Quote Originally Posted by Dor View Post
had 2 guildies that use auth get "hacked" over the last 2 weeks... thought it was a fluke, but maybe the loggers/hackers have found a way to quick log into someones accts now and blizz stopped that from happening? just a guess
A friend of mine had his account seized by a hacker using an exploit.

They managed to get a keylogger onto his machine and got his username and password.

From there they made a b.net account and merged his wow account with it. They then proceeded to sell off all his good sellable items and because he was a miner was flying him all over the place grinding mining.

He called me on the day he lost access to his account and was asking me about it. He told me that he had received an email from Blizzard saying that they had merged his wow account with his b.net account and told him that the new login id was some email address from yahoo in Croatia.

Unfortunately for them, I was on the phone to my mate talking about his lost access to his account, when I logged my solo main into the game and while I was chatting to him I pulled up my friends list and there he was online...

I opened a ticket then and there to report it. Also talked to someone who knew a GM IRL (because I did a /y looking for a GM... got a couple of arseholes /w'ing me laughing about it).

His account got locked that night or the following day and he got an email from Blizzard about it all. They unlinked his account from the b.net account and reset his password.

He had all his gear they sold restored to him, minus gems and chants. He wasn't complaining about it all... he managed to come out of it with a profit... about 100 stacks of saronite and 30 stacks of titanium.

Straight after he told me about it, I did some checking and found a few people had been done over like that and decided then and there to create my own b.net account there and then and merged all my accounts with it. I also downloaded an authenticator for my iPhone and for a while, I was able to log in all of my accounts with the one code from the authenticator.

While it is inconvienant for me to enter 1 number per login, the security side of things is a lot better (apart from the fact that this gives the hackers 2 sequential authenticator numbers for removing the authenticator)