quite cheap. In fact if you have an iPhone or iPod Touch you can download it free of charge.
#2 If Blizzard were selling account information – why would they even have introduced an Authenticator and methods to get back absolutely everything you lose?
#3 Blizzard are a company out to make money, while gold farming is rumored to be worth 1 billion USD worldwide I highly doubt all of that is from World of Warcraft. No, chances are Blizzard are quite happy with the player base they already have.
These conspiracy theories really need to end gentlemen because in truth it makes absolutely zero sense.
November 28th, 2010 at 6:12 pmQuote
I agree with Steven. Don’t jump to conclusions. PC Security is an emerging battlefield, and it’s a shame legitimate users are being victimized again and again, but Blizz would have no interest in victimizing its own users. How many people have quit WoW because of being hacked? Many I bet; it’s just not conductive to the business model.
As for PC Security itself, it’s a losing battle, fueled by greed and graft. Someday it’ll come down to policing the internet and restricting and securing computers in general, but that day is a long ways away. Until then we are left scurrying to preliminarily circumvent all their methods of attack and subterfuge.
Somebody set us up the bomb! All your base are belong to us make your time…
November 29th, 2010 at 2:30 pmQuote
#1 The Authenticator is really quite cheap. In fact if you have an iPhone or iPod Touch you can download it free of charge.
Yep that’s one plus, that’s the main delivery system for this proposed ‘ Security feature ‘, keeping people in the mindset that they are alot safer now this little gadget is around, which is for a fair part true.
#2 If Blizzard were selling account information – why would they even have introduced an Authenticator and methods to get back absolutely everything you lose?
Because that’s how the system works basically, it’s no hassle for blizzard to give you your account back, its ‘magic money’ to them, on receiving your account back you also inherit the higher possibility it’s going happen again. So really, putting you back in the game adds an extra “mark” for the hackers, when there’s money involved in these types of experiences, it’s like a hunting expedition for hackers.
Goldsellers then go on to benefit from selling the gold back to players who are likely to have been the victim of an account hack in the past and the more hacking taking place the higher this average will grow. They simply re-hack the account later on and thus rinse and repeat.
Can’t you see this self feeding self replicating system in action there?
#3 Blizzard are a company out to make money, while gold farming is rumored to be worth 1 billion USD worldwide I highly doubt all of that is from World of Warcraft. No, chances are Blizzard are quite happy with the player base they already have.
No company is ever happy with the clientel base they have, there’s no mountain high enough especially in digitial entertainment, and as weve seen in the past another rival company can sweep the rug without hesitation.
In actual fact, you could probably safely say atleast 50% is from WoW, the original MMO lest we forget.
You have to look at this from another angle,for example vodafone, they outsource their customer service responsibilities to smaller call center businesses who literally hire ANYBODY off the street, with no qualifications in customer service or experience in such a role before, prop you up with 2 weeks of intense training and have you answering calls in no time.
Now, even though call centers have strict policy on certain things including the use of pens and paper, the use of mobile phones or any other imaging devices, it’s still VERY possible to have a call centre employee record your details somewhere, on their arm with pen, or some other scrap piece they brought with them, and well..
IT HAPPENS… i haven’t witnessed it, i haven’t done it.. but you can ALWAYS see opportunities for it to happen and always hear news that it HAS happened (within the company).
And ALL call centers are pretty much the same, regardless of the contract to whatever major company it might be, whatever country its in, or it’s purpose. Unless Blizzard invested alot of money into putting their employees off stealing peoples data beyond a training video and a sturn talking to followed by a quick story about ‘ a guy who did it and got fired ‘ that the trainer isn’t supposed to tell you, then i reckon blizz customer service can fall under that statement.
Now, there’s no accusations being posed here and i used another call centre as an example, but perhaps draw your own conclusion with it really. There’s a huge amount of freelance hackers out there, but im enclined to think, beyond even blizzards all seeing eye, somebodies perhaps giving them hackers a leg up, or using the information to benefit themselves.
December 15th, 2010 at 8:31 pmQuote
I am playing on EU with Mac and have authenticator on iPhone. Now travelling in China for few weeks and while trying to connect to Wow it tells me that I have given wrong information. eu.battle.net tells the same. Now need to wait for few weeks until I get back home to check whether I got hacked or not. I hope it is just some problem with location change, not a hack…
December 19th, 2010 at 10:15 pmQuote
It IS battlenet. My whole guild quit playing at about the same time give or take a month, in the exact order that these accounts hit 6 months of nonuse each character in that order got hacked. Many of the hacked accounts or in nonuse and being targeted. My account had 0 addons, and wow was installed on a fresh windows 7 install. Everyone is at risk now, keep an eye on your retired players returning many of the accounts are being botted nonstop for gold farming. The only way possible to get information about how long an account has not been played is a database flag. They are also getting credit cards that blizzard stores and are being used to fuel the hacked accounts and often charged back leving the owner holding the bag, it haappened to me. Stop being fanbois and cover your asses, its your pro blizz attitudes that have lead to their apathy about your accounts. Also many people whos accounts were hacked with an authenticator are not being restored as blizz still swears they are not hackable. Good luck if you continue to play this POS game run by a POS company.
January 3rd, 2011 at 3:02 amQuote
Yes, world of warcraft is the #1 played MMO at this time. #2, nothing will ever be hack proof, and yes I’m sure there are 3rd party hackers that are doing some of the hacking. There are legitimate companies that hire people to farm gold and then they sell to the WOW community, however Blizzard seems to have a hacking issue on a daily basis. Here are a few concerns that I have to ask people.
#1, if you have invested $15 a month into a game, and you get hacked, do you stop playing when you get everything back?
#2, Blizzard put everything (email addresses, passwords, etc) in one location, on battle.net. Anyone else notice the fake blizzard emails popping up right after they did that?
#3, How much does it cost blizzard to have someone in the back room to restore someone’s data? vs How much money can they gain in selling the gold? For all you know, they’re doubled as a gold selling company.
#4, Blizzard just merged with another company, so if it wasn’t a previous blizzard employee, it could be someone from the merged company.
the list goes on and on, however I just got hacked I understand that a network can never be 100% secure, however my college degree insures that I’m no dummy. 1 of 2 things is going on. either someone at blizzard is going in and getting information to hack different accounts, or Blizzard’s wonderful idea to put everyone’s information in one spot has backfired and blizzard themselves is being hacked.
January 10th, 2011 at 9:09 pmQuote
LOL why on earth would blizzard sell people’s accounts? That really is the most idiotic thing I’ve ever heard. Its really funny that people are thinking that Blizzard needs to steal peoples accounts to sell the gold/etc off them.
THEY CAN JUST CREATE THE GOLD on a new account and sell that.. why would they take real accounts?? /headdesk
January 13th, 2011 at 10:28 pmQuote
Omg, i can’t go in my account (world of warcraft)
It’s a error: This World Of Warcraft account has been temporaly suspended please go to …….
I’m really messed up, please help me.
January 14th, 2011 at 4:56 amAnd I can be hacked? :s
Quote
LOL I have 3 accounts all with cat. and 85′s and none of them have been hacked beacuse when i go to a websight i dont put my e-mail ect. in there is some things that hackers use on the Blizzard website like when it asks you to log in b4 you get to see the page it is a hacker so when that pops up put in fake info it will work
January 14th, 2011 at 9:35 pmQuote
Has anyone considered the possibility that it’s Blizzard employees thats selling the accounts for their own private personal gain and the company itself does not control that. Is it really impossible for a GM to go rogue and do something of the sort without Blizzard’s knowledge. Just a thought.
January 18th, 2011 at 10:39 pmQuote
so if i buy a new account and if i use in this account athenticator i will be safe or i will get hack in some months?
my computer is not very good and my anti-virus sucks with the athenticator i will be safe or ??
i am planing to take a new pc (sumer) untill summer comes who can tell me my account will be safe or no ?
February 1st, 2011 at 9:48 amQuote
Personally, I’ve had my account hacked each time I’ve quit WoW. I won’t log into the program, or any other programs using similar information. This last time I had the authenticator as well. I have a firewall up, use safe browsing practices, and use an updated antivirus program weekly.
These things only happen once I quit world of warcraft, leading me to believe they wait until you quit, and then sell the information/characters of whatever. Barring that, they’re probably just closing your account in such a manner that you’ll end up buying the game again to play it, and have to re-purchase all the expansions/authenticator etc.
If you leave your account open, these things don’t happen. This leads me to believe it’s a vendetta against quitters. I’ve quit three times now in the last 6 years, and every time this has happened.
February 2nd, 2011 at 5:52 pmQuote
I have no idea what the heck is going on in Wow. I got hacked in Nov 2010 after I had quit for 6 months. When I decided to return to the game, I had to go through the entire recovery process and then spend the month of January repairing the damage done to my character. I thought that was the last of it.
When I left to take a one week vacation (in real life but at home) I returned to check my email only to see that I had been hacked again. The thing is that I was still a subscriber and had been out of WoW for no more than 2 weeks. It’s not a vendetta against quitters because I hadnt even quit.
I am careful with the sites I go to, Im even more careful with the information I give over the internet. I also have anti-virus/malware thats updated on a regular basis. So I dont think it’s me. It could be but I have thoroughly checked and scanned but found nothing in my gaming pc.
Im going to go through the recovery process again and making sure I get the authenticator (along with the month its going to take me to replace my items). I’m not blaming Blizzard for this but I wonder if it could be a problem on their side of the house.
Frankly, Im questioning whether I even want to play anymore since its becoming a chore to spend a long time replacing everything lost only to get hacked weeks later. If I get hacked again, Im going to drop this game. Too much hassle.
February 13th, 2011 at 6:17 amQuote
Well someone just came on my account today and hacked it. I get a e-mail from Blizzard saying it was banned for gold selling.
Had eight characters on it including a level 71 Paladin. I’ve barely been playing three months on-and-off and now I have to wait until this Monday morning to call Blizzard and tell them my account has been hacked.
I purchased Cataclysm and everything else I need to met the requirements to play.
What am I supposed to do? Change my password to something that’s tons of characters long or get myself better protection?
February 14th, 2011 at 3:10 amQuote
I have something else to say in response to the one I made above.
I think the way you have to use the same account for BOTH logging into the game and going on Battle.net was a TERRIBLE idea. One poster mentioned here that early in the game you just made up a name and off you went. Why can’t Blizzard go back to that? Surely I think we wouldn’t be having nearly as many problems, at least as far as account security goes.
WoW is currently vulnerable to all types of attacks. My attack was by a greedy gold farmer. I just logged into my account after changing the password and I noticed two level 1 Tauren characters that I know I didn’t add. I definitely know I have seen lowly characters advertise gold in Stormwind and Orgrimmar. Since my account is currently suspended, I think that’s what he was using my account for.
So I’m going to buy an authenticator. I did a checkup for all of my characters on the profiles and I didn’t notice anything that the hacker stole. Hopefully what he only did was use me for RWTing, and nothing more.
Still though, I am facing a three day suspension that will expire this Thursday. Hopefully he won’t do the same thing again, because this time I will be encrypting a very strong password.
God bless me if I have no keyloggers.
February 14th, 2011 at 5:05 amQuote
Obviously Blizzard the company aren’t selling details, that would be insane.
But I’m an old school player who tends to reactivate my account once a year a so for a few months to play for a bit & get bored again. But each time for the last three years my account is taken over 3-6 months after the sub runs out, so something weird is going on.
March 1st, 2011 at 6:32 pmQuote
Same here, Pompom! I’m somewhat relieved that others are having the same problem as me, but now I’m somewhat concerned something funny is going on at Blizzard.
March 9th, 2011 at 2:14 amQuote
The idea that Blizzard Entertainment (or even Activision Blizzard) is performing gold selling is a conspiracy theory at best.
At 12m subs paying say 13 dollars per month (which is probably optimist given the pricing models for Asia and Latin America) is 1.8b per year in revenue. If the entire gold selling industry is 1b across all games it is probably not worth the cost in customer maintenance for Blizzard to consider it.
Also, they control the entire game so if they really wanted to do gold selling they could just make money out of thin air, like governments, and sell that without the customer service expenditure at all. This was mentioned by someone above.
Regarding hacking and the authenticator, there is no such thing as a foolproof security setup, there is always a way to get around it and all it requires is time, patience and ingenuity (be it technical or social ingenuity.) The man-in-the-middle attack is a very real problem and existed long before WoW came about, it is one of the best ways to defeat the security of SSH encrypted tunnels for those who do not read warnings about key mismatches and eliminates all of the security of data encryption. The tactic in the case of WoW would involve either updating a local hosts file or DNS cache poisoning. The first is more trivial compared to the latter however the latter can score many accounts at once versus the former only getting one person’s account(s).
The authenticator makes it more difficult over all since it takes away the time and patience elements of hacking and requires mostly ingenuity to pull off. It is not foolproof since the man-in-the-middle attack can be effective against it, also I am under the impression if the email address that the Battle.net account is tied to is hacked the authenticator will not help you there either.
March 13th, 2011 at 9:04 pmQuote
Add my name to the list of hacked accounts with the authenticator. Oh my…sure starts to look like an “inside job.”
Nah…it’s a conspiracy theory, the air is safe to breath and the water is safe to drink…nuclear power is clean and efficient…Oswald shot JFK, Sirhan Sirhan killed Bobby, 47 story steel reinforced buildings come down at free fall speed do to office fires…
March 18th, 2011 at 1:09 amQuote
If blizzard are selling gold, they want as little inflation in the game as possible, that’s why they hack people instead of just making it out of thin air(if they hack people who hae already quit playing then there’s a chance that they wont recover their lost items=no inflation) and if they’r selling accounts then they cant make new once just like that because like any other company they have to be able to pass an inspection. Im not saying blizzard are selling gold/accounts, im just saying it’s not stupid to belive so.
March 22nd, 2011 at 6:34 amQuote
I hate blizzard they take there time with account recovery I have an authenticator and It got removed then another one got put on in the space of 2 hours ffs and I agree it is possible and likely blizzard are hacking and selling accounts.
March 27th, 2011 at 12:13 pmQuote
I stopped playing wow last July and just a month ago or so my account was banned for gold farming. Today I found out my credit card was cancelled by the bank for possible fraudulent charges. Here’s the thing…
The credit card that go stolen is the same card used on battle.net to pay for wow and NOTHING ELSE… EVER!!!! I talked to the bank and she verified that there have been no charges on the card since last July when I stopped playing WoW. The card never leaves the safe in my house and has never EVER and I repeat EVER been used for anything other than WoW.
I find it very odd that shortly after my account was stolen somoen tried to go on a shopping spree with the very same card only used for paying for WoW. There is only one place they could have gotten both my card number and my 3 digit code is from Blizzard/battle.net since it’s the only place I’ve ever used it.
Don’t give me the “you have a virus” crap that logged my card number because that’s crap… I opened my wow account years ago and that is the only time I’ve ever typed in those numbers, when I first opened my account years ago so no keylogger stole my numbers and the person didn’t wait until now to use my card.
An employee at either Blizzard or battle.net stole the info from the database OR Blizzard or battle.net was recently breached and they just haven’t found out about it. By law they need to report hacks but if they don’t know then what would they have to report?
It’s simple, some employee stole the info from the database and used it or sold it OR someone hacked them and stole my credit card info from them.
I work in the financial world and credit card info is stored in databases along with the security code for things like monthly charges. Yes there are safeguards but have you ever needed to call the bank about a card? The employee can see all your card numbers and security codes and the same thing is possible for people working close with the databases. I have access to finanacial databases for my job and I see the info all the time so I know what I’m tlaking about. It sucks that some employee is doing this if thats the case and it sucks that they don’t know they have a data breach if that is the case.
March 30th, 2011 at 4:31 pmQuote
I concer with Aaron. I also work in the financial industry and see 80+ credit card accounts per day. Sometimes more because the account has multiple credit cards. Yes call centers have rules for no pen\paper\cell phones but my managers are so busy they spend most of their time with their heads pointed at their own screens. People use their cell phones all the time while at their desk and get away with it. I’ve had this theory for a long time and only recently decided to google it. Low and behold Im not alone. Either someone is selling info or blizzard’s servers get hacked on a regular basis and they just dont tell anyone because they would lose so many plays so fast. They’ve gotten so big they have to lie to keep their jobs. This same thing happens on Guild Wars with Arenanet. Plus if I haven’t played the game in a year and my account gets blocked for spamming\gold farming then someone had to have added gametime to use my account. So why is there absolutly no mention of new gametime or trial time added to my account?? Simple….Inside job.
July 31st, 2011 at 2:08 amQuote
I’ve been hacked everytime I suspend my account for very long.
The real problem with Blizz is the way they handle suspended/cancelled accounts. They don’t do what would be standard practice for any other company handling massive user bases – MOVE dead accounts offline. Instead, they leave them on the original, active servers. Moving accounts back-and-forth between offline and online servers may be a pain (I know, I used to have to do it, on a much smaller scale — it can rapidly become a logistical nightmare if the environment is very complex), but it’s really the only way. I hope Blizz is looking into a way to do this.
October 18th, 2011 at 10:12 amQuote
My theory is that blizzard employees (probably GMS) are the ones stealing these accounts. They target inactive accounts with level 85 mages because they can teleport everywhere and be used for farming. All others characters have their gear sold off or disenchanted then those characters are deleted for ingame spamvertising. These corrupt employees either sell the account info to gold farmers or they out right own these gold selling sites themselves.
October 20th, 2011 at 6:56 amQuote
Those of you using authenticator on your computer by using an emulator are not smart. Viruses can be made for those emulators. The only authenticator that isn’t hackable is the keychain authenticator. For those of you that think you can trick a keylogger…you cannot unless by using an onscreen keyboard. Keyloggers can pick up a backspace key or delete key. The emcor.dll is the virus responsible for hacking authenticators that people use in android emulators (which are installed on the computer). I am sure at some point someone will make a virus that will hack your phones too. If people are using keyboards with macro buttons (that you think is a way to fool a keylogger), you are wrong. Inputs are still sent to the computer through the keyboard. The only time an account notices that there is unusual activity on it, is if you recently logged on from said location, and then not too long after someone else logs on from a different location that is a good distance away. A few miles wont matter. Finally viruses can be upgraded, changed, or renamed. emcor.dll may not be the virus used anymore. the DLL can be changed to another name. Get a keychain authenticator. pay the 6.50.
dont use other peoples computers or public computers. if you cant spend a few days away from the game, you have a serious addiction and need help. Remember its a video game. no matter how much time you put into this game, its all for nothing. Its immaterial.
April 29th, 2012 at 8:43 pmQuote