Re: Account hacked using Blizzard's Password Reset Utility
- From: C J Campbell <christophercampbell@xxxxxxxxxxx>
- Date: Fri, 21 Nov 2008 16:40:10 -0800
On 2008-11-21 16:16:15 -0800, redvet <redvet@xxxxxxxx> said:
Your e-mail was changed because your system has been hacked, not Blizzard's.
To change your e-mail, the hacker has found out your WoW account login name, your WoW
account password, and your e-mail account login/password. In order to find out this
info, from you, the hacker has either opened a backdoor on your computer that has
access to your WoW account and your e-mail, key-logged you while you accessed your
WoW account and e-mail, got the info from you via an unsecured wireless network or
LAN, got the info directly from you via a phishing e-mail, or got the info from you
via a 3rd party. They did not get it from Blizzard. They didn't buy/bribe/steal it
from Blizzard. Blizzard didn't give it out to anyone other than who ever represented
themselves as you ( see above ).
There is a new rash of trojans, that target WoW specifically, that so far a majority
of the AV and spyware softwares doesn't detect. Heck there is even a trojan that the
Blizzard Launcher can detect, but most AV/Spyware can not. AV software, as a rule of
thumb, can't detect even the most common keylogging trojans.
MAC's may not be the target of most virus/trojan/worms/other-nasties, but it doesn't
means they can't and there are WoW specific trojans that are compatible on MAC OS'.
If you can not find the breach, format your computer and start a new. You will also
want to lock down all other personal info that could have been harvested from you
system(s) such as logins/passwords for banks, ISP's, online pay services, credit
cards, and school/work/home.
Interesting exchange about the blizzard account and what caused the
compromise.
Earlier last summer I tried to log on and my password didn't
work.Blizzard sent me a 'temporary' and when I logged on with it I
discovered my 'stuff' gone and my character located in a very bad
place.Oh, and there was a 'new' character, a lvl 1. I have no children
and there isn't anyway I would have shared my account password. I do
have active virus software as well as a firewall. Blizzard did get my
stuff back after a few email exchanges. I'm still puzzled how it came
to pass. For Blizzard, the answer was clear, it was something I had
done...redvet
Precisely. This happens over and over, but Blizzard blames the victim, citing all kinds of evil trojans, viruses, loggers, or whatever, but without being able to name a single one that actually does this dirty work. The real weakness is in Blizzard customer service, where someone there can apparently be persuaded to give just enough account information to someone requesting a password reset to enable a hacker to steal the account.
--
Waddling Eagle
World Famous Flight Instructor
.
- Follow-Ups:
- Re: Account hacked using Blizzard's Password Reset Utility
- From: redvet
- Re: Account hacked using Blizzard's Password Reset Utility
- From: Brent Stroh
- Re: Account hacked using Blizzard's Password Reset Utility
- References:
- Account hacked using Blizzard's Password Reset Utility
- From: C J Campbell
- Re: Account hacked using Blizzard's Password Reset Utility
- From: redvet
- Account hacked using Blizzard's Password Reset Utility
- Prev by Date: Re: Account hacked using Blizzard's Password Reset Utility
- Next by Date: Re: I see Death Knights! I see them everywhere!
- Previous by thread: Re: Account hacked using Blizzard's Password Reset Utility
- Next by thread: Re: Account hacked using Blizzard's Password Reset Utility
- Index(es):
Relevant Pages
|
