No end in sight to hacking of 'WoW' accounts

A correction was made to this story. Read below for details.

If you're a World of Warcraft player using Windows, beware.

For months, hackers--most likely in China and Russia, according to security watchers--have been surreptitiously installing keylogging software on WoW players' Windows computers, hijacking their accounts and selling off their often valuable in-game assets.

And the problem doesn't show any signs of going away.

The gangs perpetrating the hacking are "incredibly active, and it's a good exploit," said Roger Thompson, CTO of security software developer Exploit Prevention Labs. "It's probably a conservative estimate to say that there's tens of thousands of victims."

The exploit works when unsuspecting WoW players visit any number of Web sites infected by the hackers with keylogging software. When the players visit the sites--which are often unrelated to WoW, but that players frequent, Thompson said--the software is quietly installed on their computers, allowing the hackers to spy on keystrokes and steal players' WoW passwords.

While the software could easily be used to hack into players' accounts in almost any online game, there's no evidence the victims are anybody but players of WoW.

"It's only a matter of what they want to do," Thompson said of the hackers' choice to attack only WoW accounts. "The guys working out how to do it are WoW players. We're pretty sure we know who (most of them) are: a couple of Chinese college students, and it turns out they're interested in WoW."

Thompson said he suspects that a Russian gang may also be involved.

Many of the victims, no doubt, have experiences similar to that of Dag Friedman, a 37-year-old math teacher from Sacramento, Calif.

Last month, Friedman wrote on the WorldofWar.net--an unofficial WoW community site--that he had recently discovered that one of his WoW accounts had been permanently banned by the game's publisher, Blizzard Entertainment. According to an e-mail he received, the banning was punishment for "account sharing," a violation of the game's terms of service in which players give others their passwords and access to their accounts.

Friedman wrote that he had tried to get Blizzard to explain what happened, but had gotten no initial response. Weeks later, however, he was contacted by Blizzard, which told him it had reinstated his account and restored his lost items.

Contacted by CNET News.com, Friedman said he had since had another WoW account hacked, and that he was disturbed that someone had broken into his computer.

Worse, in the middle of an instant-message conversation with CNET News.com, Friedman reported that he had just discovered that yet another of his accounts had been broken into and all its contents pilfered.

For its part, Blizzard said it's addressing the problem by informing players that they should ensure their computers are safe against malware.

"This really comes down to a security issue, and obviously I am not taking the necessary steps to make my home computer secure enough."

--Dag Friedman, WoW player

An "important means of protecting your account information is keeping your system up-to-date," Blizzard wrote in an April 6 forum posting on the official WoW Web site. "For instance, installing the latest Windows security patch is a good way to avoid exploits designed to steal your login and password details."

But some players would be the first to admit they do a poor job of updating their security software. As a result, they are perfect targets for hackers.

Friedman, in fact, acknowledged that he is lax about such things.

"This really comes down to a security issue," Friedman said, "and obviously I am not taking the necessary steps to make my home computer secure enough."

Friedman also said he appreciates that Blizzard is acting quickly to shut down accounts after they have been compromised, since it alerts players to problems with their computers.

"I think that it is good that they are so quick to ban the account," he said. "I would not have been aware of this situation if they had not been so quick to act. Who knows what other types of information could have been accessed?"

There are more than 8 million WoW players, so even if tens of thousands are finding their accounts compromised, that's still a very small percentage of the total.

But for the hackers, the rewards can be substantial. That's because many players hoard gold, weapons, spells or armor worth a lot of money on the open market. Even though Blizzard doesn't officially allow players to buy or sell those goods, there is a thriving market for them (and that's in spite of the fact that eBay, one of the most popular venues for such transactions, recently decided to ban them).

"People are willing to buy on the black market," said Javier Santoyo, senior manager of Symantec's security response team. "If players themselves were not willing to go outside the games to improve their characters, then there wouldn't be such a need."

But for players like Adam Satterfield, a 28-year-old IT consultant from Atlanta, the downside to having a WoW account hacked and subsequently banned goes beyond losing in-game assets.

Several months ago, Satterfield said, his computer was infected by keylogging software. His account was hacked, his assets were stolen and the account was banned.

"It's unfortunate to lose your in-game stuff," Satterfield said, "but what was really important was to play and hang out with my friends."

Once his account was deactivated, Satterfield said he had to go back and forth with Blizzard to prove his account truly belonged to him. All told, the process took nearly a month, and Blizzard ended up charging him for that month of service anyway.

Blizzard spokesperson Shon Damron said the company recommends using the Blizzard Launcher, a console that delivers WoW news and at the same time runs a scan of players' computers. If it finds something amiss, it alerts the player. Damron said Blizzard also recommends players use virus-scanning software.

Thompson agreed, and said the best thing a WoW user on a Windows machine can do is use the very latest Windows patches from Microsoft.

"The moral of the story is that if you patch, you're safe," Thompson said. "If not, be afraid, be very afraid. Complacency is the enemy."

 

Correction: Due to incorrect information supplied to CNET News.com, the name of Roger Thompson's company was incorrect in an earlier version of this story. He is chief technology officer of Exploit Prevention Labs.

[timcoyote]

DM

Sounds like this game needs a higher level Dungeon Master.

[kpitts]

Ironic advertisments

The "thriving black market" is evident by the Sponsored Links on this very page:

Sponsored Links
Buy or Sell WOW Accounts
Visit Web Site Buy or Sell Your World of Warcraft Accounts from Any US/Euro Servers
www.gamepal.com
World of Warcraft gold
Visit Web Site Cheap Price & Fast Delivery! 24/7 Live Support, Purchase Now!
www.power4game.com

[tvgeek1]

Blizzard and their lies.....

There blizzard does not check the system, it only checks their system folder where WOW is located. Also, useing anti-virius programs and spy alerts do not always catch key logging software. Does blizzard want to stop blameing others or do they want to finally take responsilibity. I had my account banned by them when I didn't even play for a month. I have all the software for security and they clame it was somebody two people logging in from different places. I hadn't used my account at all and when they looked into the matter further there logs didn't even show that anybody logged in for the month. So, blizzard needs to admit the truth that they have a problem keeping peoples accounts closed and out of internet view on the corp. level.

[cablemaker]

Only because he was Press

I had the same thing done with my account, and Blizzard refuses to reinstate it. Funny how things get reversed for people in the media.

[bradyme]

There is look at the bottom

There's not? And who says this isn't illegal. Google ads just popping below this associated article.


* Buy or Sell WOW Accounts
Visit Web Site Buy or Sell Your World of Warcraft Accounts from Any US/Euro Servers
www.////removeditrbecausethatsjunk////.com
* World of Warcraft gold
Visit Web Site Cheap Price & Fast Delivery! 24/7 Live Support, Purchase Now!
www.////removeditrbecausethatsjunk////.com
* Get 1 Million Exp An Hour
Visit Web Site In World of Warcraft! Money Back Guarantee - Only $21.99
www.////removeditrbecausethatsjunk////.com

(About)

so otherwords these websites make money off taking advantage of someone and stealing their account. These are the SAME PEOPLE! Cnet! Loook !! Messed up!

[Lethality]

Use a Mac

Problem solved.

[`WarpKat]

Stop Playing So Much!

If players would stop playing for a while and
come out of their dungeons more often than they
do now and gasp for some air, we wouldn't see
un-newsworthy items like this on News.com.

Instead, we'd see things like, "Batboy Seen in
Pennsylvania - Scares Amish Farmers Into
Reality."

[Fogglestein]

Easy Fix

I would expect most of this could easily be fixed by Blizzard offering gold / items for sale in-game, for currency. Some may argue that that approach 'breaks' the reason to quest for these items but lets face it, the stuff can be bought anyway. The only difference is, it's gold pharmers making the $$$. Blizzard could undercut virtually (*snicker*) any profit the pharmers would make and thus make it undesireable.

[weegg]

Secure Solution (doesnt matter which OS)

Use secure id Blizzard.

For example, even with keystroke capturing software it would do
no good since secure id generates a new number every minute. If
that number is part of your password, it changes every minute and
it doesnt matter if they have a snapshot.

E-Trade does this. So why not Blizzard?

[buffer_overflow]

Missing the Point

First off... I see the ads that were generated by Google at the bottom of the page at the end of the story.

I disagree that this is not about platform specific, I do agree however that people need to do a better job performing updates on their Wintel PC?s with the latest protection software.

However that is never going to be enough, M$ operating systems are just vulnerable, period, that will never change until M$ does a lot better at programming an OS overall.

Personally I use a PC to play WoW, however as a tech for both PC and Mac I get paid to keep systems up to date, and maintained.

Word of caution; don?t go to the websites that offer to Power level you, or to buy virtual Gold. Sites like these and others offer scams, just clean up and update your system, WinXP SP2 with all the patches.

Or buy or use a Mac, yes? I had mine compromised as well, Blizz took a few days but I got most of my stuff back, now I don?t go to sites about Wow that I don?t know if they are reputable or not. I also went back and did a lookup of the domain and who owned it, it was a company out of the US. Owned by a company out of China.

[phantomsoul]

Wow...

A whole month to get your account reinstated if you've been hacked? And still get charged for service? I'm not sure I'm any longer interested in paying for the services of a company, such as Blizzard Entertainment, that evidently prioritizes preventing revenue loss higher than having satisfied customers. I wonder how many legitimate license-bearing victims were treated like criminals in trying to get their accounts resolved.

Also, I have several doubts to the effectiveness of "keeping your computer updated" as a be-all-end-all solution. I wonder how many WOW players down have a sufficiently legitimate license from Microsoft (e.g. copied from a friend, etc.) to get adequate updates to keep their computer secure. Additionally, of the people who are legitimate with Microsoft, I wonder how many haven't the slightest clue on how to either tell what the update status of their computer is or even go about updating it. And finally, of the people that don't know, I wonder how many care to even bother finding out.

Quite frankly, if I wasn't a very computer savvy person who just liked playing a game on the computer every now and then, I'd find all the security concerns behind it way too opaque for the common gamer and just want a refund.

Three cheers for lousy customer support. </sarcasm>

[phantomsoul]

Second Degree Security

Second Degree Security, which requires you to actually physically possess something in addition to a password in order to authenticate, could help out in a high-profile hacking situation like this. Banks have been doing second-degree security for years now -- when you go to an ATM you have to put in your ATM card (something that you have) and enter your PIN number (something that you know). This effectively eliminates "stolen intelligence" as a means of breaking in.

However, it could also prove costly to the company. In order to successfully implement second degree security, you have to actually distribute whatever piece of equipment provides for it (like the secure ID, for example), and also re-distribute it when problems with it occur.

Not sure how costly the broken accounts as a whole are to the company themselves. It could be just as easily resolved with better customer service; I mean at the end of the day, it's just a game and not our life savings, right?

[drarkanex]

Choose Life, Not World of Warcraft

I've had 2 Accounts banned by Blizzard. 1 for 3rd party software and the 2nd and last time for account sharing. I'm tired of Blizzard and whatever they stand for. I appreciate they are taking a stand against people that are bypassing the rules but for me to be inadvertantly caught in these rules and given no excuse other than canned messages and no excuses is plain wrong. I will never buy another Blizzard or Vivendi product again. Currently waiting for Age of Conan and Warhammer Online. To the guy saying "Get a Mac", look man, no one wants to write viruses for 2% of the market. No one cares about your Mac. IF you like Mac so much, leave it at that and like it all you want. PC's are superior to Mac, despite what you think otherwise. I look at the numbers and the market, and looking at the Mac numbers, you haven't got a clue what you are talking about.

[real_bgiel]

They got my bank accounts

Cleaned me out, melted down my credit cards. My house is in foreclosure. My wife and kids left me. Got fired from my job.

Thank God they did NOT get my WoW stuff!

[eclypce95]

Only Stupid People's Accounts Get Hacked

People getting keyloggers installed on their systems has nothing to do with WoW or anything. They get crap installed on their system because they're idiots. They don't understand how the web works and they just assume everything is safe and install whatever crap they see.

For people that got hacked, I have no sympathy for you! You got hacked because it was your own damn fault! You're probably the same people who's keep those nigerians in business! If you lost your life-savings (real or virtual) because you got hacked, oh well, you would've blown it in other ways eventually -- like buying a house on adjustable rate mortgage, or giving it to that guy that will sell you Cloud (or Volcano) Insurance!!!

[natejohnstone]

Glad I play on a Mac

[realism]

Get City of Heroes

WOW is way overrated. Get City Of Heroes/Villains.

[Kurlus]

Spywhere?

I had my account hacked December 2006 between the 25th and the 27th. I had 3 sets of equip, approx 370g and everything stored in my bank taken. I reported this to Blizz the moment I found out, via phone, and was told that customer service could do nothing and to log into the game and submit a ticket.

Three and a half weeks went by until I received an official response to my request for account restoration. In the meantime I submitted posts on the WoW forums asking for an update. Every post was deleted in mere seconds of it's posting.

Finally Blizzard told me that they could not verify my loss and that the new content from the release of The Burning Crusade would provide me with better opportunities to advance my lvl 60 character. They also told me that any further conversation would best be handled online, however the final post I made on the forum was deleted like all the other posts I had made.

Just from my observations from my experience with all this, I've played WoW for over a year. I have never had a problem until after I first logged into the WoW forums. Maybe it's from this unsecured side of the site where your info gets taken. You enter the forums with your account name and password and it's unsecured. All I know is I had no keyloggers on my computer, I had no virus' on my computer, I had no spyware on my computer. I run 3 firewall programs that monitor the programs on my computer and anything trying to access the internet or anything trying to access me. I also run 2 anti-virus/anti-spyware programs all of which are up to date and I still had my account hacked. I have not formatted or restored my computer since I was hacked and amazingly (knock on wood) it hasn't happened again.

People like to agree with Blizz and say that "we" deserved getting hacked. That "we" brought it upon ourselves. All I really want to know is when did "we" buy into all the Blizzard BS? I just hope that those who post replies saying that people deserve getting hacked, get hacked themselves so I can be one of the 1st to laugh at them.

[Nanette159]

Re: Hacking of WOW accounts

To Whom It May Concern:
To the person who said only stupid people get hacked. First of all, that was extremely rude of you to say, and second of all, people are hacked all the time because people do not want to pay their own bills. Here is an example:
A person I know had his computer taken in to the shop to have SP2 put in. His computer was configured so that he didn't have to type in his password, other than when he dialed up. In this instance the person who usually worked on his computer was on vacation, so another person worked on his computer, so when he got it back, he logged on in his usual way. When he went to change his password (I convinced him it was a good idea to change your PC's password about every 63-71 days) he found that the person who worked on his computer had NOT put the password in, and immediately he ran a full scan, particularly his System Volume Information, as that is what dialers usually hit, but he ran the complete scan and found 2 dialers. However luckily he had Grisoft AVG, which gave him the company and numerical number of the person who had dropped the dialers in his computer. He lost a few thousand dll's, exe's, sfx's etc., but he also had the satisfaction that the person who did it is not only going to spend jail time, but is going to have to pay monitarily for dropping those dialers in. People who have a tendency, like yourself, to think others stupid, tend to fall into their own holes, it's basically called foot in mouth disease. I've worked on computers since they first came out in the 70's and mainframes were the size of about 2 warehouses, and if there is a will, there is a way.
It will happen to you at some point. I sure hope not, however as a Veteran, when all the social security numbers were stolen, I was terrified as mine was one of the ones in there. Luckily they got it back, so you see sometimes it doesn't have anything to do with you at all. Someone elses carelessness may cause the problem.
Sincerely,
N. Doree-Sheckler

[cherrycky]

Buy cheap wow gold, world of warcraft gold all servers.

Looking to buy WOW GOLD, Items or Accounts? ... ( wow gold for sale) Land mounts can be purchased by players once they reach level ...http://www.vicsale.com