Hi All,

Red Alert yet again....

The WoWHead and their network sister websites are distributing virus and keyloggers again.
They have not released a statement yet, this is yet again another flaw in their advertisments.

WoWHead, Thottbot, Alakazam are affected

WoWdb.com which is less user informative is not affected, I would recommend using them for the mean time.

How about I just use Firefox and leave my AV set on auto-update.

add on "No Script" and "Ad Block Plus" to firefox and you have a winner.

I know how to protect my PC, however, this was a public announcement incase people are using IE as well as wowhead due to the recent IE security Issues.

<3 to D-B.com for not using advertisements, woot woot!

I hate technology.

Internet Exploder imo. lolIE

Does this happen in the background? Or is there a prompt befor we are compromised?

Any suggestions as to detecting the infection (early)?

I'll ask the dumb question: Will my up-to-date virus suite (from CA) protect me or is there some other weakness I should be aware of?

I can only imagine due to the recent UNPATCHED security issue with IE I can only recommend:

Update virus scanner Scan your PC
Change to firefox & NoScript addon or another safe webbrowser Don't use wowhead for a while, I would suggest use WoWDB.com but not alot of user input tho :(I have people 'in the know' on this issue, I hope to find out more info asap

I love wowdb.com but man do they need more comments...

Thank you for this announcement. It is appreciated.

Gotta love being logged into only one of your accounts around midnight and watch yourself log into 3 different toons in 4 minutes or so. My solo level 80 mage and a priest were stipped nekid and had everything mailed out. I figured out what was going on pretty quick, but the damage was done.

To the massive credit of GM's and any other department involved, I already have all the gear back with gems and enchants. Lost the gold, but that's easier to get than the last 4 weeks of guild raids.

I was using the new IE for testing, but I reloaded my VM and won't go back to Wowhead or IE any time soon... atleast on my game box.

Thanks for the heads up Majestic. 8)

Also, get an authenticator. Even if something gets past your security, all it can steal is the password. Two-factor authentication is much harder to break.

There's an update available from Windows Update - so patch & reboot if you're using IE.

Some links with more info:
Microsoft's press statment: http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx?pubDate=2008-12-17

ZDnet article: http://www.zdnetasia.com/news/security/0,39044215,62049261,00.htm

Cheers,

S.

Humm I should have it but i have telephony, telnet, task schdualer, runas and remote registry services disabled so HA HA HA!

Also you can tell if yur infected by using autoruns from microsoft, shows everything that starts up when you start your computer, EVERYTHING.

Also you can tell if yur infected by using autoruns from microsoft, shows everything that starts up when you start your computer, EVERYTHING.

A nice tool, certainly. But not a complete AV diagnostic tool by any means. It can catch a lot of things, but not EVERY piece of malware ever invented. For a trivial example - what if something you expect and want to run on startup is replaced or compromised? Good luck with that, eh? So...I wouldn't be quite that bold in advertising it for telling if you're infected or not.

Still, a great tool.

so IE is currently "compromised" or able to get key loggers/trojans/viruses and all those fun things? >_> guess its a good thing i switched to Firefox about a week ago lol.

want to run on startup is replaced or compromised

Well then it wont show up as verifyed. I mean if its so easy to hide a start up program from the operating system so that the operating system thinks its official and verified, then obviously it will hide it from Norton or any other product as well.

Anyway I back up my computers and have tt shark case with the hard drives side mounted so I can just slap in a new whole cloned drive from a back up if anything strikes. But so far with no norton and no firewall I havnt got a thing (cause I shut off all remote services lol ... ). Even if malware starts its can't take over anything from a remote source as the services are just not avaialable to do so. I not sure that with serivce off any program can send information back to the writer.

To those that got hacked

http://img.xataka.com/2008/08/blizzard_authenticator.jpg

:P

Anyone know if the crisis is over yet?

ad
Anyone know if the crisis is over yet?

would like to know also as I use wowhead quite a bit

The only way to end the risk of viruses / trojans / etc is to permanently disconnect your computer from the internet.

Secure your system, then go back to using whatever site you want. This isn't the first such issue, nor will it be the last.

Thanks for the pretty much worthless reply most people know this and do have it secure well mine is anyway i never had a virus from wowhead and didnt want to get one, it will not stop a new virus to bypass your virus scan's but would be nice to know if they have corrected the problem .
Ah I know lets all use firefox thats will stop it please.....



The only way to end the risk of viruses / trojans / etc is to permanently disconnect your computer from the internet.

Secure your system, then go back to using whatever site you want. This isn't the first such issue, nor will it be the last.

Thanks for the pretty much worthless reply most people know this and do have it secure well mine is anyway i never had a virus from wowhead and didnt want to get one, it will not stop a new virus to bypass your virus scan's but would be nice to know if they have corrected the problem .
Ah I know lets all use firefox thats will stop it please.....

I can't quite make heads or tails of that since it's so badly written, but I think you were trying to insult me for answering someone else's question. If you're going to be rude, could you please try to do it a little more clearly so I can at least be sure what names you're trying to call me?

There is free AV software, people. No excuse for not installing some and keeping it updated if you're going to be online. This is akin to the idiots who decide they'll be better off not giving their baby measles shots - it makes the problem worse for EVERYONE, not just the dumbass who thinks they know better.

Shit, everyones a security specialist now? Damn.

Also, get an authenticator. Even if something gets past your security, all it can steal is the password. Two-factor authentication is much harder to break.

For those of us who are not so tech savy...how about more info on how to do this? :) From what I can see, this can only be done if your game vendor is providing the service (like Blizzard is doing). But, I know I could be wrong.

Also, get an authenticator. Even if something gets past your security, all it can steal is the password. Two-factor authentication is much harder to break.

For those of us who are not so tech savy...how about more info on how to do this? :) From what I can see, this can only be done if your game vendor is providing the service (like Blizzard is doing). But, I know I could be wrong.

You have to have control over the server side of things, yes. Blizzard did implement it though, and the timed key devices are cheaply had. But you couldn't, say, somehow make Warhammer Online use TFA from the player side without it being implemented by EA Mythic.

You seem to be interested in a non-WoW application, but are a little nonspecific.

If you have fully updated your computer via Windows Update with all the Internet Explorer fixes, and you have a working, up to date anti virus. You are as safe as you can be in regards to the original threat.

Just got Keylogged ;(
2/5 accounts (3 i saved)
its depressing to watch someone strip your toons naked

Use Opera: www.opera.com ! :D

I hate technology. me too. i'll never use it

well scaned my slave machine and found a virus wooot lol the name of it is fake alert or freescan. not only that but 20 trojens lol

Got one (authenticator) as well, works nicely.

Small side note, sometimes when I put in the code it has already expired (or I am just cross-eyed) and I have to log in again ..)

Small side note, sometimes when I put in the code it has already expired (or I am just cross-eyed) and I have to log in again ..)About one a week (a week with very frequent logins, to boot) that will happen to me.