Tuesday, December 1, 2009

You can leave your hat on

You always think that these things only happen to others. You may even think that they should have used better protection. And then one day you get this mail in your box from your guild leader:

Hi there,

I dont know if this email will arrive, but I will try anyway. I saw that your chars came online today.

They are selling all your gear and equipment and they are not answering on guild chat.

I think you are being hacked.


Suddenly it's not someone else who has been hacked. It's you! So I quickly took a  look in my second mailbox account and yes: someone merged my account to a battle.net account. My account has been frozen for half a year so someone must have hacked it and have reactivated it. Next thing I did was checking my characters and my armory page looked like this:




Kind of them to put on my Christmas hat, it's the season!. Everything that a vendor will accept is sold however. After seeing that picture I  really started to worry. They reactivated my account, how much will that cost me? If they've extended my account for six months it'll cost me €65. Then could also transfer my characters which will cost me even more.

 But of course the real damage is in the items and gold you loose. I've spent over 5.000 hours in the game. And suddenly it's all for nothing, all that you worked for is gone. All my items must be sold. Maybe they moved my characters to another realm? And worse case scenario my account is banned for selling gold to other players.

Seeing how it was Friday I had to wait until Monday to get a reply from a Blizzard employee. It's quite frustrating to have to wait for three days. Blizzard was however very quick to solve the problem. That same evening my account was restored and I got the message "if you miss any items, please contact a game master". So I reactivated my account and after some searching I found my items back in the mailbox.

So, what was the damage done?  Every one of my four level >70 characters had their bags and gear completely stripped. Every gold coin my characters had was gone. I found my mage in the new lands with completely damaged gear and a bunch of herbs and mining materials in her bag. Apparently someone used her to farm herbs. On the plus side, when I logged in she now has level 450 mining where it was 375 before. Someone must have had fun in Northrend. My lower level characters weren't harmed in any way. Not even my level one alt who looks *nothing* like a bank alt:




The fancy monocle and pretty tuxedo suit must have scared them as for some reason my bank alt was untouched. She still had hundreds of glyphs and the majority of my gold.

So: who's to blame for this? I think it's a mixture of me, Blizzard and of course the damn hacker. I do not think I had a keylogger installed as I didn't log into the game for half a year. None the less: before reactivating my account I scanned my entire pc with a virus scanner and two malware scanners. My password was on the weak side though so I tried to enter a strong password with non alphabetic signs. That does not seem to work so I'm just going to use a keyphrase.

As for Blizzards side:
  1. It's impossible to stop your account. When I loose my cellphone, bank card or visa card I can call a number and my account is disabled that very minute. Why not do the same for WoW? Take up your phone, type in your account name and your cd key and there, it's locked.
  2. There are no protections against a brute force attack. On most websites with a login you get a captcha after five attempts. World of Warcraft does not seem to have of these protection measures.
  3. They sell an authenticator but it feels like a ripoff. €8 posting costs for a €6 item? I bought a book flown in from the UK *with shipment* for €2.4 two weeks ago. Still, I'll just go ahead and buy one.
  4. They put everything back... in my mailbox with a 90 days timeout. It's forcing people to pay a subscription for at least a month. 
I do have to add that I am happy with the support they gave. A response within the day is something I didn't expect. And I'm very happy to see my items returned in my mailbox. Paying €13 is a small price to pay for that. It's also a lot of fun to log on again and get whispers from five people at once. Some people seemed to have genuinely missed me.

So, is everything back to normal again? Not quite. I lost all my characters on other servers. It's a mixture from lower level characters but I did want to level my level 55 warrior. Sadly I forgot on which server she was and the armory shows nothing when I search for her name. I'll try to look with warcraftrealms.com to see if I can track her down. Besides that there is probably some damage I  haven't seen yet.

What can we do about this? Be sure to pick a strong password and be safe: use noscript for firefox, a virus scanner, a malware scanner and a firewall. But above all: do not buy gold or leveled characters. As Blizzard states a lot of the items sold there do not come from Chinese farmers or levelers but from hacking accounts. By buying those items you are supporting crime. Don't do it.

1 comment:

  1. I'm sorry to hear about you being hacked. But it was nice to see you online again and I hope everything will sort out as much as it possibly can.
    Welcome back to Azeroth - and possibly to raiding!

    ReplyDelete