Rand_Shea
06-06-2008, 02:20 PM
There is a new wave of hacking of WoW accounts going on recently via keyloggers that has managed to get the account information for my friend Rethsil, similar to what happened to Rosalynd some months ago. Currently we suspect his character has been stripped of his equipment and gold, and quite possibly had his bank ransacked as well, but we're not sure.
The hacker logged onto his character according to Illiyana at around 1:30 server time, took the character to Shadow Labs, and was unresponsive to all PMs. He then logged onto another character on a different server, and has seemingly done the same thing.
There is an announcement on the login screen that there is a vulnerability with adob flash player that has allowed keyloggers to slip into systems. Rethsil says that he updated his flash player days ago in order to prevent being put at risk, but it could have gotten into his system before then.
If you haven't done so all ready, I strongly encourage everyone to update their flash player and to run anti-virus and anti-spyware. Change your passwords as well and choose a string that is at least 8 characters long with both letters and numbers within it. I also strongly encourage that anyone using Firefox look up the addon that blocks script ads on websites, or if you are not using Firefox (or refuse to), to consider doing so or search for some means of blocking potentially malicious scripts. If you do not have an anti-virus or an anti-spyware program, Google for 'Avast!' and sign up for the free trial. The company that makes it allows for their product to be used for free for up to 1 year before they ask you pay a subscription, which I believe is about $25 a year.
Also, wish Reth some luck in getting his account back and that he doesn't lose anything. As it stands now, Illiyana and I contacting GMs in game hasn't worked as they are unable to do anything without talking to Reth himself, and Reth's attempts to contact billing to file a compromised account notice have been met with nothing but busy signals at Blizzard's 1-800-59-BLIZZARD number. He has sent off an e-mail, but I don't hold much faith in the response rate of those.
I'm bringing this up here because we're not sure currently what compromised his account. It could be the vulnerability in Flash, malicious script on a website ad, a keylogger slipped into an addon, or just a brute force hacking. If we get any information on the exact cause, one of us will post it here.
The hacker logged onto his character according to Illiyana at around 1:30 server time, took the character to Shadow Labs, and was unresponsive to all PMs. He then logged onto another character on a different server, and has seemingly done the same thing.
There is an announcement on the login screen that there is a vulnerability with adob flash player that has allowed keyloggers to slip into systems. Rethsil says that he updated his flash player days ago in order to prevent being put at risk, but it could have gotten into his system before then.
If you haven't done so all ready, I strongly encourage everyone to update their flash player and to run anti-virus and anti-spyware. Change your passwords as well and choose a string that is at least 8 characters long with both letters and numbers within it. I also strongly encourage that anyone using Firefox look up the addon that blocks script ads on websites, or if you are not using Firefox (or refuse to), to consider doing so or search for some means of blocking potentially malicious scripts. If you do not have an anti-virus or an anti-spyware program, Google for 'Avast!' and sign up for the free trial. The company that makes it allows for their product to be used for free for up to 1 year before they ask you pay a subscription, which I believe is about $25 a year.
Also, wish Reth some luck in getting his account back and that he doesn't lose anything. As it stands now, Illiyana and I contacting GMs in game hasn't worked as they are unable to do anything without talking to Reth himself, and Reth's attempts to contact billing to file a compromised account notice have been met with nothing but busy signals at Blizzard's 1-800-59-BLIZZARD number. He has sent off an e-mail, but I don't hold much faith in the response rate of those.
I'm bringing this up here because we're not sure currently what compromised his account. It could be the vulnerability in Flash, malicious script on a website ad, a keylogger slipped into an addon, or just a brute force hacking. If we get any information on the exact cause, one of us will post it here.