Seeking Help: One of my Accounts Hacked

[Vyndree]

[...] GMs can do restorations in order to get your gear/money back[...]

I'm usually not that positive about Blizzard's support, but that is just awesome!

Yeah, I hear there is some hoop-jumping involved, but if you can show them that there was a definite IP change in the time that you were not in control of your account, it should just take them the time to verify that you're not tryign to manipulate the system and you can usually get everything back. They don't guarantee the process, but I hear that people typically get back all of their gems/enchants and stuff down to the last piece of netherweave.

btw: your icon is the cutest

Thanks! That's my kitten Lilu -- we loosely named her after the female character in the movie "the 5th element". She hated the sound of Suvega's camera shutter, so she ran off immediately after this pic was taken. Hence the "deer in the headlights" look.

[leukos]

It would be nice if Blizzard offered up an option to purchase something like the PayPal Security Key for each account. Then again, logging in all the clones would get more interesting, and it would be five more things for the cat to hide.


Best of luck getting everything sorted out Qlimax.

[Qlimax]

Good news, well at least peace of mind on my part. I reformatted, purchased System Mechanic Pro, setup the new firewalls and anti-virus. Reloaded all drivers and everything seems to be working fine. Sent in a petition to Blizzard stating that I was not requesting the gear back, I am level 31 and it was mostly bad gear ( we don't need to waste gold when there is 5 of us =P ), telling them that I was not in qontrol of the account at that time. I appreciate all your help, and I must say, out of all the bad experiences one must face in life, this is a great one to really brush up or learn about internet security and I thank this community for making my experience more knowledge oriented.

Qlimax

[wowphreak]

Use firefox and noscript for internet browsing,

Visit http://www.wowhead.com/ for example.
The Wowhead homepage will load up with a big message saying that "This site makes extensive use of JavaScript. Please enable JavaScript in your browser". JavaScript is probably already enabled but NoScript has prevented the scripts from running.
Then look at the notification bar that has popped up at the bottom of your browser window. Click the 'Options' button and a menu will pop up, with the following entries:

Allow wowhead.com
Temporarily allow wowhead.com
-
Allow google-analytics.com
Temporarily allow google-analytics.com
-
Allow quantserv.com
Temporarily allow quantserv.com

Just to put my 2 cents instead of allow everything for a site I suggest allow only the site url first. the example above yeh should only allow wowhead.com then when something doesnt work the way it should add more in.

One of the problem with the addon is if is an executable. Or if the sites says download this for auto updating addons. I only install addons that come in a nice zip format.

[Chrysanthe]

Well, it's a damn shame, that things like Trojans, Viruses, Keyloggers etc even exist... I just think, in the case of account hacking, that some people get jealous of others and manipulate things.. but why the hell hacking in a god-damn game account? It's just a game after all, even if I pay money for playing online... it'd be the same, if someone hacked onto my computer and manipulate some offline's game's account/savegame... It's just BS, imo..

And concerning Addon downloading: NEVER download them from pages you don't really trust, i.e. no-name pages, and if you download them, make sure you check them for any malicious things, such as keyloggers etc....rename .exe into .zip and try to open them with either WinZip, WinRAR or the Windows Explorer or any other archiver...

[Nixi]

Hope you get it all sorted out.

Personally, as much as I enjoy my Shammy team, if I got hacked, my first call is to my bank, not Blizzard. That said, my bank uses a screen keyboard with randomized key-positions for my login. If my bank were to use Blizzards two hack-me-now text boxes for logging in, there's no way I'd use that bank for Internet banking. Despite every precaution listed here - and they're all worthy steps to be taken - there is ultimately no way to completely protect yourself, short of going offline and never reconnecting to the Internet. I've worked in IT for 20 years now, the last 6 at IBM, and I am always amazed (and a little disturbed...lol) by what the hacker-heads over in our Security competentcies are able to get past, through, over, under or around.

I would very much like to see Blizzard use an on-screen keyboard - as a purely optional login method for those that want it - as I know I'd be quite happy to log in via this way. As much as my Shaman team is light years behind other more critical internet transactions I make, I'd still like to add another layer of protection if I could.

Still, do what the previous posters have said - while you may never make your computer impervious (and anyone who thinks they have is kidding themselves), at the very least, you shouldn't make it easy either.

Blizzard's client does have the potential to use the 'onscreen' keyboard thing with randomized placement of digits. Just like inputting a pin number when you go to the ATM.

It also has the potential for a Matrix Card. On the right side the digits 1-0 are placed in a circular fashion and they spin quickly when the mouse is far away and slows down gradually when the mouse reaches the wheel. Once your mouse moves over a button all the digits are cleared so no one can see what you're clicking on.

I don't know why people on US servers aren't able to enhance account security with these features.

[Sarduci]

[quote='zanthor',index.php?page=Thread&postID=64655 #post64655]Learn what file extensions do what... a .JPG is harmless, a .exe or .com or .vbs aren't... the list goes on... .zip.exe will .bend.you.over while a .zip is harmless (though it may contain nastyness.)
[/quote]I have to disagree with that statement. "Picture" files have recently become a more common attack vector for hackers. To quote Microsoft from the April security alert (aka: patch Tuesday):

[font=&quot]Bulletin Identifier[/font]
[font=&quot]Microsoft Security Bulletin MS08-021[/font]
[b]Bulletin Title[/b]
[url='http://go.microsoft.com/fwlink/?LinkId=111955']Vulnerabilities in GDI Could Allow Remote Code Execution (948590)[/url]
Executive Summary
This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Maximum Severity Rating
Critical
Impact of Vulnerability
Remote Code Execution
Detection
Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.
Affected Software
Microsoft Windows. For more information, see the Affected Software and Download Locations section.

[Chorizotarian]

Also a zip is not necessarily harmless. A buffer overrun in a common shareware package like WinZip or WinRar could easily be used to constuct an attack vector.

[king.pa]

To avoid Key loggers .. I'm copy/pasting all my passwords ...

the only keys the trojans can intercepts is some ctrl+v

hope it's enough ...

[Enshredder]

To avoid Key loggers .. I'm copy/pasting all my passwords ...

the only keys the trojans can intercepts is some ctrl+v

hope it's enough ...

That is not really true. Most modern and half decent keyloggers can read your notepad or wordpad. Anything that you might highlight and use ctrl+c or right click copy and paste can still be read by keyloggers. Whenver you go to copy something - you are storing it somewhere to be pasted. Any half decent programmer with an understanding of how these things work can and will be able to get into the storage area and be able to read whatever he wants off of it.

If you are really dead set on protecting yourself at all costs against them, then the best thing you can do is read up on them and understand how they work. Having a thorough and intimate understanding of their inner workings is the best way to make sure you are absolutely safeguarded against them.

Otherwise, keep your virus definitions up to date, have a firewall whether it be software or hardware via router or some other way, and dont download any funny or unkown files from miscellaneous sites.