WoW authenticators bypassed by middlemen hackers
Crooks have developed a man-in-the-middle-attack designed to circumvent authentication kit used by dedicated World of Warcraft gamers. The ruse relies on tricking gamers into installing Trojans disguised as gaming ad-ons. Once applied the malware allows hackers to capture and relay authentication commands next time a victim logs …
Anyone who does not use "official" addons repository like Curse, is asking for trouble. A hacked WoW account is nothing major. Blizz are more than happy to help (It does take some time) retuning hacked accounts back to their rightful owners & put your chars back to the state they were before it was hacked.
Only thing I will say, if your stupid enough to use the same password for your battlenet account & your registered email account. That's when your asking for trouble.....
Paris, because she would love to touch a pallys hammer & make it dish out some righteous justice....
There are no "official" (endorsed by Blizzard/Activision) addons for WoW. You use addons entirely at your own risk.
Saying that, Curse.com has an addon manager which I have used for a good long time without issue. It seems that the malware comes from a similar application which is downloaded from fake addon sites (cursea.com instead of genuine curse.com). If you didn't spot / know the difference, and just knew "Curse do an addon manager! Search on Google!" the first (advertised) link is likely to be cursea.
It's all still user error, but isn't it always?
It is mostly the same method discussed here ( http://www.theregister.co.uk/2010/01/27/3d-insecure/ ) a few weeks ago, concerning the 3d authentication system used in VISA credit cards, the main difference being that the method used for breaking 3d secure works either with a trojan or with a browser vulnerability and/or some phishing.
And I agree with Lord Lien that installing add-ons from non official sources is suicidal. I know players who have fallen for this kind of scams SEVERAL TIMES, which should award them a mandatory in-game title, something like 'Playerxx, The Noob'. :-)
Paris, because I would never allow her to touch my hammer without wearing heavy protective gear. Funny enough, in this case a 'trojan' may prevent you from being infected by viruses. :-D
These suggested Authenticators generate a "random" number which is used to gain access to your BattleNet account (can be used to gain access to more than 1 WoW account). Assuming its a "random" number then wouldn't any number work? No, its obviously a algorithm which involves the Authenticators barcode/serial number.
Regarding Auths hacked:
A trojan used on these is no different than using it before these Authenticators came out, if your stupid enough to not have a AV installed and to download/visit dodgy sites (free gold/mounts do NOT exist) then you deserve to get one.
imo.
The quotes around the word official were an indication that there was not one... bad grammar?
If anyone wants to send me over there account details I can check to see if there gold is real & I'm more than happy to dispose of there bad gold.
Paris, because she is an epic mount.......
Nuff Said...
move along nothing to see..... IronForge will be opening as usual shortly.... move along.....
hmmm any gold left in my bodkins or mantle??? Dang....mugged again
I can see where this wouldn't be difficult. Outwitting most of the people who hang out in the Stormwind trading channel is about as difficult as putting on a hat.
The first rule of not being conned is "If its too good to be true, it probably is" and "Stop looking for the best of it for free"
The only add on I personally use is Carbonite and its authorized by WOW. And anyone dumb enough to have the same e-mail password and Battlenet password is beyond helping.
I've been playing on My Mac since October, and I've had no troubles. But sadly, too may fools, no matter OS will install ANYTHING.
What happened to the old days when we just use to packet drop server disconnect packets to you and make you drop you sessions. My favorite hobby in the middle of a lecture when someone was goofing off.
This story has started my wheels turning a little bit. You can find my thoughts on some of the key points of this story over at http://cosine-security.blogspot.com/2010/03/defrauding-fantasy-economy.html . I have included links back to this article and the Sunbelt post.
Sign up, sign up for The Register's weekly IT security newsletter - click here
