Friday, February 01, 2008

My World of Warcraft Account Got Hacked

Remember, I told you these guys weren't messing around. But I didn't think it would happen to me. Particularly since I haven't played WoW since September 06. More...

I must say I was rather astonished at every step of revelation in this sordid affair.

One day out of the blue, I got an e-mail telling me I had successfully changed my WoW password. That, naturally made me suspicious because I obviously had done no such thing. It didn't particularly worry me, seeing as how I've been WoW-free for months. But still, the thought of somebody mucking around in my account had a few uncomfortable and noteworthy problems to it... for instance, did this mean they had access to my credit card info?

I run a clean computer, using Trend Micro Internet Security as well as Lavasoft Ad-Aware, Spybot S&D, and Javacoolsoft's SpywareBlaster. So I was pretty darn sure I didn't have a trojan or anything that was monitoring my keystrokes. Plus, the fact that the account invasion came so many months after I stopped playing made me think more in line with some kind of exploitation of Blizzard's web site than anything on my end. As the level of urgency on my part was fairly low, I considered it enough to go to Blizzard's account management page and reclaim my account by changing the password. In what would turn out to be a key misstep, I changed my password back to what it was originally, because I believed a flaw in blizzard's account management software had allowed somebody to set a new password for my account without actually knowing or entering the current one.

A week later, I came home to a couple more blizzard auto-generated e-mails. My password had not been changed again, oh no. The first said "your paid character transfer has been scheduled," the second one said it was completed. The character was my highest level and bestest geared dwarf paladin. I logged back into my account on the website, and found that indeed, my Venture Co. Paladin had been moved... and not only that, a few days after the password shuffle, somebody had ponied up their own visa to reactivate my account. Now, I don't even have a visa card (only MasterCard). So, I changed my password to something new, started patching 6 months of patches (might as well have a look inside at the damage, since whoever it was was paying), and got on the phone to blizzard billing support.

They were not very helpful. I explained the situation and tendered that while I was not actually subscribing at the moment it was not as if I hadn't quit and come back before, and such a return would be far less likely if my characters had been scattered, stripped and left picked clean. The guy's major contribution was to send me an e-mail to various support articles which basically were "computer safety for dummies," as well as a webform to initiate an inquiry and request a repair of the damage. Not that he could put in that request or anything, being a blizzard employee. That 300 meg patch was still coming, so I went ahead and did that.

By the time the patch was done, "Account Management" had locked my account and scrambled my password, due to "character interaction with another account known to be in use by someone intending to exploit WoW's systems." If I wanted my account back, I could fill out yet another form and fax it to them to start the process. By this point, my supply of give-a-shit had run out. I'm content to let it just stay locked forever. It certainly seems blizzard is content as well, and with over 10 million paying junkies, it's entirely understandable (though not laudable) that they've become complacent and apathetic toward each individual subscriber. They don't need you, they have 9.999 million more just like you.

I had looked around at some other places where people who had experienced account hacking against themselves had posted about it. Word on the street was that the passwords were being harvested by a keylogger imbedded in the advertising and UI mods on Allakhazam and Curse Gaming, two sites which I frequented often (and I got most of my interface mods from Curse).

So, there you go. I'm just glad these guys waited until I had long since cancelled my account. I'm moderately perturbed still, but not the foaming ball of fury I would have been had this happened when I still had an interest in the game.

So... all you WoW addicts out there... might want to scrutinize your system for suspicious looking processes, double check you have the real versions of all of your interface mods, and not be browsing allakhazam, thottbot or curse gaming on the same computer while you play. And change your password from time to time just to be sure, I suppose.

58 comments:

Anonymous said...

That totally sucks dude. If it were me, I'd be all over WoW's ass until it was fixed the way I left it, if for no other reason that the "principle of it".

Of course, you know how much my family loves conflict, and this is the sort of thing where we're able to play the victim and have free reign to berate the poor bastards that either 'victimized' us, or complicitly allowed us to be victimized.

I say you make 'em fix your shit. You harrange them until they fucking do it, NO MATTER that you're not CURRENTLY a subscribing customer, you EARNED all that shit, the next time you deign to throw some 'disposable income' their way, you have every right to DAMN WELL EXPECT your character to be the way you fucking left him!!!

Gas Bandit said...

Well, I considered that, but like I said.. I ran out of give-a-shit, and plus it will act as a pretty good failsafe in case I suddenly relapse.

Anonymous said...

I just found out my account was hacked as well. I was able to get back into my account by changing the password back and found my 2 high level characters had been stripped, robbed and all my items gone. 2 years worth of investing in these characters. I have contacted Blizzard, but got the same form letter. My inquiry has been forwarded...etc. No guarantee they say of things being restored. I also have a clean computer but have used Thottbot addons from day one. I am royaly piss*d. I thought Thottbot was ok to use. But I also thought Curse and Alakazam were good, too. One thing that really hurts is that I was a master leatherworker. Top of the class. They changed me to a Miner. All my leatherworking skills are gone. Not to mention all my good, handcrafted armor, my pets, horses, bags, gold, and tons of crafting items. I am sick over this.

Anonymous said...

well guys..

yesterday i found out that my accound has been compromised.
i play wow from beginging, had 3 70chars
an epic healer70 priest, nice tank 70 druid and dps epic mage also 70.
when i tried to log on to wow yesterday i found out that i have some problems with password, which made me highly suspicious, so i tried to log on to acc management.
same thing.
i was lucky that i rememered my secret question and had access to old hotmail account i used to create the account in first place, so i reset the password.
well... what a saw when i loged on to wow totaly shocked me.
all items, gear , horses bags money...EVERYTHING was gone!
on all characters!
almost 3 years of countless raids and 5man and hard work - all for nothing!
i contacted GM and after i explained all what happened he suspended my account for investigation.
i am 100% sure i ddint had a keylogger/virus on my comp, however i am 90% sure i know how my accound was hacked.
it was my fatal/stupid mistake, which many people do every day not knowing the risks.
my email address and wow account name are same and also had same password.
for example:
account name : JohnSmith
pass: : abc123
email : johnsmith@domain.com
pass : abc123

i used that on guild website to log on to forum and other places, and i am pretty sure that hacker hacked onto guild site, and since he knew that it was wow guild website it had wow players in it, so he could possible get passwords and email addresses from site database and try to log on to wow with them.

simple SQL injection on weakly protected webstie could do it.

but then again, i never thoght i could happen to me.

never use same password for different things!!!.....

hope GM help me tho... cuz i dont feel like starting all over again from scrap

Anonymous said...

HI

My account was hacked on 9.03.08, i tried to log on and couldnt so changed my PW and found e mails from Blizzard saying that my char had been sucessfully transfered to another realm. when I found my char she was on a German Realm and totally stripped and all my alts had been deleted. I am in the process with Blizzard and I hope they will restore her back to origional realm and her the stuff that was stolen. This is 2 years of hard work and a level 70 holy priest raiding MH.

Devastated

Anonymous said...

I just went through my account getting hacked yesterday. The way I found out was getting an email saying my password had been changed. The hacker sold everything I had and robbed my guild bank as well. The GM's are actually helping me get my stuff back which is good but the whole experience sucks.

The worst thing is not knowing exactly how it happened. I spent ALL day going through my computer looking for rootkits, keyloggers, etc. that could be the source. Everything came up clean after using several tools from several vendors. The only addons I used were Cosmos, Auctioneer, and Questhelper. I've used Cosmos for years but my use of Auctioneer and Questhelper is fairly recent. I'd be happy to blame them but I don't understand how LUA files themselves could be "the hack" without having an exe. Cosmos is the only addon I use that has an exe (the updater) and it of course could be the problem but it's been good for years. I can't totally rule out my computer from being the way the hacker got my account but with all the normal precautions I take and not finding any evidence of "foul play" on my system, I am strongly leaning towards someone gaining access strictly from the account web page on Blizzard's servers. How they did that I'm not sure, maybe as another person suggested I was stupid in the past and used same email/wow account username/password (years ago maybe, I've been playing for almost 4 years) but I'm 90% sure that it didn't come from my PC.

It would be nice if Blizzard offered two factor authentication for the account such as RSA Tokens. Something you know, something you have. Corporations have been using tokens for remote access to systems for several years. You have a user name and password that you enter to gain access but then you are prompted for the code from the physical token you hold in your hand. Even if someone hacked your account they wouldn't have the token and wouldn't be able to gain access. It could be an optional thing for customers. I know I'd be willing to pony up the money to buy my token for the added security.

Gas Bandit said...

The commonly held opinion is not that the addons themselves compromise you, nor even the websites you got them from, specifically.. what it seems to be is as follows... these legitimate sites (most purportedly curse gaming and thottbot) try to offset their cost with affiliate advertising. These advertisements, from their end, is basically just html code that says "advertisement goes here" to their advertising parters, and the ad company fills in the ads on the fly via javascript.

So what seems to happen is the hackers purchase advertising from the ad company to run on these legitimate sites, and the ad code itself that the hackers provide embeds malicious code inside the very advertisement, also in javascript, which exploits whatever security hole du jour has not been patched yet in IE or perhaps even XP itself to then execute code on your computer, which basically infects you with a 0-day keylogger (zero day meaning it's so freshly created that it doesn't even show up for most virus scanners because they don't even know to look for it yet). The keylogger then actively waits for you to log in to warcraft, copies your username and password and sends it home to the hacker. This is pure speculation on my part, but I would think at this point the keylogger would probably unload and delete itself so as to avoid detection and as such prevent an antivirus solution from being built to counteract it.

This makes for a tough nut to crack. The website you visit isn't strictly at fault because they can't control what advertisements their affiliate agency puts on their site. The affiliate agency can't disable scripting in their advertisements or else their whole ad structure stops working altogether. The antivirus companies can't get a copy of the malicious code in question because it's all largely memory resident and then gone after execution (no files to dissect and look for byte patterns to update their virus definitions with), and new vulnerabilities are found in windows as quickly as microsoft fixes them (and the hackers are willing and able to spend the time changing their code to exploit the new holes and abandon the old ones).

The only solution that I can see is to never surf on the same computer from which you game... and just thank your lucky stars that these hackers aren't trying to capture other passwords on top of your WoW account.

Anonymous said...

Yea same thing happend to me my account was hackd and i dont have a clue how i dont use and ui addons
my pc is 110% clean of viruses but then i found it was my website that was attacked and it was most of my guildmates who had being hacked too
Now how ever i hack wow accounts and i make about 1000$ USD a week and im 14 not bad eh?
I make keyloggers in ui addons i SQL sites for their md5 cache (i get your password)
and also another tihng proving to be a great succsess is Hardware keyloggers and internet cafes, All those People in T6 showing off at the local net cafe i hack em cause Every single net cafe in my in my city have keyloggers all hard ware too (i made em all) and they email me logs to a ftp server every 2 weeks and i get Peoples Wow user and pass and most of the time they sign into msn at the same time so i can change the email to mine making the account mine forever

Anonymous said...

I just found out today - 26/06/08 - that my account had been banned, in my peak of leveling at least 4 times a day.

I had a 56 retri paladin, 49 fury warrior twink, 19 twink rogue , 34 hunter and tis about it.

Being royallly pissed off, i just thought about it and told myself to sod it, if i relapse - then i'll just rebuy it, no big deal £20 gone down the drain, already lost like 30 days of game time, and still aint hit end game =[

Eric Soderstrom said...

It happened to me in the last week or so. I found out because my sister sent me an e-mail all bent that I was ignoring her. I told her I hadn't logged on in almost a week. So I logged on and found all of my stuff gone, and the guild vault cleaned out. And the guy logged on while I was logged on and kicked me off. I changed my password and logged back on and found my character in an instance. Also, the guy put my sister on the ignore list. And he apparently has been playing battlegrounds because I have honor points from yesterday.

Weird thing is the guy didn't bother changing my password. I hope it's secure again, but I just don't know.

I feel like Vince in Pulp Fiction - I would give anything to catch who did this - it would be worth him doing it just to catch him.

Anonymous said...

My account got hacked on 8/18/08. Two 70's, a BM hunter and a tanking warrior both stripped. Bags gone, most armor gone, money stripped. They stripped the guild bank, only like 35g but 3 tabs worth of armor, weapons, bags, tabard and all that. The one thing that surprised me is that all the items they couldn't sell (pvp gear) had its durability reduced to zero. My chars that didn't have pvp gear were stripped naked except for a shirt and tabard. But all those quest items I can't get back, all that money (almost 5k gold, I wanted an epic flyer). I sent the necessary online forms to try to get my account back. Was waiting for something constructive from blizzard.

So I changed my password from work (I work for the government and I know the system has no keyloggers). I thought it was fine, I mean, what would they steal now, right? They took most of it.

I got another email today (8/20) saying that my password had been changed again. I hadn't even logged in to WoW at my home computer, so I don't think it's security on my end.

The first time they stole 98% of my alliance character's gear. Even my lvl 4 mage was stripped. The funny thing is that they left my lvl 44 hunter's armor and gear alone, but sold all her bags and bank items. I'm afraid that since blizzard didn't freeze it when I told them to the first time, they finished the job.

None of my horde characters were touched.

I sent them another message saying "FREEZE MY ACCOUNT" like 20 times. I hope they understand what I'm asking them to do this time.

Anonymous said...

MY account was hacked on 01.09.08
Similar things screwed my account up as well. Not as bad as u guys. i only purchased the game 2 days before , so my lv 13 priest really had nothing to loose really.

What i did find was 3 keylogger trojans embedded in my c:/windows/system32 folder. np to cleanup
One called Lovefly.dll.

I am certain that these came from addons , like (smack me ) Carbonite Questhelper , downloaded from Curse.com .

Thought this was kinda cool to have .

I have to say Blizz could at least give paying customers some kind of date as to when issues like these can will be dealt with.

Most games have always had addons , mods of some kind and people are going to be tempted to download and try them.

What addons can u trust , Atlas seems fine.

Dont let the bastards grind you down ;P

Peace

Anonymous said...

I found out my Account got Hacked today 21,9,08, When i tryed to log on to it, It just said Password was invaild, i was like WTF, this cant be right, I been playing wow a long time, and have 2 level 70 chars, Warrior, BT geared, and a mage full spellstrike and spellfire, I then checked armory, only to see my warrior in pvp a Green Range wep which i never seen, and then i checked my mage to see if was stripped of his epics, Now i made a trail account, got in contact with the Gm, i added my mains name into freinds list to see he was still online and in Ironforge, the gm just said to go to the fourms and such, he thing is though, its asking for my secret answer for a secret question, Which i cant remember for the life of me, and also if i cant give that, they want some picture id, Passport or a Driver's licance Which i dont have, So i sent the info i could provide, and aint had a Reply from Blizzard yet, I just hope to get my account back soon, All that hard work and such, Its gonna be for nothing, if it comes to it, ill quit wow if i cant get my account, Or even my gear back

Anonymous said...

Checked my email from work and had a notice from blizzard saying my password had been changed at 6am this morning. Since I was on the bus heading to work I knew it wasnt going to be good news.

I reset the password from work and had my wife log in from another computer at home. I'm out 8k gld 200 some badges and around another 5-6k worth of mostly primals, leather, and potions.

I still have most of my enchanting supplies on one of my bank toons. I think the fact that I had so much stuff and was able to change the password fairly quickly saved me from lossing the gear I was wearing.

I really just want my badges back, then money I can farm back since I still have my tier gear.

Like most I'm 99% sure I'm keylogger free. I mostly go to wowwiki or thotbot, and havent updated any add-ons in almost a month. When I get home I'm going to have to go through my pc with a fine tooth comb.

Anonymous said...

I guess the list goes on. These low-level, money-desperate, hackers got me last week. Mine was a bit different. I had a Trojan detected on a different file. I had my Antivirus erased it and I didn't think much about my WoW password. It dawn on me later and I felt so stupid after I was hacked.

Anonymous said...

I know this is pretty old, but I felt like I wanted to post since this just happened to me last night.

I had just finished tanking Nexus and decided to take a break. I logged out, grabbed something to eat, cleaned up, watched some TV, and then tried to log back in. I got in, then got logged out, and tried to get back in, but it was saying my pw was invalid. I thought it was fishy, so I tried WoW's account management. Same thing. I cheecked my email and I had one saying my pw was changed. So I clicked the link that said it was unauthorized, changed my pw, and logged back in to find my gold was stolen. Luckily it was only on that one toon (then again, i haven't checked my other toons) and it was just the gold stolen.

I took the necessary steps (sent emails, ingame tickets, ran scanners, etc..came up clean) and hopefully, I can get some help from Blizz.

Anonymous said...

I just recently had my password changed without my approval. The account was cleaned out.
I had formerly been impressed with the Blizzard service, I had about 1/2 my stuff returned (with a loss of uncountable enchanting mats, rep items, and over 7k gold between a fw toons.)
However, a week later the password was reset again.
I am now going to tear my PC into little peices and look for a keylogger I KNOW ISN'T THERE.
I suspect a security breach at Blizzard, but who the heck is gonna admit that?!

Anonymous said...

I'm an internet security adviser. I've been doing so for 8 years. I don't have a keylogger for I run linux and boot WoW through the use of Wine. There isn't keyloggers period if you look at your introduction message logging into WoW it tells everyone about the "Rise" in account compromises and to change your passwords. That is screaming in my opinion we've been compromised but it would but extremely detrimental to live up to it. I lost 2 80 level chars one being a DK and multiple 70 plus characters and all were transfered to different servers. I called billing and we got my password reset and billing gave me Advice on the next actions to take. I followed this advice.. 3 hours later My account gets banned for exploiting the wow economy or being associated witha ccounts that exploit the economy.

Guys Blizzard has been compromised. I don't believe all "account hacks" are the end-user's fault at this point

Anonymous said...

I had something similar happen to me, the difference was that somehow the email associated with my wow account got changed as well as my password, so i cant even get my password back and change it. I have contacted blizzard but have not yet recieved a reply. I can't even log in to check the damages. it may just be a stupid mistake im making like forgetting my email address but im 90% sure that im using the right one, this really pisses me off

Anonymous said...

I was just hacked last sat I believe, i was on with my gf til about 3 in the morning, woke up and got ready to log on at about 11 in the morning, and by that time, someone had already changed my password, changed my eamil, and I was never notified at all about anything. I had low level characters, but none the less it was the only means my gf and I had to do something together due to the distance I have with her when I'm in college. Its not fare to anyone that blizzard doesn't do anything about this. I'm just a weak player, now how does that look to blizzard when not even high accounts are being hacked. They have a problem that they most definately need to solve.

Anonymous said...

I just got hacked today sometime. My system is clean - I'm a security person for a freakin bank.. I think I know a bit more about security than those idiots at Blizzard. I lost over 10k gold and 5k in items in the AH. We'll see if Blizzard does anything. If they don't return my stuff, I'm just going to bag it and hang it up.

Anonymous said...

So here's a really sick story. I got hacked today again, this was the second time this month. My system is clean and I gave out nothing. Yet this (exploitive) managed to hack it again, delete nothing, sell nothing, but the idiot added a character and started to play. The charcter's name was wyte something, and I just deleted it anyways. I fixed it, even put up a new email, and password. Yet this bastard hacked it within the hour that I changed it. Now my account is locked, and I don't know where to go from here. I don't even know how he knows all the information that he does. Its probably some freakingn 14 year old retard not going anywhere in the world thinking its fun to do this type of shit. Well if I where to ever meet this hacker, I'd show him my fist to his face.

Anonymous said...

every 1 that got hacked all say that they lose EVERYTHINK well....u still have your skills left and memory.

Anonymous said...

Account just got hacked. As well as the email. I just emailed Blizzard to freeze my account and figure this out. It's been about 8 hours with no reply. I figure I'll wait a few days. But still...

Anonymous said...

ahahahahahahahahahhahhahhahahahhahahahhahahhahahahhahahahahahahahahahahahahahhahahahahahahhaahahahahahahahahahahaa

Anonymous said...

Hey, My account got hacked a few time for the past two week. 3 or 4 time a week changed my password. This week, they changed my email too!! i can log in to the account management to change my email. I saw the current is ****@hotmail.com sumthing. my email is (can'ttellyou)@ymail.com. I kept contact blizzard about this problem. My character have not got touched by hacker yet. (I hope it okay). Now, I can't login to the game server, nor the site either. I am 3 week sick and tired of hacker hacked in my account and changed everything they ain't supposed to do!!! I swear if I see a hacker in my face, I punch him in the face and call all my friend who got hacked to come over to whup this guy!! I am so sick of it!! I have a lvl 52 shaman, and I luv play wow, and until, I can't!!! DANG!!

Anonymous said...

I have had the same thing happen to me this week 02-26-09

i dont know wats is happening i scanned my computer with panda security they found a currupt file..spyware they said...it was neutrilized and i shanged my password and my email too...both my wow account and email password arent even close to the same o i hope that helps

they didnt get a chnace to delete or move anything mostly because they frozze my account when they suspected it was being hacked

i acted immediatly and it seemed to help i talked to a live representitive on the phone telling me if they did sell my gear and delete and move my charactersthey will be happy to restore them to there original status

it would be worht him doing it if i t meant i could find this person..who ever sits at home and plays with people accounts and ultamitly their minds deserves to be shot

and he better hope i never find him/her or any one close to the likes of this "thing"

im my class now and am looking forward to getting home and seeing my toons where they were...

any idea of things i could do to prevent this from happening again?...

i changed my password my emial adress and most all typed info

i ran a virus scan and it detected 1 file and it was deleted

i have 2 computers at my home should i use 1 for apps and downlaods and use the other to play?

Unknown said...

I just got hacked, Level 80 Paladin, 2 BC raid geared 70s and a 71 shaman I was really looking forward to raiding on. It started with an e-mail stating that my PW had been reset, I usually get on vent before I login so before I even saw the e-mail I knew that someone used my account to rob the g-bank. 3th scan complete and still no virus/malware/spyware...nothing I use panda and spybot and windows live one care.

I'm sure I'll get most of my crap back, but I lament the loss of trust that I have for the security of my digital possessions. This is fucking digital PTSD, I'm now cynical and unable to trust. I have no sanctuary where I can escape the world and enjoy pretending that I'm just like everyone else, I NEED WOW, I'm certifiably nuttier than squirrel shit.

Why are there so many liars in the world?! Why do hookers on craigslist use misleading photos in thier ads?! Why aint we bringin the TROOPS home?! FUCK! I just wanted one GD part of my life to not be full of BS but the BS follows me everywhere.

I swear to god if I find who did this I'm taking out all my anger on you and eating your dog. Don't fuck with me, I'll cut your fucking heart out and set fire to the empty cavity in your chest and piss on your grandfather's ashes.

FUCK YOU wow hacker!

Anonymous said...

well, here is yet another hack story..same thing..got email saying password was changed...yadda yadda...cant log in..contact BLIZZ..sending emails about internet security and go to account management and change password. What good does that do? they can still get THAT password, and you CANNOT change your security question and answer either, which still would make no difference. I talk to GM after getting my pw changed and find they were actually farming on my lvl 80 hunter. My friend was calling me to yell at me for ignoring her...well, much to my disappointment...*(except my main..thank goodness) all my toons adn my guild bank had been destroyed....and..on my main toon they robbed the guild bank there (different giuld, but hi up officer...and not only that ..they added someone to the guild and promoted them up to get more stuff...what nerve.... Well, we all know the spiel..wait, wait..but, what happens..will I get the stuff back for my guilds? I mean I can replace stupid armor and stuff, but I cannot replace the work of a guild...does anyone have any happy ending stories? Let me know Blizz is good peeps...

wasim_69er@hotmail.com said...

i tried to log into my wow account yesterday and got a message saying my account was banned and was like WTF!?!?! i have never bought or sold gold or even received an email saying i had been reported, i check my emails to find the email telling me i was banned for economic exploitation i replied saying i had no idea what i had done and could they please fix it... i later went on wow forums and when the list of characters i could use to post came up i noticed a bunch of lvl 1 chars on different realms that i had never seen before so i sent blizzard another email explaining this and telling them that i wouldnt sell gold (that is what i presume was happening) because i had lvled my char up to 67 and just got wotlk and why would i waste my money buying the expansion if i was just going to sell gold? i dont even have much gold! still waiting for a response from blizz. fingers crossed i'll get it back soon!

Anonymous said...

i just found out i got hacked last night i laughed.... i looked at the missing gear, the lack of tanking things, and an abundance of mining shit then i was like... wait... i dont mine... well now i do lol found out they took 20 abyss from the gbank, then decide to deal with it the next day, which is today... so i try to log in... cant.... find out its locked, and now im getting lazy if i find this guy im gonna high five him and then give him a hug, blizz will just take a while

wow can wait

Anonymous said...

That really does suck. And sorry to hear about what you went though. On the 10th my acct was reactivated. I don't use credit cards and it got a one month on it. The password was changed. Lucky for me I kept my info updated on the acct. I got the emails on the 11th when I checked it. And one was closing and basically locking/banning/removing my acct. I was rip shit pissed. So I emailed Blizzard. I knew that if I called I wouldn't get anywhere. I emailed and told then all the information and even said why I thought it happened and what url might be responsible for it. None of my roommates got hacked. Blizzard got back to me and had me give them more info. I had already provided it in the initial email as I was very specific as to when I last accessed it. Where I was, even where I made the acct. So they sent me another email saying that they will reinstate it all I had to do was make sure I was secure on my end. So I did. Ran all my search and destroy crap and got secure. Emailed them back. Hoping that it gets reinstated in the next couple of days. The weirdest part is that the person who hacked it, I don't know what they did, but they got me new boots. (I looked on the WoW Armory) and they got me new achievements. They did BGs which I never do. So I wasn't too upset about that. Now I'm just hoping that I get the rest of the month without paying for it personally since someone did after all hack my acct and pay for a month.

Moral of the story? Well I would suggest if this happens to you, email the information. Calling from all the stories I have heard, doesn't do shit for help. Emailing is the best course of action and I think more likely to get the account back the way it was.

I'm pretty sure that they can check IPs and whatnot. Just from the questions they asked.

Anonymous said...

I on 8/19/09 got hacked. i was doing recruit a friend and i was running me and my friend through instances. I then got Dc'd or so i thought, it turns out someone changed my password. he came online (i saw him on my Recruit a friend character) he then striped all 3 of my 80's my 43 my 62 and my lvl 7(not sure why the lvl 7) He was talking in guild chat, spamming it. And also spamming trade/general/localdefense. He just kept saying im gonna get banned in guild. never seen a hacker like this that spams trade and guild. Figured id tell my story though it is kinda a late post.

Anonymous said...

Yet another hack story...Someone changed my password on Friday, 08/14/2009, 20 minutes after Blizzard shuts down there phone lines! I was playing earlier that day trying to post some auctions and it kept saying something about no empty auction slots, wierd as I never seen that before. I logged off thinking wow was having issues again. At some point after midnight I logged in to check my emails and saw the notice about my password having been changed. Then another email about my account having been merged. So I'm WTF! and in panic mode. I then looked at my spam folder and there were two more Blizzard emails about my billing agreement being cancelled and my account being disabled as there's evidence that it "has been accessed by someone who is not allowed to use it". No shit...that was about 3 hrs after the initial password change. Thing is, since the account was merged with a Battle.net account, I need to call in to have it unmerged and then setup a new password which I won't be able to do until Monday night and if I'm lucky and get through to someone. I've run virus scanner & rootkit scanner and PCs come up clean so I have no idea how this happened. Admitted, I do surf Thotbott while playing, I've been using this site for over 6 months and use questhelper, tomtom & auctioneer addons for as long as I've been playing which has been almost a year. However I started using a new site last week, www.wow-professions.com as a guide for leveling leatherworking which I keep open while playing. Maybe that was the culprit. What I don't understand is how they get the account name as I don't type it in, it's set to autofill. Anyways, depending on the level of aggravation on getting my account back, I'm definitely getting the Blizzard authenticator. I've just paid up for 3 months 2 days before and upgraded to WOTLK last month...What a nightmare. Now I'm paranoid about using my PC as I do all my banking and bill paying and everything off it. One thing that really bugs me about Blizzard is why they don't put in a security measure to confirm the password change by sending an email to the email registered on the account? This will at least make it more deficult to hack into the account. Oh and get this, I reported the account merged incident through one of Blizzard web forms and they send back a satisfaction survey!!!! Uh, they haven't done anything yet!!! How absurd is this! I got screwed twice, by the hacker and Blizzard's lack of security measures!

Anonymous said...

For what it's worth, Battle.net does send out an email link that has to be clicked before changing passwords and Blizzard is in the process of converting all WoW accounts to Battle.net accounts. A little late for those of us that have been hacked but good to see SOME action on Blizzard's part.

Anonymous said...

Comment on previous comment...The confirmation email on password change on battle.net is only when you forget your password...nothing is sent if you know it and want to change it...Anyways...I got access back to my hijacked account. From the horrow stories I've read I guess I should consider myself lucky. It looks like they just took all the gold from all my characters, almost 2k. Now I'm dirt poor. They also took some inventory but left all my equiped armor and weapons. I think they may have run out of time since I have 9 characters or maybe my stuff ain't worth looting!

Anonymous said...

Hi guys. I have just found out that 2 of my friends in the last week have had their accounts hacked. I was very upset for them. We all have put hard work and time into our toons.

I have investigated how this occurs. It is not a keylogger or a virus. I am obviously not going to explain how you do it.

It is an exploit in the blizzard support system. The ONLY way to safeguard yourself is to convert to a battle.net account. The reason is that when your account password it changed under battle.net you are required to click a link for verification that get emailed to ur email account.

If you are using an original wow account then it is just a matter of time i'm afraid. All the hacker needs to know ir you player name, not even your account name.

I hope this proves helpful.

Anonymous said...

My brother had this happen to both him and his wife. They got their accounts and toons and gear back with Blizzard's help, and shortly after they purchased physical tokens to prevent further hacking. So, convert to Battle.net and get a physical token from the Blizzard store. They are only like $7. This will protect you. I'm sure of it.

Anonymous said...

I've been lucky thus far with no one hacking into my wow account. I change my pw once or twice a week. I have three lvl 80s and working on a fourth had that been hacked. I would have been so pissed and worked up a b*tch fest to get my stuff back. Its really sad that people have to do this to those hard working players to ruin a game for others so they can just steal your stuff.

*Sighs* Blizzard seriously needs to fix this issue and make it a safe place to play and be enjoyable.. and not to worry bout hackers.. however to prevent any further hacks, do not ever give out your pws to your accounts et cetc Blizzard will NEVER ask for such.

I have stuff come inot my email with a threat of being banned and such and they wanted all my info to my account. I knew right off it was a fake.. and sent it to blizzard.

Anonymous said...

I just found out my account was hacked. Last Time I logged onto it was Tuesday, then go to log onto it today and find my password was changed. I quickly logged onto the wife's account and sure enough someone was on it farming. Tried adding my characters names for my other 3 characters on the account and got the message that they do not exist. Great. They stole all money from the guild bank, sold off all my items then deleted my other toons and then started farming with my level 80 Rogue. Talk about pissed off.

BK said...

10/03/09 account got hacked password and email were change and had to wait till monday the 5th to call blizz.Got my acount back and i was banned for "looting" 1 hour later unbanned and playing. all my toons stripped and robbed, bank vault emptied.Was mad as hell. didnt play again till the 8th i get on talk to a gm about getting my gear/gold back he said he could and i should know in a couple of days cool im not so mad now.the night of the 8th i did a fresh install of windows(formatted hd)all i installed were the drivers video/audio/graphics then installed wow.no other software did no web surfing at all. 10am saturdy the 10th log in to see about my gear/gold being returned no mail in wow so i ran around a bit then logged out 20min later try to log back in account hacked again went to blizz acc mgmt to reset pass email changed again so im 100% sure that this is on blizzards end now again wait till monday to call..lol

Anonymous said...

my account was hacked yesterday 26/10/09 - hadnt used it in 6 months or so. as it was on battle.net already i did a password reset then logged in and changed the email address associated with the account.

then logged into my account and found that the hacked had set up a recurring subscription for me with a random visa card... havent had a chance to log in and see what damage has been done, but im not too concerned as I had only planned to play again when cataclysm comes out and with a brand new char...

so in the end i have a free month of wow (plus whatever they sold/de'd/etc)

Tom said...

yey, seems now i logged in this morning and got hacked... Not even my password or ANYTHING is changed... hmm Just my stuff vendored and dissed ... on 3 diff chars ... Got a ticket open now ... Will keep you guys up to date.. pisses me off like hell..

Josh said...

It happened to me too.
I got the pass change email.
Then it said i got permanently banned for "Buying in-game gold."
The egit that changed my password must of bought some gold with it.
So i thought....
Dumbass ;)
So i emailed them back saying that this guy changed my password without me touching it and i got banned for something i didnt do.
But i got my password back! Thanks blizz.

Qp said...

12/31/2009.
Woke up to guild leader calling, why are half your toons out of guild? U were ignoring guild for hours last night.. what's going on?

I wasn't on.. try to log in, invalid user/pass.. manage account, invalid user pass.. check email acct.. 2:37am - email from battle.net my user/pass has been changed. Next email from Blizzard at 6:05 am - Your account has been closed due to abuse of the economy.

Called Blizzard, spoke to Ted, who validated me and my account, then forwarded my story and info on to another department to open my acct back up. Re-enabled my battle.net instantly.

Changed info on battle.net, got my 2 80s back stripped of nearly everything in both bank and bags and on toons. Sold off 6 alts w/gear..

It's now 1/2/10, acct is the same condition. No alts returned.. no gear returned on 80 in full t9 and 9.5 gear. Frost badges lost, Triumph badges lost..

Emailed Ted letting him know what toons and gear are missing.. been a day now.. no response. Hope it's just his day off.. guildies say it takes a week to get gear and deleted/sold off toons back. Hope that's all.. I'm starting to think it's a good time to quit WOW and get my 4 remaining months of paid time back.

Havn't looked to see if the guild bank got raided.. I am a ranking official in my guild with pretty open rights.

Non the less, their lack of communication doesn't do much to inspire confidence. Ted openly stated they can not give a time frame for return of items/gear/characters. There's a lack of commitment to the people paying their salary. I'm not impressed, but not cause of Ted, he was nice.. because they tell him to say crap like that w/o regard to their investors.

Anonymous said...

I feel so Stupid i got hacked yesterday and im just a 13 year old boy wanting to play WOW and guess what im really pissed i just got my password changed to something d***@hotmail.com i feel like that hacker is going to be a idiot messing with me i have one of the top Battleground dps 80 dk and like the best 60 tank on this server my 60 has all epic raid gear and im so pissed i have a few other 7 actually lvl 30 under i have about 6k on my account right now and they havnt emailed me back yet so i hope they dont mess with my 80 or 60 at least Plz dont u stupid hackers out there ur really pissing me off!!!!!!!!!

Elfwood said...

So 2 years after the original post I am sitting here in the same position. I am IT, I know computers, and it happened to me!
I have 9 level 80 Characters, 2 Guild banks and all my indavidual characters banks were almost full. Everything gone. I have Called 2 times, posted 4 in-game Tickets, and 4 emails, all to different entities in blizzard. Always the same "We are currently experiancing higher then usual volume" Phone call dropped, or Email auto replied to, and last night I waited for 5 hours with my ticket open, and logged to a different character once, to come back and find an auto response. I still play, I am very active, so does my wife and 3 kids. I am beside myself with anger.

Anonymous said...

Got me the last 2 days, used the password link changed it, 2 days later they were inside again. they put an authenticator on it so i cant even get into my account or login to play for free.

Appears to be running some heroics.

Anonymous said...

Changing to a Battle.net account, only helps solve the problem of someone changing your password. It does not prevent hacking. I have a Battlenet account and was still hacked. I think it was a keylogger, because within days of visiting Curse.com and downloading QuestHelper, LunaSphere, and Atlas, I saw the framerate problems that often accompany keyloggers. I think it's also interesting to note that the add-on "QuestHelper" has been mentioned four times on this post. It could be a coincidence, but I think there is somethin either in the add-on or the advertisements on the site you get it from. I've just been reading help sites for over an hour and this seems to be a consensus.

Anonymous said...

I dont think its an add-on because my account was hacked without it. I'm thinking it may have something to do with ads on Thottbot or the other sites of that nature that have keyloggers in them.
Another thing is I get a lot of phishing emails saying my account is banned or password has been changed but they're not legit. You have to turn on the full headers to see where they originate from and its usually a hotmail account.

Anonymous said...

i am efing pissed like hell
i have been hacked 46 times in the last year!!!!!! everytime i finally get back into shape i get a email saying my pass has been changed ..like WHAT THE EFF. and like i still wanna play to some extent becuz i had some really good friends

Anonymous said...

I keep getting suspended for 3 hours because some keeps spamming with my account. i keep changing the password but they keep getting in my account. im about ready to say screw you blizzard

Anonymous said...

i got hacked...and perm banned. i said that i was hacked and they said they would investigate 3 weeks later no reply. so i gave up and started playing rs its not wow but its something to do

Anonymous said...

http://www.wowaccounthacked.com/
That site pretty much clears up any issues.

Anonymous said...

Okay. I have a question it really isn't a complaint I was just curious. My cousin and I got hacked about 2months spacing from one another and during these times we didn't play. The hacker proceeded to strip us of everything that was worth something and give us a month of play.
Which isn't a big issue because a quick chat to a GM usually rectifies the problem.
But here is the weird part after playing 2days on our (hacked payed) accounts both my cousin and I got are accounts frozen and the subscription receipt for the hacked transaction was no where to be found. It was as if the incident never occurred.
I was just wondering how the hacker would be able to do this and if not is blizzard working with these hackers to brush more money of those that had quit?

Wizard said...

Dont you just hate hackers i do-------------------i got hacked and for the life of me i dont know how they did it, but they didnt change the email or password but they did strip and sell stuff on three alliance characters, but left the horde characters alone seems they must like the horde lol well anyway i got my stuff back but im trying to figure out how to make the account more secure maybe an authenticator would help but i just dont know.

George said...

I was taking a break, stopped playing before the Firelands patch. I recently came back to my account missing my main Death Knight along with around 50k gold. I finally found in battle.net that the DK had been transferred to another account which was apparently created in my name. After countless hours on the phone and waiting on GM responses I was basically told to fuck off, saying that I was responsible even though the account may have been compromised, and that no sign of foul play could be seen. Seriously, fuck Blizzard...I give them 6 years and this is what I get.

Anonymous said...

"I run a clean computer, using Trend Micro Internet Security" lol obviously you didn’t know a damn about internet security and most likely you don’t know now. I bet your password was 123456.