Think Oil's Expensive? Covert Blizzard Ban Sends WoW Gold Skyrocketing

[Kitsune]

Yeah.  While it used to be that only twits who gave out their password for powerleveling or to guild members were 'hacked', now that an industry has sprung up for stealing gold there are honest to God WoW-password-stealing malwares out there.  It's possible for an innocent person to wind up with their account stolen, through no fault beyond not knowing to have sufficient security on their computer.

That's why the authentication token that Blizzard's selling is such a necessary item.  They should pack those in the retail boxes.

[Miasma]

It's pretty hard to get one of these keyloggers if you keep your OS and browser up to date right?

[Simond]

And if you're using noscript, popup blocker, and so on.
i.e. not the average person.

[Trippy]

You need to turn off images too

http://blogs.zdnet.com/security/?p=1361

(or stop using IE).

[Kitsune]

Security's a slippery thing.  You have to keep the OS updated to protect you from worms or hacks that try to wiggle through port vulnerabilities.  Once you're covered from outside people coming in, you have to protect yourself from stuff that lurks on the net and waits for you to pick it up.  Most people use Firefox with No-Script and Ad-Blocker Plus addons for that, and it's a pretty solid deal.  If a site can't run a script, it's hard-pressed to attack you, and No-Script is smart enough to allow the honest site (say, Allakhazam) to run a script while blocking the malicious site serving an infected ad through Allakhazam's page.

Now, it won't protect you if you tell it to allow scripts to run from a malicious site.  If (hypothetically) thottbot decided to steal everyone's stuff for IGE and stuck a keylogger on their site, and you told No-Script to let thottbot run scripts so you can use the talent calculator, you could be in trouble.

If you're running XP, you're pretty fucked in that scenario.  If you're running Vista, and not logged in as an administrator, you should be safe.  You'll get a 'Do you want to let this site install a program?' popup, and unless you're an imbecile you'll click 'Fuck No.', and that's that.  Ditto for Macs and the Linuxes; even if the browser is compromised it shouldn't be able to install anything on your system without the user giving explicit permission.  There is a Mac vulnerability floating around out there now that actually can infect them and give a remote user root privileges, but I don't think it's in serious use, and Apple may have patched the hole in that update they put out last week.

In any event, it's not a bad idea to regularly run virus/malware scans on your system, just to be sure that nothing's snuck in somehow.

[Abelian75]

Yeah, I got my WoW account stolen about a year and a half ago, which I never thought would ever happen.  I pretty much figured that it was really only complete fools getting infected with keyloggers, but I managed to get it without visiting anything particularly shady (I believe there was some sort of temporary IE vulnerability with mouseovers or some crap a little bit before I got it, which I assume is what happened). It did make me stop being careless with malware scanning, though.

Then again, I am kind of an idiot, but not, like, THAT much of an idiot.  Just a little one.

[Kitsune]

That's the thing: little idiots can be victims now, whereas previously you had to be a gargantuan idiot.  WoW had plenty of gargantuan idiots to begin with, but it certainly has millions of little idiots.  Add in the joys of guild bank access and you're open to massive amounts of gold theft that can affect any player in the game, if the player's guilded.

Were I a guild leader, I'd require any officer with vault access to own an authentication token.  The sheer damage that can be done by a thief getting access to the vault is just horrific.  Once the guild had enough income to afford several tabs worth of vault, I wouldn't mind designating one tab as the junk tab and giving general access to it for people to dump basic ingredients and lowbie gear to help people level their characters, but any item of significant value would be kept under the strictest possible security.

[Fordel]

The Trick is to not keep anything of value in the vault 

Probably the most valuable thing in my guild vault are our Primals, and we use them so quickly there's maybe 200 gold worth total at any one time.

[apocrypha]

That's the thing: little idiots can be victims now, whereas previously you had to be a gargantuan idiot.

Dammit, that got me. Yeah I use Firefox with noscript, adblockers, regularly updated antivirus, occasional malware scanning, etc. But I'm no expert, I'm not anal about these things, and my GF also plays WoW and I sometimes log on using her PC and damn but thees gold farmers are a business so they clearly care more about my WoW account security than I do and those authenticators are only £4 each, which is half of a single monthly sub.

So I just ordered 3 of them.

[Montague]

Speaking of security, I have an anecdote from this past weekend.

The wife decided to make her own guild, and shortly after she completed the charter and started looking for recruits one of our old friends from our previous guild popped into the guild recruitment channel looking to join a guild. Really cool guy (if a bit odd), published author of a couple zombie novels, something of an intellectual. She gave him a whisper asking if he wanted to join. The response?

"lol ya ur guys raid kara rite?"

At that moment we understood that our beloved druid friend was most definitely not who we thought. A quick inspection turned up a Darkmoon card that we knew our friend had, so we sent word out amongst the old guildies that their old druid friend was not who he was supposed to be. One of them e-mailed our friend who said that he hadnt changed his name, nor transferred off server, and in fact his account was supposed to be inactive.

A quick Blizzard investigation this weekend gave the druid player his account back with 28 days of free play time donated by the "hacker". Turns out that our buddy had his computer in the shop a couple of months prior to fix a crash problem, and that most likely one of the techs lifted his account information from his hard drive, and then E-bayed it to some unsuspecting kid. The poor sap who bought the account wasn't destructive at all, he had full access to a guild bank with thousands of gold in coins and items and didnt take a thing.

[cevik]

So I just ordered 3 of them.

Haven't they been perpetually sold out since the day they were announced?

[Kitsune]

A quick Blizzard investigation this weekend gave the druid player his account back with 28 days of free play time donated by the "hacker". Turns out that our buddy had his computer in the shop a couple of months prior to fix a crash problem, and that most likely one of the techs lifted his account information from his hard drive, and then E-bayed it to some unsuspecting kid. The poor sap who bought the account wasn't destructive at all, he had full access to a guild bank with thousands of gold in coins and items and didnt take a thing.

Poor stupid kid.

But to the best of my knowledge, no account information is saved on the host system other than the account name; nothing saves the password in any retrievable format.  More likely that the guy had a keylogger sitting on there.  Or one of the 'techs' put one on.  Something to investigate.

[Chimpy]

A quick Blizzard investigation this weekend gave the druid player his account back with 28 days of free play time donated by the "hacker". Turns out that our buddy had his computer in the shop a couple of months prior to fix a crash problem, and that most likely one of the techs lifted his account information from his hard drive, and then E-bayed it to some unsuspecting kid. The poor sap who bought the account wasn't destructive at all, he had full access to a guild bank with thousands of gold in coins and items and didnt take a thing.

Poor stupid kid.

But to the best of my knowledge, no account information is saved on the host system other than the account name; nothing saves the password in any retrievable format.  More likely that the guy had a keylogger sitting on there.  Or one of the 'techs' put one on.  Something to investigate.

Might be one of those people that did the "I have a txt file with my username/pw that I copy and paste into WoW everytime I log in" kind of people?

I know a few of those.

[Fordel]

People do that?

 


What's the logic behind that?

[apocrypha]

So I just ordered 3 of them.

Haven't they been perpetually sold out since the day they were announced?

Have they? Didn't know that :/  When I ordered it the Blizzard Shoppe of Internettedness said "Your order should ship within the next 2-3 business days". I'll let ya's know if that turns out to be true 

[Merusk]

People do that?

 


What's the logic behind that?

If you have a keylogger, then all that's being logged is ctrl-c ctrl-p.  Can't discern the pw from that.

[cevik]

So I just ordered 3 of them.

Haven't they been perpetually sold out since the day they were announced?

Have they? Didn't know that :/  When I ordered it the Blizzard Shoppe of Internettedness said "Your order should ship within the next 2-3 business days". I'll let ya's know if that turns out to be true 

Maybe they are periodically getting more stock.  Every time I've checked it it's said "Sold Out" and the purchase button is greyed out.  I hate these silly secureid things, but I hate the threat of keyloggers more so I think I'm going to buy a couple if it will ever let me (one for me, one for my wife).

[bhodikhan]

Why did you order 3 of them? I have two accounts and use one on both accounts.  Unless you're logging in at different locations you really only need one authenticator.

[Montague]

A quick Blizzard investigation this weekend gave the druid player his account back with 28 days of free play time donated by the "hacker". Turns out that our buddy had his computer in the shop a couple of months prior to fix a crash problem, and that most likely one of the techs lifted his account information from his hard drive, and then E-bayed it to some unsuspecting kid. The poor sap who bought the account wasn't destructive at all, he had full access to a guild bank with thousands of gold in coins and items and didnt take a thing.

Poor stupid kid.

But to the best of my knowledge, no account information is saved on the host system other than the account name; nothing saves the password in any retrievable format.  More likely that the guy had a keylogger sitting on there.  Or one of the 'techs' put one on.  Something to investigate.

Account name is all you need really if you have the guy's computer and he's local. It's easy to get e-mail information off the hard drive and if you have the account name and e-mail address, all you have to do is answer the secret question and Blizzard will e-mail the password. Secret questions like your mother's maiden name can be cracked with a trip to the courthouse, dogs names can be cracked from pics on the computers or e-mails, etc. Heck his e-mail password may have been the same as his WoW password, some folks just aren't very smart with security.

[SurfD]

People do that?

 


What's the logic behind that?

If you have a keylogger, then all that's being logged is ctrl-c ctrl-p.  Can't discern the pw from that.

Might be a silly question, but does a G15 keyboard macro key function the same way, or does it actually send the keystroke signals in a way that a keylogger could read, or does it work like a copy / paste?

[cevik]

People do that?

 


What's the logic behind that?

If you have a keylogger, then all that's being logged is ctrl-c ctrl-p.  Can't discern the pw from that.

Might be a silly question, but does a G15 keyboard macro key function the same way, or does it actually send the keystroke signals in a way that a keylogger could read, or does it work like a copy / paste?

I'd suspect, for compatibilities sake, that the G15 keyboard is sending the key press events in the kernel level as if they are the keys that are being pressed, so that at the software level you receive a KeyPress event.

Short answer:  No, I think a keylogger would easily capture a G15 keyboard macro.

[apocrypha]

Why did you order 3 of them? I have two accounts and use one on both accounts.  Unless you're logging in at different locations you really only need one authenticator.

Really? Shit, didn't know that, I though it was one per account. Ah well, they were cheap. And they arrived this morning, so they've obviously sorted out their earlier supply issues.

[cevik]

Why did you order 3 of them? I have two accounts and use one on both accounts.  Unless you're logging in at different locations you really only need one authenticator.

Really? Shit, didn't know that, I though it was one per account. Ah well, they were cheap. And they arrived this morning, so they've obviously sorted out their earlier supply issues.

Damnit, I've been checking the page 4 or 5 times a day at least, and they always say sold out to me.

[Mrbloodworth]

This thread is still here?

[apocrypha]

Damnit, I've been checking the page 4 or 5 times a day at least, and they always say sold out to me.

You US or EU? Maybe only the European store has stock?

[cevik]

Damnit, I've been checking the page 4 or 5 times a day at least, and they always say sold out to me.

You US or EU? Maybe only the European store has stock?

US, but I just checked the EU store and it says sold out as well.

EDIT: I can't figure out why they won't just let me backorder the damn thing instead of having to click the page 5x's a day hoping that it's the one time that there are some in stock.

[apocrypha]

US, but I just checked the EU store and it says sold out as well.

EDIT: I can't figure out why they won't just let me backorder the damn thing instead of having to click the page 5x's a day hoping that it's the one time that there are some in stock.

You want one of my Euro ones? If I can use one for 2 accounts then I'll have a spare one. If the EU one works for US accounts then you're welcome to it.

[cevik]

You want one of my Euro ones? If I can use one for 2 accounts then I'll have a spare one. If the EU one works for US accounts then you're welcome to it.

Nah, thanks for the offer, I'll just wait till I eventually get one! :)

[cevik]

You want one of my Euro ones? If I can use one for 2 accounts then I'll have a spare one. If the EU one works for US accounts then you're welcome to it.

Not sure about the EU, but these things are now selling at over $100 on ebay.

[Miasma]

I hope to hear about an ironic scam very soon where people entered in their WoW account info at some website which promised to ship them one of these for cheap.

[apocrypha]

Not sure about the EU, but these things are now selling at over $100 on ebay.

That's mad! There's one on ebay UK going for £6 ($12) and one from Singapore with a BIN of £42 (hahah $84). With 0 bids. Wonder if Blizz are pulling auctions for them or if there's just not the same demand here?

[cevik]

Not sure about the EU, but these things are now selling at over $100 on ebay.

That's mad! There's one on ebay UK going for £6 ($12) and one from Singapore with a BIN of £42 (hahah $84). With 0 bids. Wonder if Blizz are pulling auctions for them or if there's just not the same demand here?

They aren't pulling them on the US ebay.  The last 4 that sold were BIN for $70, $90 and $85, and one that went all the way bidding and sold for $132.50.

And the blizzard store is still "out of stock" and perplexingly won't let me back order the damn thing.

[apocrypha]

And the blizzard store is still "out of stock" and perplexingly won't let me back order the damn thing.

That's really stupid. Maybe the person responsible for that genius bit of design is the one selling them on ebay 

[CharlieMopps]

People do that?

 


What's the logic behind that?

If you have a keylogger, then all that's being logged is ctrl-c ctrl-p.  Can't discern the pw from that.

Wrong wrong wrong wrong...
I can pull what's in your clipboard a lot friggen easier than I can your keystrokes... er... wait... no, they are both really super easy to get.
Basically, there is no way to prevent it... other than not getting infected with the keylogger in the first place.
I could write something in under 60 seconds that would send me everything you type, everything txt file you open, and eveything on every page, document, webpage or whatever else you have. INCLUDING secured webpages. We're talking less than 10 lines of code. The only part that would make it even slightly hard would be how to transmit the info to me without leaving implicating evidence arround (like my IP) but that's only because I'm not the evil sort of person that does stuff like that. But I'm sure that it's fantastically simple.

[Ironwood]

Would you like to play a game ?