This time I fired up WoW to log in and instead of 'incorrect password' I see 'Please enter your authenticator key'.
My what now? But I don't have an Authenticator!
And that's how I knew I'd been hacked.
I immediately retrieved the two emails I'd just deleted which, like the ones I've been getting every day for a month or two now, tried to warn me that I'd been hacked. When I moused over the URL in one of them it showed Blizzard's real URL. I actually had been hacked.
I called Blizzard and got "We're experiencing a high volume of calls right now. All operators are busy and we cannot take your call. Please try again later. *click*"
What the fuck???
They're so busy taking calls I can't even wait On Hold for the next available Operator?
To me that says they've got a majorly serious problem.
Here's the rub.
The password I use is not one I've used for anything but World of Warcraft.
The only person who has access to my WoW account is my wife and my 9 y/old son, and that's via my PC.
My PC is also pretty much used for nothing but WoW. Ok, there's the checking of email, Facebook activities, reading Blogs, etc, but for the most part I play WoW and that's about it.
I do visit sites like WoWWiki, WoWHead, Thotbott (or however it's spelled) but I'm also a security freak and have numerous anti-spyware programs like NoScript, AdBlock, AVG, Spybot S&D, etc.
I also doubt anyone could call Blizzard pretending to be me and satisfactorily answer my Security questions, not unless they're someone who knows me really, really well. And no, my wife wouldn't do this. That's not her style. She'd just log in on my account and Delete my characters. And she wouldn't clean out my sister's Guild Bank like this person did.
I don't have a keylogger on my computer because the software I listed above is not all that's in my arsenal, I have others, some specifically designed to find keyloggers, and all scans came up blank.
This means it was not someone close to me who hacked my account, and it (most likely) wasn't a case of me being hacked/keylogged.
In my opinion this was an inside job from someone inside Blizzard, and this is apparently what many people who have been hacked have claimed for a long time. Of course nobody has any proof because the only proof is an absence of proof (as in once you eliminate the impossible, all that remains, no matter how improbable, etc etc etc...) and that's not good enough. Not for court. It's good enough for me and for those who have been hacked but it still brings you no satisfaction. If anything it makes you wonder what's the point of playing Blizzard's game when they can't protect you from themselves.
After calling back numerous times I finally got into their automated help line and was able, eventually, to talk to someone who removed the Authenticator from my account and got me back into my account. The Rep also informed me that the hacker apparently had access to my email account, so when I got in I not only changed my password but I created a brand new email account and linked my WoW/Bnet account to it, rather than my old email.
I will be very curious to see if this email account receives any sort of Phishing emails and if so, how? If it's a brand new email account, not used for anything but accessing WoW, and so the only record of it being a WoW-related email is within Blizzard's own database...how do the Phishers know to target it? We'll see if that that happens.
Finally I logged into WoW, and this is what I saw...
That's a far cry from the character model I displayed a week or so ago...those Spaulders are the Heroic badge-bought shoulders. They're worthless as far as vendoring which is why I still had them. I also had the badge-bought necklace I'd picked up literally a day or two before but everything else was gone, including most of my badges (& I was 2 Frost badges or one Heroic away from getting my new Libram!).
I logged in and my Pally immediately began falling, falling, falling. A window popped up with Accept or Cancel but there was no message accompanying it. I wasn't going to Accept anything without knowing what I was accepting. I fell for several seconds until being automatically zoned out and re-appearing on a ledge in Sholazar Basin, naked. Well not quite naked. I still had my Badge-acquired Shoulders and a Mining Pick. As a Miner/Skinner I used to carry a Gnomish Army Knife which the Hacker vendored (for 22-silver. Wow.) opting for the cheaper Pick. They then went Mining, on my character. They sold all of my bags bar my original Pack and one other, and both were almost full of Ore & Gems. When my character raided their Guild Bank my sister put in a ticket to a GM that I'd been hacked, and eventually my account was closed down. The hacker had been caught in the middle of Mining run.
Fortunately, with Pets and Mounts now being built into the paper doll and not carried like inventory, I was able to fly back to Dalaran where I checked my bank and saw it had been stripped, too. I put in a ticket to a GM to (hopefully) get my gear restored, then with trepidation logged out to check my other characters. My old toons on Kilrog (Kwazimoto & Co.) had also been stripped. I returned to my sister's server and clicked my Bank Toon. He was still clothed but none of the Auctions I'd listed before going to bed last night were up, nor was there any Gold waiting in the Mailbox for me...or in my inventory. And every other character was the same. Many still had random items in their packs but practically no Gold to their name.
I am willing to start all over again but I'd rather not if I don't have to. Naturally I'd like to get my gear restored and get my sister's stuff back, but I have no idea how long that will take. Do I just play a low level Alt for a week until Blizzard do something? What if it takes them several weeks to restore my gear. What if they won't restore it, or only partially restore it?
And then my own security measures got the best of me. I forgot my new WoW password. And I forgot the password to my new email WoW-only email account. And to be ultra security conscious I'd used my work email as the secondary email and I can't access that until Monday. So this weekend has been a sad, WoW-less weekend.
Fortunately! The kids and I went to Dave & Busters on Friday and I ended up cashing in 10,000 points (the boy and I save them up for the BIG prizes) and getting MySims Agents for the Wii. You can apparently buy it for $20 but it's not likely we'll save up our points for the 85,000 X-Box, so why not spend some of the points on a game for a system we already have.
It's a cute, point & click-style adventure game with a bunch of mini-games (puzzles) to play as your Sim Agent gathers evidence to crack each case. There's also things to find if you're prepared to look around, like new outfits and decorations for your HQ. It's a fairly typical MySims game with lots of customization available, but the way it's presented with you as a Special Agent solving cases means you need to actually think as you play. And I like that. I'm giving it an 8/10. It's not the perfect game but it's well done and is a lot of fun :)
Posts
11 comments:
so sorry to hear that. I know how it feel. I felt shaken when one time a guy tricked me into running something that caused all my items to drop in Diablo II.
And sorry I just had to laugh when I saw that naked dwarf ....
well, i quit WoW last month to devote more time to the lady and son. but, i whole heartedly demand (not recommend) you get an authenticator for your account. it's $6. like, one large latte. or two happy hour beers. or one oil can of fosters.
if luck would have it and you're on stormrage US [server time is EST though so i doubt it with you in CA :(], i've got an over-gold-capped account you can borrow from to help recharge your toons.
i've been getting free labor at my house [22 yr old younger brother who plays] in exchange for 10k gold per afternoon of work. almost worth me getting another game card when my last 60 days runs out.
and....it goes without saying [which i apparently didn't say it], but, sorry for your loss. if there is foul play of any sort from a hacker on your computer, meaning not inside blizzard, i hope you don't do any banking on that computer. in which case, change your bank password on your work computer?
The wife handles all the finances using her PC so we're good there. When my keylogger searches turned up empty I still didn't entirely trust my numerous security programs (a perk of being a conspiracy theory freak) I ended up reformatting my hard drive and reinstalling Windows, just to be sure.
WoWPanda, a naked dwarf is a rather amusing sight, especially one just wearing epic Pauldrons, so when I parked him at the Bar in the Dalaran Inn I actually took them off, too ;)
On the positive side, while I've still yet to reinstall WoW (plus BC, Wrath, and any necessary patches), I finally managed to get back into my WoW-only email this morning and saw a whole bunch of emails from Blizzard with the subject header "WoW Character Restoration", and it appears most everything has been restored. I won't know if I'm missing anything until I get into the game and do a visual inspection, and even then if I'm missing some gems, ore, etc, I'll still have no idea. As long as my gear is back I'll be happy. And if my sister's Guild Bank loot is back, even better still.
It occurred to me this morning that last week, in order to be a more responsible party member, I needed more knowledge of what is going on, in-game, especially when I fight Bosses for the first time on some random PUG and have no clue what to do.
So last week I downloaded the Deadly Boss Mobs Add-On.
And within a couple of days I'd been hacked.
Coincidence?
Possibly.
I did scan the Zip (and I used more than just one program. I told you I'm a security freak/paranoid.) after downloading and it came up clean. I scanned it again after unzipping (Paranoid, remember?) and again it came up clean. But that could just mean the keyloggers are better than the people from whom I get my protection.
And that's why I chose to do a reformat/full system restore. Becayse I'm paranoid :P
did you download DBM from curse or another client handler? or from deadlybossmods.com?
it's such a shame we're even having this much conversation about it. but, as unfortunate as it may be, the gold/items they're targeting for resale is BIG business. i used to play on a dedicated WoW only computer, like no surfing or e-mailing even, and used an authenticator - and never got hit.
and now you're not a paranoid-conspiracy-theory-guy, you're a realist.
the thing that always struck me as odd is that they ask for a list of everything that went missing.
Uhhh... don't you guys have timestamps of when my password first changed? roll it back to 3 days ago. YOU'RE the one with all the logs, I just play the game.
Feel your pain, but with patience and a ticket or two the stuff will be back. Just takes time. begin leveling an alt ;)
I most likely got the Add-On from Curse because they're a site I thought I could trust. I did download the actual zip file, I didn't use the downloader/installer. Too many horror stories about people using downloader/installers that have bad stuff piggy backing along for the ride, but it seems it didn't matter in the end as even the file itself may have had a hitchhiker that all of my security programs failed to pick up.
The wife and her friend, unaware of just how much money there is in this industry, were incredulous that people would take the time to hack WoW accounts, but with my Pally they got a gold mine, literally. They got over 6K in gold alone (I know. That's still not a lot), plus all the Ore, Gems, etc, in my Bank, AND I'd already done the grunt work and maxed out Mining for them plus I have an Epic Flying Mount. They were Mining with him in Sholazar when the GM locked my account and kicked them out!
Ixo, in case you missed it, I did get my stuff back early this morning, or at least I got email notification of that. So within 48 hours of being hacked I was back in business. Well, I would have been if I hadn't locked myself out being all paranoid, security conscious :P
Glad you have the stuff back!
But your conspiracy theories about insiders operating at Blizzard gives me chills. I've never every heard that theory before. Do you believe in it now?
Keylogger programs are, by nature, designed not to be found, so my not finding one doesn't necessarily mean I didn't have one. And as I couldn't be sure I didn't have one, the only way to be 100% sure was reformatting my hard drive and reinstalling Windows.
What I did find amusing (at the time) was within a week or two of resubscribing to WoW (back in January) I started getting Phishing emails. "Ur WoW Account haz bean compramized! This is bad and U R notty and U will be banned unless you clix hear to log in and verfiy UR ID!"
While I'm not 100% positive that someone in Blizzard sold/misused my account information, I'm not writing it off either. Now I'm just waiting for the first phishing email to arrive in my new email's inbox, because it's a brand new email never used for anything except my Battle.net account, so if it does start getting Phishing emails then that's positive proof (for me) that Blizzard have a security leak.
If blizzard were interested they could look up the logs for the IP address of your dopplegangers sessions and pass that on to the FBI.
It is a 'real crime', so they need to take it seriously.
Post a Comment