Saturday, November 22, 2008


Well, it finally happened. My WoW account has been hacked. I verified from my wife's bank alt, that OrdoSerp's bank has been totally cleaned out. It had over 2k gold, stacks upon stacks of healing & mana potions, & a ton of Burning Crusade crafting items that didn't get sold durning the expansion run-up. OrdoSerp kept the gold access confined to just my account to protect us from random hacks like this. Heck, I was on my account less than 6 hours ago checking my Auctions before bed. I run full system scans weekly, keep up active scans, worked in IT for several years and am, to say the least, very careful with all my information.

My account has a 24 hour ban on it while they investigate, so, I won't be playing or seeing the damage anytime soon.

Update #1

I've just finish a complete system scan (virus/spyware) on all 3 computers...nothing. I ran scans using other programs...nothing. I've been skimming the forums looking for examples of issues...nothing.

I changed my wife's password info on her computer just in case.

I surf using Firefox w/ NoScript running. I suppose I could have turned off security on a website, but my security software scans should have caught anything. I don't use my WoW password for anything else. And I don't log on to any computers other than ours. I, unfortunately, haven't changed that password in over a month, but usually I do. The only change I made this week was downloading some quest addons. But those shouldn't have gotten my account hacked. Besides, addons should not cause a hacked account, only their source.

I use a Merc keyboard running the ZBoard engine & I use WoWMatrix. But there are no reports of issues with either of these.

There's nothing remotely suspicious running on my task manager either.

Everything here is behind a router/firewall and I keep Windows Firewall on. Yes, Windows Firewall isn't the most secure software firewall out there, but it should be "fine" being run in conjunction with a hardware firewall.

I am at a complete and utter loss here.

I just have to wait and see what Blizzard says. Not that they will tell me anything.

Update #2

My account was hacked at approximately 3AM EST. I assume everything is gone.

After several hours of extensive system scans, a conversation between my wife & and in-game GM, several searches through the forums, and a lot of bad words, I have found nothing...

Absolutely nothing except one tiny "low threat" cookie that seems to be getting past my NoScripts filter currently.

Could something have gotten past FireFox, NoScripts, CA Security Center, Window Defender and remain completely undetected after extensive searches? Yes. Could it have happened weeks ago and since been removed? Yes.

The thing that is really upsetting me is not the part about being hacked, having my virtual stuff stolen or even my account being temporarily banned. It's the not finding anything on my system or any evidence of something on my system. I would much prefer I find something and chock it up to bad luck.

Instead, I've got that nagging feeling like I've missed something. And if "they" hacked my blizzard account, should I worry about my other online accounts like email, iTunes, Amazon, ... , bank accounts? Which, again, I rigorously secure, just like my WoW account.

I've purchased a pair of the authenticator tags for us. They should arrive in the next week or so.

Update #3

They have reset my password, but my account suspension looks like it's going to remain in effect until tomorrow afternoon. No WoW for me. Not that I would want to WoW if all my epics are gone.

Update #4

This is the last "update" I'll add to this thread. I've reinstalled my "stronger" software firewall and have been looking things over. My conclusion? There's nothing here. A few weeks ago, I logged onto the game on the "entertainment" PC connected to our TV. I detected a Trojan on that machine last week. That's when it must have happened and the goldspammers only got around to using my password last night.

No comments: