So I'm convinced Blizzard has security issues

[Wintershot]

Not that I am accusing you of buying gold, power levelling or buying accounts but from what I have heard, including from several first-hand sources, "hackers" are, most of the time, actually power levellers or account sellers who wait a few months after the transaction/service to hijack the accounts. Even if you were only buying gold, you would have had to have given them your email address, which gives the hackers the first of two pieces of information required to hack your account.

Have you freely given your account details to anyone?

[Nisch]

Not that I am accusing you of buying gold, power levelling or buying accounts but from what I have heard, including from several first-hand sources, "hackers" are, most of the time, actually power levellers or account sellers who wait a few months after the transaction/service to hijack the accounts. Even if you were only buying gold, you would have had to have given them your email address, which gives the hackers the first of two pieces of information required to hack your account.

Have you freely given your account details to anyone?

I have never purchased gold, never paid for powerleveling, or bought an account. I busted my ass making 5 of every class, all through work, and not shortcuts. I never got any phishing emails, I never posted my details anywhere.

I've never let ANYONE even on my computer period. My 2 year old even has his own computer so he can't use mine. My wife has her own computer.

People who buy and sell gold upset me as it's a great disservice to other players. I've played MMO's since UO and haven't purchased anything, only worked my way up.

[crowdx]

Just on the point of reactivating the accounts, the hackers are using stolen CC info, when mine was hacked a few weeks back, they transferred 4 toons to other realms using stolen CC info. Blizz caught the transfers later that day.
I do believe though, that the hacks being implimented are quite sophisicated and it took me a week of multiple virus scans with multiple different scanners, all of which came up empty. Resetting my cable ip address finally got me clear and over that period I changed my Bnet email 3 times on the afffected account. VERY frustrating.

[Nisch]

Just on the point of reactivating the accounts, the hackers are using stolen CC info, when mine was hacked a few weeks back, they transferred 4 toons to other realms using stolen CC info. Blizz caught the transfers later that day.
I do believe though, that the hacks being implimented are quite sophisicated and it took me a week of multiple virus scans with multiple different scanners, all of which came up empty. Resetting my cable ip address finally got me clear and over that period I changed my Bnet email 3 times on the afffected account. VERY frustrating.

Well that's the other thing, not a single charge has been placed on my cards since March.

Perhaps they re-upped my account with someone else's stolen CC info?

I guess that's a possibility.

[crowdx]

Something that I found unsettling in my hack was that my notebook, which I formatted as part of my nuke from above clearance kept giving me an error when i tried to connect to my desktop using remote desktop, it kept telling me I had a connection already running. This happened both times I formatted the notebook, then unplugged it and pulled the battery, even the BIOS had it's date reset due to no power, then on the 3 rd format I disconnected my modem so that it would get a new IP and only then was I able to connect to the other desktop remotely after that fresh install. My suspicion is that the original trojan had captured the ip address of my network and so they were able to still connect to my machines remotely using some other hack.
ALL VERY SCARY

[Ughmahedhurtz]

I know it's easy for people to say that it was my computers, but being a network security specialist for 10 years, I feel I have the ability to check for these things.

I can see how that might lead you to believe you're not the one in error here but if there's one thing I've learned over the years, it's that hackers are an ingenious lot. I know it's hard to believe but the alternative theory goes beyond the pale. I just cannot fathom that Blizzard has some security hole where accounts get hacked regularly for 5 years and NOBODY has found out about it yet. It would not be a normal hack, either, because they're not entering your logon/password for any trojan to sniff. /shrug

[Lokked]

Long time no see, MBox forums.

I recently tried to log into my BNet account to add a Diablo 2 CD-KEY, and had found that my account was gone. This concerned me as it had 7 WotLK boxes on it. I hadn't accessed it for around 1 year.

I called tech support and the guy was incredibly empathetic and helpful. He informed me all my accounts had had their 7-day free trials used up and were banned for accessing too many nodes in a given time frame (harvest botting).

He suggested I scan my comp with Malwarebytes. It found...........TROJANS!

I suggest you do the same to your comp. Good Luck with this.

[Daeri]

Could it be possible that you entered the credentials of that account on another computer just once ?

For example, I know i've already logged into the official forums from work. And I also once checked something on the account management page for both my two accounts. I'm supposed to be the only one to use this computer at work but I guess I'd be screwed if any trojan was there for some reason.

[Tonuss]

scrub them FROM ORBIT!

It's the only way to be sure.

I've seen numerous people who were very cautious about computer security (and WOW security in particular) get hacked and not have a clue how it was done. It's one of the reasons that I got an authenticator. I'm pretty cautious and pro-active about my computer's security, but I no longer take for granted that I know enough to be safe.

Still, there could be other ways that these guys are getting this info. I can't imagine that it's due to Blizzard's own security, if these guys had access to that kind of information, I doubt that they'd be careful enough not to tip Blizzard off about it. If it *is* an inside job in any way, that could be catastrophic for Blizzard as a company.

In the end, who knows? The people who work to steal accounts have become ridiculously aggressive and seem to be using everything from the most basic social engineering to more sophisticated ploys. I get the feeling that if we ever understood the scope of what these guys are doing, we'd hang ourselves in distress.

[Redbeard]

Ok thanks to this and the many other threads like it ive finally broken down and bought an authenticator.

ARE YOU PEOPLE HAPPY? I swear there are blizzard reps on here hussling the product =P

I kid i kid. Anyways, I am pretty sloppy about security and I think if my b.net account got haxxored and people jacked all my stuff that id likely just stop playing, so yeah... was the right thing to do.

Anyways,

Good luck getting your stuff restored.