I've become the victim of hackers as well. My gold and items have been removed from all my characters :( . My banks are empty as well.
I've requested a rollback of my account. Hopefully they'll be able to do it before TBC arrives.
This sucks bigtime :( .
The keylogger was called ir32_a.exe and came from either worldofwar.net or allakhazam, so be carefull!
P.S.: ffs where are the /cry smilies when you need them.
Bad luck Sandrion, I sincerely hope they get you sorted out real soon :sad:
TL.
That really sucks mate :sad:
Hope things don't take too long to sort out!
That sucks bigtime, m8 :(((
Damned, another.... Hope you get it back soon m8
Oh buggery be..
Im starting to worry.. I've checked the addons and stuff, but this always happens to me, so I hope this will be an exception..
Get ya stuff back mate :sad:
Here, borrow my /cry 'smilie'
(http://i82.photobucket.com/albums/j269/glennaeb/cry.gif)
A) Why your /cry emote char has no pants... :g:
B) Using my G15 to 'type' the password with a macro will avoid that to be stolen or is just my naive view of things? :rolleyes:
and
C) Hope you will get back all your things m8!
i think its the trauma from having to battle ragnaros for eons floating back to the surface :narnar: and i support C
They got another victim :(
sorry to here it m8, hope they work overtime to get it back!
Quote from: Akall;172827B) Using my G15 to 'type' the password with a macro will avoid that to be stolen or is just my naive view of things? :rolleyes:
Your naive view of things I think mate. The password still has to be entered character by character into the field when you log in. It makes no difference whether that is done by hand or with a shortcut macro.
One thing i'm curious about: all these people getting hacked. Are they trying out new and lesser known addons that have the keylogger etc in, or are they getting embedded in stuff that's well known like Titan, CTRaid etc while they're on the sites?
Quote from: Carr0t;172856Your naive view of things I think mate. The password still has to be entered character by character into the field when you log in. It makes no difference whether that is done by hand or with a shortcut macro.
I don't think you're all correct here Carr0t. Even though I don't think you're safe just because you use a macro from the G15 or whatever, it does make a difference.
The programs that are used to steal your password, is so called key loggers, which means that they log (obvious enough :rolleyes:) key strokes (since it's not possible to directly read the content of the password field). If for instance that G15 is programmed to just paste something pre-made into the password field (in other words, the same as you yourself was copying the password from a text file and pasting it in the password field), the only thing the key logger would get is the
+ key strokes.
Now on the other hand, I don't know anything about the API towards the G15, so it is very possible that it's possible to exploit it in some other way, the only thing I'm saying is that it's not necessarily the same :)
Quote from: Bob;172859I don't think you're all correct here Carr0t. Even though I don't think you're safe just because you use a macro from the G15 or whatever, it does make a difference.
The programs that are used to steal your password, is so called key loggers, which means that they log (obvious enough :rolleyes:) key strokes (since it's not possible to directly read the content of the password field). If for instance that G15 is programmed to just paste something pre-made into the password field (in other words, the same as you yourself was copying the password from a text file and pasting it in the password field), the only thing the key logger would get is the + key strokes.
Now on the other hand, I don't know anything about the API towards the G15, so it is very possible that it's possible to exploit it in some other way, the only thing I'm saying is that it's not necessarily the same :)
I actually think the G15 just types it really fast. As you can use it for game functions as well. So I guess it would be the same as typing it in.
Well there is always a way to monitor it. CTRL-V might work now, but they can also dump the content of your scrapbook after logging in successfully. That's really easy to do. But there are also other, more advanced, ways to get someone's account data including their password using a 'virus' (it doesn't involve keyloggers, but I'm not gonna say how since I don't want anyone to get any bright ideas :narnar: ).
One thing Blizzard should do is stop storing your account name in plain text in the config file when you enable the 'remember me' feature. Is it to much to ask to encrypt it? That would make things a lot harder for them, since they have to disassemble the WoW binary to find out how they decrypt it and where the keys come from. It's not impossible to break, but it is rather difficult and requires a lot of knowledge.
Blizzard should really put some effort into security, because it 'seems' like they don't care. Right now they're just cleaning up behind the hackers, nothing more.... More and more people are effected by this every day :sad: .
Btw, on how I got it:
I know I received the keylogger called ir32_a.exe two days ago. My main suspect is www.worldofwar.net (http://www.worldofwar.net), since I remember my comp starting to slow down for a moment while visiting that site and my browser crashed directly afterwards. They're probably exploiting a leak in IE. It could also be the case that I got it from allakhazam, since the program that updates the WoWReader generated some kind of 'weird' exception when I ran it.
So be carefull if you weren't already. If you notice anything strange after visiting a WoW related site, do NOT log in to WoW and scan your system for viruses first! If a virus is found (WoW related or not) change your password(s) ASAP. You don't want this to happen to you.
Too bad mate:angry: ,Hope you get ur things back on all your characters!
Quote from: Andin;172914Too bad mate:angry: ,Hope you get ur things back on all your characters!
Just one question. How long did it take Blizz to restore your stuff and what exactly where they able to restore? I lost well over 1200g, so I hope I get that back as well and not just my items on my main char. I asked them to roll-back everything to the last maintainance day; assuming they make weekly backups it shouldn't be hard to do :unsure: .
I just received an e-mail from Blizz stating that my account is suspended pending their investigation, so you won't see me online untill this is resolved. Hopefully it won't take too long, but it's good to know they're working on it.
youlle only get blue/epics, nothing more
Make a notepad on your desktop, type in your password here.
Everytime you log on (I assume you don't do this every minute) just copy / paste in your password. :)
No idea if this actually is going to work since I have no idea how these keyloggers work, but if they work as they register every button you push (as it may sound from the name, keylogger) this might work out pretty good :)
ide like to see fingerprint acess on games... ^_^
most secure way imo...
Fingerprint access is still a password, it just links the finger to a very random sequense of 20-30 chars.
Quote from: Jorgen;173032Make a notepad on your desktop, type in your password here.
Everytime you log on (I assume you don't do this every minute) just copy / paste in your password. :)
Wouldn't necessarily help you too much, since getting info from the clip board (where stuff end up between
+ and +) isn't hard at all. It might fool the key logger programs, but making programs that can abuse that situation is easily made (probably already exists).
Quote from: Bastet;173066Fingerprint access is still a password, it just links the finger to a very random sequense of 20-30 chars.
Yes, that is true, but if Blizz for instance implemented a fingerprint reading system, it would be something that couldn't be sniffed (if implemented right) the same way as key strokes (or clip board), so the safety would be much better :)
Slightly gay though, means that everyone needs to go out and buy a finger print scanner to be able to play.
well it only costs bout 15 euros, and you can use it for multiple games or occations (dunno the right word)
Though if this would mean that the chance on being hacked would be brought back to nearly 0 than its worth it for me ;)
Appearantly Blizz is looking in to systems like this and are checking if people are interested in buying one if they decide to implement them.
It's sad it has come to the point that these kind to things are nessecary :sad: .
The access to my account got reinstated. Still no items and gold though :sad: . I've opened a new ticket, since my old one was gone.
It looks like I'll start a new alt tomorrow when TBC arrives.