Hey guys,

I was just sitting here reading something and I get a e-mail popup notification from thunderbird, I switch over and I see its from WoW saying my password was changed for my 5th account.

Weird, I try to log in and sure enough its changed..

So I reset it, and log in, and I notice the character I log in on is no longer guilded.....

well I check all the characters on that account and they all were stripped of gold. I log onto one of my other accounts and check the guild bank and yep just as I dreaded, completely stripped.

I have no clue how this happened, if it was a keylogger I would have thought he would have gotten all my account info, but he only got the info to one of the accounts. Strange.. I am scamming my computer now using adaware to be safe.

But anyway I filled a petition out in game (ticket) and waiting on them to get back to me. Is this all I have to do? Speak to them in game, or should I call in the morning?

Also is there any chance of me getting my bank items back? I had a few thousand gold and tons of mats in there...

Thanks =P

pisses me off.

Well somehow I did end up getting infected with a trojan, adaware picked it right up...

No clue how it got on there or why only one account was compromised.

But anyway I filled a petition out in game (ticket) and waiting on them to get back to me. Is this all I have to do? Speak to them in game, or should I call in the morning?

Yepyep, you're on the right track. Fill out a GM ticket saying your account was compromised, and explaining that you are trying to clear your computer in case there are any keyloggers/viruses present. Let them know that a large amount of gold/items are missing and that, now that you have resecured the account, you want to use one of your limited restorations to get your stuff back.

They should lead you from there. Keep in mind, depending on the amount of people hacked they could have a backlog of restorations to do. As I understand it sometimes takes a week or even two to get your account completely restored.

Until then, do your best to scan your computer and identify how the hacker could have gotten your information. Have you installed any new mods or signed up for any out-of-game websites using similar account information?

But anyway I filled a petition out in game (ticket) and waiting on them to get back to me. Is this all I have to do? Speak to them in game, or should I call in the morning?

Yepyep, you're on the right track. Fill out a GM ticket saying your account was compromised, and explaining that you are trying to clear your computer in case there are any keyloggers/viruses present. Let them know that a large amount of gold/items are missing and that, now that you have resecured the account, you want to use one of your limited restorations to get your stuff back.

They should lead you from there. Keep in mind, depending on the amount of people hacked they could have a backlog of restorations to do. As I understand it sometimes takes a week or even two to get your account completely restored.

Until then, do your best to scan your computer and identify how the hacker could have gotten your information. Have you installed any new mods or signed up for any out-of-game websites using similar account information?Thanks vyndree,

Only thing I can think of is I clicked a link on the wow forums for a flash game.

I was watching the adaware scan and it found something in my temp internet files, its still scanning so I am not sure yet but right now thats the only thing I can think of. I don't really look at anything wow related besides this website and the official forums sometimes.

My ticket is already almost ready to be serviced status so that was fast.

I don't mind a 2 week wait if I can get the gold back, that was pretty much all the gold I have but a few hundred spread out on the other accounts.

Thanks again for the help

Joe

is this something that the blizz authenticator will prevent?

is this something that the blizz authenticator will prevent?Yep this is exactly why it was made, if i had it he would not have been able to log into my account.

I;m gonna get one I think after this, they are cheap enough.

OK I just did the whole report thing in game, he asked me about 8 quests and then said there will be 2 reviews, one to see if anything can be restored at once, and another in case not every item was restored in the first investigation.

I think i caught it fast enough, i saw the password was changed like 30 seconds after the e-mail was sent so I know the items didnt go far before I got it reported.

Thanks for the help again vyndree, you are the best.

Joe

Now go to http://www.blizzard.com/store/details.xml?id=1100000182

and buy

87

And never have to worry again.

btw, there is a chance that your other accounts were also captured, they just haven't gotten around to using it yet. I would also change those account's passwords, after you finish the scan.

btw, there is a chance that your other accounts were also captured, they just haven't gotten around to using it yet. I would also change those account's passwords, after you finish the scan.Yeah just the name alone "account4" i would have thought they would have tried "account3" with the same password, but i changed the PW on all my accounts, did a quick scan and removed the trojan, now doing a fullscan and waiting for it to finish, then im gonna change the PW on all 5 one more time just to be safe.

I am just happy I didn't purchase anything from the internet today or that scumbag would have my credit card information as well.


Also yeah I am buying the authenticator, I have not gotten a trojan in years =/ Guess everyone can get hit sometimes.

is this something that the blizz authenticator will prevent?Yes. The authenticator generates a sequenced 6 digit number, 000,000 to 999,999 so 1 in a million that they could guess the number in a minute IF they have your U/P.

I have one authenticator attached to all 7 of my accounts, I log in just as I used to, but get prompted for the number. One number works for all the accounts logging in at the same time, it's really fraggin easy and adds a wonderful level of security.

That said, I've been gaming in MMO's since 1996 in UO, and not once has one of my accounts been compramised, but for $6.50...

FFS I just checked the link, they are STILL sold out.... I'm glad I bought mine!

its sold out. but it is easy to absorb the incredibly low cost compared to boxing. I will definately be getting one.

One other thing to consider. If you use firefox, I highly recommend both the AdBlock and NoScript extensions.

NoScript will stop the "oops, I went somewhere and it automatically downloaded something I didn't know about" from happening because you have to explicitly tell it what sites to allow scripts from. It's a bit of a pain at first, but once you get used to it (and get it set to just allow your favorite sites), it's not bad at all. Well worth the peace of mind, imo.

Hope it all works out for you.

I have the store link to Blizzard Authenticator as my home page, and it's been sold out since shortly after release. Blizzard *says* it's been restocked several times, but I'll be damn if I've ever seen it for sale.

Since you didn't mention you had an Anti-virus installed, I will suggest Avast ('http://www.avast.com/'). The home version is free, and it does have daily definition updates. You do need to register and they will e-mail you a code. The nice thing is that it runs in the background and pretty much anything that comes through the browser is checked. Has saved me a couple times ;-)

Other free Anti-virus are AVG ('http://free.avg.com/') and AntiVir ('http://www.free-av.com/').

I have the store link to Blizzard Authenticator as my home page, and it's been sold out since shortly after release. Blizzard *says* it's been restocked several times, but I'll be damn if I've ever seen it for sale.It's a wonder they haven't opened that up to other RSA keygen suppliers as it's obviously an upstream production issue.

Those Blizzard authenticators go for over $100US on ebay. Can you trust them from ebay? The way that they are designed coupld someone copy it and resell it to you and get your info?

Not trying to cause panic or anything but if your credentials were stolen via malware planted on your system you might want to consider rebuilding your computer. The reason being malware such as that can only be planted via some kind of exploitation of a vulnerability or installed from an account that has Administrator access to the system. There is no way to know if the malware performs other functions such as stealing your online banking credentials as well. Or other malware could have been installed that does this. A keystroke logger on a system is a bad thing and we always require our users (I work in Information Security for a University) to rebuild their systems.

EDIT: Korrekted a spaling misteak

My brother recently had his account hijacked, when he got it back all his characters was stripped of all that could be vendored and logged out without hs or mount in shadow labs... he contacted a GM to get his stuff back, but while he was filling the form he was kicked out of wow and couldn't log back in, he checked his account and it turned out some other part of blizz had banned him for selling gold ^^

Our Guild Master put allot of work down on the blizz forums and finally got a blue note from a moderator that said he was gonna take a look at the specific case... sill nothing happened..

My brother installed AVG anti virus and he instantly found the trojan and removed it, to find out where he got it he simply just ran through his internet history until he got a warning... and guess what?! he found the trojan on the blizz forums =)

he wrote an e-mail to blizz explaining how dissapointed he was that u cant even trust blizz own websites, 5 mins later he had his account back with every single piece of equippment and other crap, down to the last [boar flank]...

I use COMODO ('http://www.comodo.com/products/free_products.html') in conjunction with Avira ('http://www.free-av.com/en/download/1/download_avira_antivir_personal__free_antivirus.ht ml') .

Even if your anti-virus doesn't catch the Trojan, comodo will stop the communication and notify you of the attempt.

I use AVG paid version on all my systems and have seen it catch some potential web installed keyloggers. It has a web shield that is really really good at catching those before they can infect you.