Protecting Your WoW Account

[Irenke]

Given some of the recent problems that we've had regarding a compromised account within the guild, the officers feel that it's important for everyone to be aware of basic World of Warcraft security. "Protecting Your WoW Account" provides some very basic information that can help prevent a similar problem from occurring to you.

Highlights include:

Three most common ways your account may be compromised

• Keylogger
  
• Phising
  
• Insider

Ten steps to avoid being compromised

1. Don't share your game password with anyone and pick a password that is not easily guessed
   
2. Don't use the same password for subscribing to fan sites
   
3. Keep your operating system, browser and other software fully patched - start with Windows Update
   
4. Run a reputable antivirus product, preferably a full internet security suite with a firewall and keystroke encryption
   
5. Don't click on email attachments, especially when you don't know the sender
   
6. Don't download and run executable files from web pages
   
7. Don't enter your game password into any web site other than the official game sites
   
8. Don't enter your game password to a legitimate Blizzard web site from a PC that may be compromised
   
9. Be very suspicious if an addon requires some form of install package to be run
   
10. Invest in a Blizzard authenticator or install the Battlenet Authenticator application on your iPhone

The officers encourage all members to acquire an Authenticator if at all possible. This is probably the single most effective way that you can protect your account. You can learn more about it at the Blizzard Authenticator FAQ.

You can use the following list to acquire an Authenticator:

• Blizzard Authenticator (United States)
  
• Blizzard Authenticator (Canada, Australia, New Zealand, and Latin America)
  
• Battle.net Mobile Authenticator

[Irenke]

Just following up after my talk with Toots this evening. If you want to download the Battle.net Mobile Authenticator and want to check to see if your phone is carried, you'll want to visit this page.

[Blackshae]

I'm buying one right now, we just had another guildy hacked and all his stuff was stolen along with the first 2 tabs of the guild bank. Saw Wedniatnuom logging in and out several dozen times, when he stayed on, he refused to say anything. Saala and I hearthed to Dalaran, I /tar Wednia and saw him in front of a NPC wearing only Emblem gear, the then moved to Org and was in front of the guild bank. Even tho it was set for 1 stack only, he managed to get away with ALOT of stuff from 2 entire tabs.

Its kinda scary, he was able to bypass the tabs restrictions, and then we found out he deleted Wednia's toons as well.

[Irenke]

Account hacking tends to happen on a larger scale in cycles. There's a long period of time during which a few accounts may be hacked, but not on a large scale. Suddenly a lot of account are attacked at the same time. Then the numbers wane again and there's a lull. Some months later, the entire cycle repeats.

I'm not sure if it's a vulnerability that gets corrected or just a matter of customer awareness (people tend to be less cautious if there isn't a constant reminder of the need to protect their accounts and what better reminder is there than seeing friends and guildies get hacked?), but it happens. We appear to be in the middle of such a cycle again.

[Irenke]

Bump, bump, bump! Account security, peoples!

[Krad666]

Just read from wow.com that Blizz may be considering making authenticators a mandatory thing.

http://www.wow.com/2010/01/08/blizzard-giving-serious-consideration-to-mandatory-authenticator/

I personally don't like to believe such internet sources (( I don't frequent wow.com, more of a mmochamp guy)) but after i uttered the statement before cataclysm was announced. " Goblins for the Horde??? Worgen for the Alliance???? Garrosh Warchief??? ORC MAGE?????? TROLL DRUID. TAUREN PALADINS? Who the hell comes up with these lies!"

Well. I'm gonna be a bit slower before entirely dismissing this.

[Blackshae]

My take on this situation... chance someone will steal your account and steal everything you worked your ass off to get. Or Spend 15.00 and wait an additional 10 seconds to log in to your account.

[Irenke]

Reminder: vulnerabilities can exist in commonly accessed websites such as Curse.com, WoWHead, and here on GuildLaunch. Many sites now allow the use Flash-based advertisements, which can have malicious code buried somewhere within. This has happened many times before.

Be safe when you browse sites. Get something that blocks scripts and then don't approve any unless you know it's safe (in other words, maybe something that you personally host and organize).

I personally use:

• Mozilla Firefox
  
• NoScript
  
• Adblock Plus

[Maedea]

I use:

• Targeted Advertising Cookie Opt-Out (TACO)
  
• BetterPrivacy
  

And my personal favourite, AmIOnMySpace.com?

as well as the ones that Irenke listed.

[Irenke]

Bump, bump, bump!

We had another hacked account today. If you can, invest in an authenticator. The mobile authenticator is free to download for many phones and typically under a buck if you need to pay to acquire it. It is the best protection that you get get.

[Gondaril]

This not only protects yourself, but also the guild because if these people have access to the guild bank they'll take the stuff from here as well.

Just a note for our officers:
I know this has been mentioned and I've actually implemented in the guild I own on my warrior, but might want to restrict access to people having their authenticators. Especially since there seems to be an escalation, moreso than other times, in hacked accounts recently.

Any, as has been said over and over and over again, protect your account with an authenticator. It doesn't take long and is well worth the effort and investment, both for your sanity and the money you spend to play.

[Blackshae]

Now this is getting stupid, someone else just got hacked. Its 12 dollars people, at this point I can say this and probably be right, if you DO NOT get an Authenticator you probably WILL be hacked. I am quite sure they are targeting us as a Guild because they know we keep our guild bank stocked with decent mats.

[Irenke]

This is paranoia and maybe a little bit of naivete. It is not just our guild. It is not just our server. This is a game-wide problem that is affecting hundreds -- if not thousands -- of players across a variety of servers. And not just the US ones. I've been seeing cases of this problem cropping up on EU servers.

It is extremely difficult to target a single guild, much less a single player. How can they target us specifically?

Instead, what is most likely happening is that popular websites (that may not even necessarily be related to World of Warcraft) are being compromised. Malicious code is being inserted into these sites. It may be something as simple as a Flash-based ad (which is becoming more and more popular in recent years) or even a transparent 1x1 pixel image that takes advantage of browser vulnerabilities (such as ones that were in Internet Explorer for quite some time).

The best thing to do is be vigilant. Never visit sites that you don't know are safe. If you do, make sure you have software that will prevent you from running malicious code. Both Mae and myself provided a list of programs that will help you. And, most importantly, acquire an authenticator. The second level of mutable protection that it provides is invaluable.

If you can't get one (lack the appropriate phone, don't have a credit card, whatever), let us know. I'm pretty sure that a lot of your guildies would be willing to help you out, even if it means acquiring extras and then sending them out to people. This is enough of a problem that that extra effort would be invaluable.


Edit: I'd like to remind people that an authenticator is not a panacea. It will not make you 100% invulnerable to being hacked. You can still end up with your account compromised if someone makes use of your account information within a specific period of time. You should still try to be vigilant and safe, but it does significantly reduce the chances of being hacked.

[Irenke]

Because it's become such a prevalent issue, "Help! My account has been hacked!"

[Maedea]

Just in case anybody missed it..

Boubouille wrote:

Trojan succesfully hacks Authenticator Protected Accounts A new virus spawned on the internet a few days ago and seems to be the first trojan capable of hacking a WoW account protected by an Authenticator. It was confirmed by Blizzard a few hours ago. Kropacius wrote: Source After looking into this, it has been escalated, but it is a Man in the Middle attack. http://en.wikipedia.org/wiki/Man-in-the-middle_attack This is still perpetrated by key loggers, and no method is always 100% secure. Basically, what the virus does is fairly simple after you're infected : The next time you log in World of Warcraft, the game asks for your Authenticator code. The virus intercepts it, send it to another server, and sends a wrong one to Blizzard = You get an error. The people behind the virus now have a few seconds/minutes to use the "real" code while it's valid to change your password / empty your account / guild bank. How to check if you're infected Just search for a file named "emcor.dll" on your computer, it is most likely located in "C:\Users\(Your user name)\AppData\Temp" but I suggest that you check everything just to be sure. If you do find the file, delete it and make sure you update your anti-virus to prevent any further problem. To be honest, if you found this file your account is probably already compromised. What does it mean exactly? Yes, you can get hacked even if you have an authenticator, the chances are MUCH lower but you're not invulnerable. It definitely isn't an excuse to not have an authenticator. We're talking about a single virus here and the authenticator will save your ass 99% of the time. Get a decent anti-virus, buy an authenticator, you'll be safe.