Wednesday, September 9, 2009

WoW Account Hacked

My WoW account was hacked over the weekend.  Below is the process of events.

I received an email while at work that my account had been compromised and frozen.  They gave me 3 basic steps before I could unfreeze the account: secure my email address, secure my computer and secure my wow account.  After securing everything I messaged them in the afternoon/evening on Friday.

On Saturday my account was unfrozen but my characters were missing gear, gold and they were on different servers.  I had to talk to a GM about the situation to continue the process (took about three hours of waiting to finally talk to the GM).  The GM then got a Character Specialist in on the situation and that specialist went to work on resetting my account before the compromise.



This process of resetting my gold and server took a full three days.  The gear reset took another day.  The full process took five full days.  I've heard of it taking longer to get back the gear.

I'm thankful that everything is back to how it should be, but still utterly surprised that this happened to me of all people.  I consider myself a very tech savvy person when it comes to computer security (virus, spyware, etc.).  I have Vista 64 and should be immune to half the programs, as most are not designed for a 64-bit OS.

I am still not sure how my account was hacked, the only thing that makes sense is a keylogger.  My anti-virus did pick up one virus during the full scan on friday that might have been a keylogger.  The uncertainty of the situation makes me a little paranoid and I ended up buying the $6.50 Blizzard Authenticator to help keep me worry free.

During my downtime I created a new post on WoW Reports about the first week data on Arena Season 7.  Hunters are looking better than last season... still not great, but better.  And the mighty Death Knight class has fallen (at least for now).
 

30 comments:

David said...

Dude! That sucks man. I am very happy to hear that you got everything back, even if it did take 5 days.

On a different note, I hate to say it but I have more or less given up trying to get my feral druid / BM hunter group to work. I'm tired of being a one trick pony and losing to ANY team with a paladin.

It's blasphemy to say this, I know, but I have leveled up and started playing a ret paladin just to see if it is as EASY as it looks from the perspective of a hunter.

Let me tell you, it is. How blizz allows a class to be this powerful with so little attention to what you're doing, is beyond me.

Ruhtra said...

Man, that is nice that you got your account back that quick. My wife had her account hacked and it took us three weeks to get it back.

They did a good job on returning her gear that she had stored and the gold and all the loot from the guild banks, but it took a while.

@ David

Man, I got to agree and disagree with you. I agree that sometimes it seems like a class is crazy overpowered, but honestly that is just the war arena works sometimes. Me and my partner got ROFLSTOMPD by every Druid team that came down the turnpike. I was placed in non-stop cyclones (or whatever you call it) and my partner got beat into the ground while I watched. Sometimes those are just the breaks of it. Best of luck though with the whole Paladin thing.

steelerark said...

The email that you got sounds an awful lot like a phishing email. I am in banking, and it's a type of fraud that we see consistently. When you got the email, did it take you to a link that asked for your password? If so, it sounds like phishing. You said you were tech savvy, so sorry if you know what phishing is. But thats what it sounds like to me.

David said...

Yeah, I was super careful about the email. I triple checked the email address on google and what not to make sure it was a correct email address.

There also was no mention of sending them any of my information, only that I needed to secure those accounts.

Anonymous said...

Dude, My account got hacked today on November 16, 2009.. I'm still on hold with Blizzard Account and Billing services.. It's been about 30 minutes.. I'm soooo fucking pissed.. I don't know why me though?

Anonymous said...

both my son and i have had our Wow accounts hacked this week , i know my pc is safe and that i had only been using the account 4 hrs before is recieved the email asking me to change my password . Yes i checked the email and website details they were genuine , what ime worried abiout is that this has happened since switching to battle.net and using email address as login name ? how has someone hacked into my account and blizzard realising its been hacked in such a short period of time ? Knowing Blizzards response time in problems i find this hard to believe , this l;eads me to think the leak of information is from battlenet itself , any thought s on this ?

David said...

My best guess is that your email account might have been hacked.

Most of the time though I feel like it is really tough to figure out exactly how someone was hacked. I could never figure out how I was, there was no ah ha moment, and I feel like that is probably true for most people that get hacked.

But luckily it seems Blizzard is pretty good about getting your account back in shape with everything you had on it. I do feel much safer with the Blizzard Authenticator.

Anonymous said...

my account was hacked 6th nov and im fuming!

Anonymous said...

Mine was hacked yesterday and in exactly the same way.. I got the email from Blizzard saying that it had been compromised and was unavailable for 24 hours, only to log on when that time was up and find my 3 level 80's completely stripped and everything gone. Still waiting on GM response but hopeful now after reading your post that it will get resolved eventually. I too wondered about the battlenet connection, I'm super cautious with internet security and I'm also on 64bit so it all sounds very dodgy to me

Skymane said...

hey ppl

ive been hacked aswell, was on sunday 13th of dec. I thought it was some addons i installed after the patch, might have contained a keylogger, i dunno. I never open dodgy mail and i had scanned my pc several times and nothing turned up.

In the morning i couldnt log on and i read in my mail i had a 3 hour suspension for some ingame offensive stuff. The one prior to that was a pw change and then another with some info.

I found even my lvl 30 chars stripped naked and ofc 2x 80. This is on a european server btw. but i dont think that matters much.

On curse it said something about a leak in blizz battle.net system and i dont like the way you log with your email nowadays. So hopefully they can make it more secure. or maybe its all a trick so we order authenticators! (my phone cant have one :( )

hope you all get your things sorted soon!

- skymane, ravencrest eu

Unknown said...

well i too join the ranks of accounts hacked. i wake up today to find my hacked everything gone. they did take my mining from 350 to max level. although i lost my blacksmith completely. also lost full swiftarrow set for my 78 ping. everything is gone even my quiver is empty. waiting on my ticket with a gm.

nicosharp said...

hacked today. This must be a Battle.net issue. I am very safe with software, and scan my computer weekly. I get a notice about my password being changed on Saturday (haven't used it in a few months), and then today saying my account was closed for Exploitative Activity: Abuse of the Economy

I am pretty pissed, and don't see how easy this can be performed by someone. Now I will have to use the blizzcon authenticator once everything is restored, if it can be restored....

Anonymous said...

Hi i also got hacked today, i nly use thi pc for wow and it is also 64bit, i have spyware and antivirus so notsure how they got in, The anooying part was when i logged on i kept getting kcked off, phoned my m8 who went on his accuntand the hackers where on my account then cleaning it out. So done the usual changed password and logged to find all my chars stripped even level 14!!. I now have an open ticket and am awaiting a gm, reading this thread hopefully i will get all my gold, gear and currency back on all my players

Anonymous said...

Hey, i've been hacked 2day, when i logged in my char went off... :( Seems like there is an big leak with wow-accounts. still waiting for response of gm, but still, not so nice the day after x-mas :(

Unknown said...

well i heard from them four days after i opened the ticket. they say they are working on it and it could take two weeks. i have changed email that was used with the account. password a few times. also after i did some hardware upgrades to the computer i use for wow. have reformatted an done a fresh windows install. so i can be sure it doesn't come from my end.

Anonymous said...

I was hacked Christmas morning at 430am server time. They cleaned out my 2 lvl 80s, all gold, all items in all banks of all toons; even my banker toon who had a 3 tab GB was raped.

I have heard nothing from blizz other than it will be at least 7 days before I hear from someone in the restoration department due to high volume and back-log.

I have changed my password and ordered the authenticator.

Anonymous said...

Hacked today As well. Logged off at 2:30 AM EST. Came back on at 9:30 AM EST. Seems while they were in my acct. because I kept getting kicked. They took it all G ,frozen obs, 23 Frost emblems and everything sellable in gear and bank. Took alot of Guild bank stuff as well. They changed my password and destroyed the gear they could not sell in WG BG! I opened a ticket just now. I expect Blizzard to be hot on key logging fix or some fix! If not, then I feel they are alseep at the wheel and I will have a vote of "no confidence" in that company for their inebtitiude. I waited 35 min on hold from 8:00 AM to 8:35AM PST with no response. So 8 million players is ALOT of money per month. They apparently are NOT spending it on hiring plp to answer the phone. I'm not real happy with Blizzaed since these really seems to be an epidemic with WoW. Simply put, Blizzard needs to fix it or I'm afraid I can never use any of there products again.

Anonymous said...

Nice..I just posted above. Changed my user name and PW and ordered an authenticator. No sooner then completing that, The mental giants at Blizzard banned my acct. for selling Gold! You have got to be kidding me! I get hacked, robbed and my toons abused and then Blizzard delivers the final insulting blow. WTF have I paid for in the last 2 years?

Anonymous said...

same here, go out of town for christmas, get a bunch of texts from guildies and RL friends saying my account is being hacked, and that they are DEing all my gear. i always thought curse was trustworthy for addons, but this is the second time i'm guessing i was hacked for downloading addons...and i only use atlas gearscore and quartz...imagine that

Anonymous said...

same happend to me: my account got hacked yesterday. i noticed it when i checked my emails: "your account was permanantly banned because of illegal trading" oO
my guild mates told me that during the night all of my characters logged in, sold everything including the loot from the guild banks. Calling the support my account was unlocked, password resetted, gear, gold and loot shall be back in the next 4-5 days and i am now able to log in.... BUT while checking my pc for any possible keyloggers or anything i didn't find anything right now. I used several different scan tools like a-squared, trendmicro house call, kaspersky online scanner, adaware, sophos anti rootkit, antivir and some more. So, is it worth to log in without being sure? May it be a battlenet issure?

Logging in sounds very dodging to me without knowing how the hackers got my account information. Noone other than myself had my login data til the account was hacked. I only played wow at home - but where's the gap?

Anonymous said...

My account was hacked on the morning of December 30th. My ICC-Geared hunter was deleted along with two more 80s. I've petitioned Blizzard to restore my characters. As of right now I haven't heard anything, but I believe it to be because Blizzard is working on the issue still.

This particular hacker deleted three of my characters and moved two others to another server. He also created two additional accounts on my Battle.net account. One was suspended and the other was just an empty account. The two characters that were moved off of my main server were restored back, although one is still missing everything. I'm still waiting on two more to be restored. I understand it may take some time, but I'm willing to wait. I just want my stuff back. Needless to say, I will be purchasing an authenticator first thing. I would suggest everyone get one. This is not fun to go through by any means. Wish me luck.

Anonymous said...

woow whats going on with WoW these days. same thing happened to me i played all night and finnally got to 80 wake up next day saying my account is disabled because of a compromise.. no wonder i kept d/cing i havent even been able to log on to my account but i check my char on the armory and all of his stuff is gone.. im waiting on my account to be enabled and my itmes to be restored.. damn this suckks

Joey said...

My wife had this happen to her account, but it was from an email she received about her account.

From all of you saying you don't know how they got your information: did you get any type of email that mentioned account security, etc? The link looks legitimate (it says www.worldofwarcraft.com as the url) but when you mouse over it, it actually takes you to something like www.worldofwowarcraft.com but the log in page looks identical. All her items were restored but only recently was her account suspended, the email stating third party software. I think whoever got her account info was using 3rd party software and advertising or something and someone hit "report spam" on the trade and they finally investigated it. She emailed them yesterday about the account being compromised and that she got an authenticator. Now we just have to wait for Blizzard to correct it.

twolittle said...

I was hacked this week. Also consider myself verry carefull about phishing and by email and bogus websites. cleaned out two guildbanks and two main characters. after running norton internet security 2010 from boot up disk and full deep scan seperately the only think it could find were tracking cookies. i figured i was on a wrong webpage when i logged in or there was a tracking code active in a browser. they got my credentials that way. im no security expert but nothing else showed up on my scan. I do use a webmail account that they could have done a forgot password for.. but then they would have to know the account name. it is different from my character names. taking over a week to get my stuff back but im confident ill be ok. I guess bliz is swamped from compromised accounts and there planing on some BIG steps to try to curb it. I ordered my authenticators the day it happened. Ill rest easier once they arrive in the mail.

Anonymous said...

I've been playing WoW since launch and not once had my account hacked until Battle.net came along. I'm not blaming it on Battle.net, but it sure is strange that pre Battle.net I had 0 hacks, and since Battle.net I've had 3.

Anonymous said...

My account was frozen, and I hadn't played WOW in months. I just received an email saying my account was closed for exploiting the economy. I also have daily anti-virus and spyware scans on my system. I haven't even logged into my WOW account since October. I think that there must have been a battle.net compromise.

Anonymous said...

I got hacked this morning.. my account been completely cleaned out, 1/2 chars deleted.. 4 80s, and alot of 60+s. I really don't know how to get it back, I've just been resetting PW alot... though he has now added an authenticator on it, so now I'm completely helpless. Oh, did I mention? My main had full t9+, 15k gold and most epic rare mounts.. If anyone knows how to get it back PLEASE reply here :(

Anonymous said...

Yesterday ive got hacked...
on european server
i dont know if they stripped my char..
im very disappointed are just 2 months i play wow and i was 1 level away to get my 1st char to 80... im whaiting to see if i still got it if it isnt so i hope blizzard will help me to get all back

Anonymous said...

Heh yea you all saying you've been hacked. I've been hacked like 15 times on a weekly basis it seems. And the funny thing is im the utmost secure nearly hack proof (except i have no authenticater) and ive made a goal to change my WoW and Email acc paswords every other day. And no matter what it seems i constantly get hacked. And it's not by Phished. And its not by a key logger i've made sure no now i guess i'm gonna have to make a whole new account and email adress lol

Anonymous said...

http://www.wowaccounthacked.com/
That site pretty much clears up any issues.