So It is 1am atm here in the UK and I just got home from work and thought I would do some leveling check my email browse some sites etc..
Basicly I found several of the usual emails from blizz about passwords being changed and so on, so I go to log on to WOW and get the incorect details blurb, I try to log into battle.net and get the same so I do a password recovery and get my b.net back under controll, go to reset my wow pass and it says im banned :(

Just checked armory and all my characters have been deleted too, im really pissed off with myself now.
I ignored all the warnings about not using authenticator, more fool me.

lastnight I was having some problems loading up WOW and went on a site that recomended I use anti malware software to scan for trojans that could be causing the problem.
I scanned my PC with malwarebytes and kaspersky and malwarebytes found a trojan so I deleted the file and left it at that.

Think im gonna format in a minute and reinstall wow then change my passwords for email and everything else just to make sure.

Cant do anything about my wow account atm so im gonna have to get up early tomorow and phone blizz.

Signed, Ignorant fool.

Reformat, get an authenticator (UK allows that right?), and blizz should help you recover your account when you provide the right information.

A word of caution though be careful about using unknown "anti-malware/adware scanners" as they often throw a false alert at you and then you give it UAC permission to install the "fix" which may indeed be the trojan that steals your info.

I finally figured out that was how I got scammed a while back. Had a fake adaware message pop up and totally fell for it. Sadly I work with network security on a near daily basis and even I was a click happy victim.

Good luck, if this is the first time this happened to you odds are you'll get most of your stuff back in a few days.

Pity they broke authenticators when they went to Battle.net accounts.

Pity they broke authenticators when they went to Battle.net accounts.

Yours is broke? Mine works fine..

Hey Naxxz,

I just went through this and if you'll contact Blizzard they should be able to help you with the restoration of your toons. As with the recommendations I have received from this site, I too went with the authenticator.

I was relieved to learn that ALL of my toons/items were fully restored in less time than blizzard had originally had anticipated.

Yours is broke? Mine works fine..

Authenticator works.

Login won't accept a code more than once, meaning you get to sit around and jerk off for about five minutes if you want to login with one as a multiboxer these days.

Thanks for the replys

Just orderd my authenticator and a frostmorne box set too :D

Luckly support dont open untill 10:30 am tomorow So I can have a bit of a lay in.

Hope I get my stuff back by end of the night, I was so close to 70 on my pally (soloing 1-80)

Anyway time for some Naruto and QI then bed Night night :)

A word of caution though be careful about using unknown "anti-malware/adware scanners" as they often throw a false alert at you and then you give it UAC permission to install the "fix" which may indeed be the trojan that steals your info.

I finally figured out that was how I got scammed a while back. Had a fake adaware message pop up and totally fell for it. Sadly I work with network security on a near daily basis and even I was a click happy victim.




I honestly doubt this is what happend to me, I downloaded malwarebytes from download .com and afaik malwarebytes is a respectable program.

It seams fishy to me that 2 hours or so after I found and destroyed this trojan they had got into my b.net account and my wow account.
I have no idea how trojans work but it's looks like they had my password for a while and sat on it waiting for me to make them some gold then my removal of the trojan was detected at there end and they thought "he's on to us" so they cleared me out instead of waiting around to see what happened. (sorry this was alot more dramatic when I played it out in my head, there was gangsters yo! wearing pinstriped suits sitting around a laptop watching my account........sorry)

To be honest I only had around 5k gold but I made that playing the market for about a month while leveling my paladin and I could probably get it back in a week or so now I know what im doing (dont buy Elementium ore lol)
Thanks for the heads up though never knew that could happen.

Anyway back to TV, I've missed you TV......C'mere xxx

how the hell do you guys keep getting hacked like every day? Stop clicking the wii sex toy links ffs.

Actually, better yet - stop signing up on peoples' forums/sites with your email and same password - oldest trick in the book.

I just have trouble believing, especially as a security analyst that works with this kind of stuff, that these keyloggers and malware are not easy to avoid. I don't even run anti-virus.

Two factor authentication is nice, but also not falling for malware scams that explicitly require you to take action (rather than just propagating themselves unbeknownst to you).

Also most modern anti-virus and anti-whatever never find a thing, even when you are compromised. Their blacklisting approach is flawed, and the heuristics are just fail. I ran every major anti-whatever for years and they never found a single piece of malware, not even once - and this is when I used to use file sharing programs which are littered with malware. You can even build a test box, put known malware on it and watch modern AV's fail to detect anything.

Authenticator works.

Login won't accept a code more than once, meaning you get to sit around and jerk off for about five minutes if you want to login with one as a multiboxer these days.

I use my login time to do some basic bank alt/AH stuf stuff stops me sitting around bored and I just login to another toon every 30 seconds or so.

Man i havent been hacked and i dont plan on it. I dont have wow on my laptop and i dont do anything on my wow computer on the internet. If i want to search something i do it on the laptop. This is how i avoid the retarded asian no life scum that want my accounts. Sorry to the cool asians but the ones that do the hacking are the no life ones and most are asian. But meh i might get an authenticator but not really worried about it atm.

I honestly doubt this is what happend to me, I downloaded malwarebytes from download .com and afaik malwarebytes is a respectable program.


Ya both of the programs you used were well known I wasn't meaning to suggest they weren't...I guess I was just throwing it in for others reading the posts...go with good reputable software all the time and make sure it really is the software you're using that is popping up message or asking for information. If in doubt type the address in yourself type stuff.

Anyway best of luck to you.

I fix computers every single day that are full of malware, adware and spyware. These are people downloading torrent files or surfing pron, these are work stations used for inputting Medicare data or receiving online flower orders or blogging and watching movies. This stuff is absolutely everywhere. It's made me paranoid :/ I only surf the web on one machine in the house and it runs Windows in a shell.

how the hell do you guys keep getting hacked like every day? Stop clicking the wii sex toy links ffs.

Actually, better yet - stop signing up on peoples' forums/sites with your email and same password - oldest trick in the book.

I just have trouble believing, especially as a security analyst that works with this kind of stuff, that these keyloggers and malware are not easy to avoid. I don't even run anti-virus.

Two factor authentication is nice, but also not falling for malware scams that explicitly require you to take action (rather than just propagating themselves unbeknownst to you).

Also most modern anti-virus and anti-whatever never find a thing, even when you are compromised. Their blacklisting approach is flawed, and the heuristics are just fail. I ran every major anti-whatever for years and they never found a single piece of malware, not even once - and this is when I used to use file sharing programs which are littered with malware. You can even build a test box, put known malware on it and watch modern AV's fail to detect anything.


No offence mate but im not stupid, I dont do any of the things you mention above, i've never clicked on a scammers link, do not use torrents( i Know you didn't say this but I thought I should say it anyway) and I certainly dont sign up to websites with my wow email and password.
If Keyloggers where as easy to avoid as you say then I and many others would not be in this situation.

The only thing I do on this computer apart from wow is stream tv and read these forums...I also shop.

Authenticator works.

Login won't accept a code more than once, meaning you get to sit around and jerk off for about five minutes if you want to login with one as a multiboxer these days.
Huh? If you login all 5 at the same time, it works fine. At least, mine does. Launch 5 clients, type in password once and hit enter. When auth code comes up, type in code on all 5 at once and hit enter. Voila.

I mean, if you broadcast firebolt spam, why wouldn't you use it to enter your passwords/auth codes in WoW? Guess I thought everyone did that. /shrug

Huh? If you login all 5 at the same time, it works fine. At least, mine does. Launch 5 clients, type in password once and hit enter. Voila. Don't all boxers use keybroadcasting to put in passwords???

Okay, see, the problem with what you're saying is that you never mention the step where you put in the authenticator code. No authenticator? Works fine. Authenticator? Fails on all but one account (presumably the first to say hi to the auth server).

Okay, see, the problem with what you're saying is that you never mention the step where you put in the authenticator code. No authenticator? Works fine. Authenticator? Fails on all but one account (presumably the first to say hi to the auth server).

I assume he has 5 different battlenet accounts.

I assume he has 5 different battlenet accounts.

Must do, it's the only way they work now.

Ya.. I have five battlenet accounts.

I lose out on the integrated account management junk.
But log in a bit faster.

Not sure why anyone would choose to not have an authenticator.
They have been in-stock for 4 straight months, both versions.
$6.50 or so.

Ya.. I have five battlenet accounts.

I lose out on the integrated account management junk.
But log in a bit faster.

Not sure why anyone would choose to not have an authenticator.
They have been in-stock for 4 straight months, both versions.
$6.50 or so.

And available for free on the iphone. The single battlenet account login issue is the only problem I have with an authenticator.

Not sure why anyone would choose to not have an authenticator.

I did until Blizzard stole mine.

Call billing.
See if they'll move four of your accounts to different B.Net accounts that are also yours.

One account per battlenet, is the way to go if you want to log into the game fast.
Or all your accounts on a single battlenet, if you want the integrated features.

Either way, you'll want the authenticator..

Good idea. I'll try that sometime when I have three hours to wait on hold, after setting up some Gmail accounts to register them on.

I haven't chucked the fob in the bin or anything...I'd really prefer to use it.

And what integrated features? Vaporware so far, as far as I know.

To all of you goign on about multiple battle net accounts you have to keep in mind that the original intent of Bind to Account gear was to let it be bind to battle.net accounts... If they turn that on, you'll be hating having them spread out.

I am in IT so I deal with malware and crap all the time. I have seen users get stuff from the ads on google searches. Problem is the guys making this crap make more than the IT guys fighting it, so we can never seem to win. Malwarbytes is a good app, the purchased version blocks bad IPs like a spam filter when you are browsing so it helps if you ever decide to buy it. Its pretty cheap in my opinion. Microsoft has a new tool called Microsoft Essentials that is free if you have a legit copy of windows and works great. I hate to say I like a MS product, but it has almost no footprint and it works great.

I had been wondering about how the authenticators work with dual boxing, so thanks for the input on that.

Must do, it's the only way they work now.

A few minutes to log in all five accounts is nothing to have peace of mind with your accounts. As others mentioned before, you can do other things within the 30 seconds between entering in authenticators. Check mail with your main, check the forums, etc. Heck there's been many times where I totally forgot to finish logging my guys in because I'm busy with something else.

To all of you goign on about multiple battle net accounts you have to keep in mind that the original intent of Bind to Account gear was to let it be bind to battle.net accounts... If they turn that on, you'll be hating having them spread out.

Ill cross that bridge when I come to it, there is no bind on account items Id actually want to swap between chars at the mo. According to Blizz the leveling heirlooms wont work from 80-85 anyway. I wont be leveling any new teams anytime soon either and even if I do I have enough wintergrasp marks to buy about 5 sets of heirloom items per account.

It would take a lot for me to switch to a single battlenet account wasting all that time logging in. If you log in 6 times a week thats half hour of your life down the pan while you wait to log in.

30 mins per week = 26 hours per year, over 1 whole day of playtime!!

Enjoy ur 364 day year :P

Ill cross that bridge when I come to it, there is no bind on account items Id actually want to swap between chars at the mo. According to Blizz the leveling heirlooms wont work from 80-85 anyway. I wont be leveling any new teams anytime soon either and even if I do I have enough wintergrasp marks to buy about 5 sets of heirloom items per account.

It would take a lot for me to switch to a single battlenet account wasting all that time logging in. If you log in 6 times a week thats half hour of your life down the pan while you wait to log in.

30 mins per week = 26 hours per year, over 1 whole day of playtime!!

Enjoy ur 364 day year :P

look at it from another perspective... How much time do you waste, in missed gametime and on the phone to blizzard, when you get hacked, and all your toons and gear get sold or deleted.

I feel for ya, but heyaz is right . I don't even have any anti-virus/detecting crap on my computer. Its true that its all over the place, but only if YOUR all over the place. Ive never had a virus or been hacked, play safe using common sense is all heyaz was getting at.
ALSO(knocks on wood);)

Account security is fairly basic. First, change your Bnet logon email to something you use for only that. Grab a free gmail account or whatever, but dont use that account for anything. Make it as secure as you can with letters and numbers. Dont use the same email acc/pw that you use elsewhere on the tubes like facebook, or logons to you're favorite wow website.

Account Password should be MS Complex compatible at a minimum. Use upper and lower case letters, a number and a special character and at least 8 characters long.

Use a dedicated box to browse the web. Dont have one? then create a virtual machine and do your web browsing in there. Yea its extreme, but you gave your account information to the hacker either directly by signing up with the same info or downloading/clicking something that did.

No offence mate but im not stupid, I dont do any of the things you mention above, i've never clicked on a scammers link, do not use torrents( i Know you didn't say this but I thought I should say it anyway) and I certainly dont sign up to websites with my wow email and password.
If Keyloggers where as easy to avoid as you say then I and many others would not be in this situation.

The only thing I do on this computer apart from wow is stream tv and read these forums...I also shop.

Is your Flash installation up to date? They're also infecting banners, which get spread everywhere. They're even making legit looking banners from other companies, and paying to have them put into banner pools, and boom, people are infected.

Makes me glad I use a Mac...for now, I know they're gonna figure out how to hit us eventually.

you guys are making me worried. I've never had a virus, but that isnt slowing down the paranoia!

Not wanting to start a flame war or so, and no offence, but I really cant understand why people still stick to windows when i read stuff like this. There is an alternative, that is free, easy to use/setup, looks fancy (in case you should care), performs better and has no security problems at all ...guess which one :)

If everyone used linux, linux users would have the same problem - if not even worse (yes, I have no evidence to back up that statement).

Anyways, sorry to hear you got hacked :(

Me happy I got the authenticator even though loggin in is a bit of a pain now.

Hope you'll get everything fixed.

Makes me wonder if I should get an authenticator to my webbank.

Not wanting to start a flame war or so, and no offence, but I really cant understand why people still stick to windows when i read stuff like this. There is an alternative, that is free, easy to use/setup, looks fancy (in case you should care), performs better and has no security problems at all ...guess which one :)

Secure as a box of bricks, and runs my software just as well as a...box of bricks.

Not wanting to start a flame war or so, and no offence, but I really cant understand why people still stick to windows when i read stuff like this. There is an alternative, that is free, easy to use/setup, looks fancy (in case you should care), performs better and has no security problems at all ...guess which one :)

As much as I dont like MS, it will be the majority because that is what most companies have to deal with to get custom software, bussiness apps and such. And the fact that most of the COs that own these companies are old timers with stock in MS, well it doesnt help. And a majority of the PC owners today have to work on windows they dont want to go home to something else that have to "learn"

look at it from another perspective... How much time do you waste, in missed gametime and on the phone to blizzard, when you get hacked, and all your toons and gear get sold or deleted.


I doubt I'll waste any time, on the phone from being hacked.

I have five accounts, on five battlenet emails.
After my authenticator code is used, it is invalid.

Because I have five B.Net's, I can use the same code simultaneously on the five accounts.
Because I log all five on at the same time, the code is invalid for any account after its used.
I suppose, if I were hacked/keylogged, and only logged in one or three accounts - there would be a 30 second or less window of opportunity to be hacked, on the remaining accounts.

I have the same security with my authenticator, as any one else has with theirs.

I suppose, purely guessing with a million to one odds, anyone with an authenticator could be hacked.
But then, every account on the same B.Net or across five B.Net accounts, has this same level of security.

Okay, see, the problem with what you're saying is that you never mention the step where you put in the authenticator code. No authenticator? Works fine. Authenticator? Fails on all but one account (presumably the first to say hi to the auth server).
See edit. Yes, I use an authenticator. Yes, mine are all on the same b.net account. And yes, the last time I logged into all 5, they logged in all 5 at once, including the auth phase. Of course, that's been about 2 months ago. But unless something has changed in the last two months, this still works. You just have to hit enter on all 5 at once. /shrug

I'd go login to verify but my multibox PCs are still up in Dallas.

Secure as a box of bricks, and runs my software just as well as a...box of bricks.

lol :) to true!

then create a virtual machine and do your web browsing in there.

Wanted to second this - this is what I do. I have a VM that is nothing but a browse box. Anything that isn't something I care about (like paying bills, accessing financial information, etc), goes in that VM. The great thing about it is, when I'm done with it I just reset the VM, and everything that happened in that session is lost. Meaning, if I did pick up a trojan it would be a) contained to the VM, and b) deleted when I destroy the VM without saving.

This does mean I have to relog to known sites (no cookies), but I find that a fair price to pay for knowing that there is no way my sensitive information is being logged. Plus, it's much less fuss than having to go to another computer every time you want to browse porn^H^H^H^Hyoutube.

Call me dangerous, call me reckless, be the first to say "I told you so" if I ever get a nasty virus, but I surf all the time on my wow PC, I dont have antivirus running, and I sometimes go to questionable sites. Its about being smart, not clicking on stupid shit, and keeping your computer updated. I used to run antivirus, but it just slows down the PC more, and doesnt prevent the nastiest ones in the first place. I also use an authenticator, to be safe.

If they find a way to capture the 8 digit authenticator code, were doomed :(
.... I don't know how many codes the device puts out, but I doubt it's unlimited.

Try writing down one code it puts out...then use it later... it does work

If they find a way to capture the 8 digit authenticator code, were doomed :(
.... I don't know how many codes the device puts out, but I doubt it's unlimited.

Try writing down one code it puts out...then use it later... it does work

It's not the code space so much as the complexity of the equation it uses to choose the code at a given time. Which while not unbreakable is certainly extremely difficult to attack.

It's not the code space so much as the complexity of the equation it uses to choose the code at a given time. Which while not unbreakable is certainly extremely difficult to attack.

Too much work, when they can just deploy the trojans and phish for accounts - the phishing emails are sadly very effective, considering how many teens and preteens play the game, and believe everything that pops up in the game or in their e-mail.

Spend some time in the WoW customer service forums, there's enough stupidity out there to provide the gold sellers accounts for years.

Also, I tend to think if they started cracking encryption, they're going to get attention from some very nasty people they don't want attention from, including their own government. That would put them into a whole new world, of laws, and black budget stuff. Our government uses the same stuff the Authenticator uses, and if it's cracked to steal video games, it's going to set off alarms all over the world.

Plus, if they were good enough to break the Authenticator, they would'nt be dabbling in stealing WoW accounts, ya know?

Plus, if they were good enough to break the Authenticator, they would'nt be dabbling in stealing WoW accounts, ya know?

It's not really a question of being good enough. Two-token authentication is powerful, and physical code generators are extremely hard to break without access to the original design plus the serial, or to the individual key generator. Access to a single device isn't sufficient, or you could break it by decompiling the software key generator or taking a SEM to one of the hardware key generators. It's the next best thing to impossible, and it's certainly far and above much more impractical when there is plenty of low-hanging fruit due to non-authed accounts and idiots that can't handle simple computer safety.

It's not really a question of being good enough. Two-token authentication is powerful, and physical code generators are extremely hard to break without access to the original design plus the serial, or to the individual key generator. Access to a single device isn't sufficient, or you could break it by decompiling the software key generator or taking a SEM to one of the hardware key generators. It's the next best thing to impossible, and it's certainly far and above much more impractical when there is plenty of low-hanging fruit due to non-authed accounts and idiots that can't handle simple computer safety.

Isn't that what I said? :)