Skip to main content

You can leave your hat on

You always think that these things only happen to others. You may even think that they should have used better protection. And then one day you get this mail in your box from your guild leader:

Hi there,

I dont know if this email will arrive, but I will try anyway. I saw that your chars came online today.

They are selling all your gear and equipment and they are not answering on guild chat.

I think you are being hacked.


Suddenly it's not someone else who has been hacked. It's you! So I quickly took a  look in my second mailbox account and yes: someone merged my account to a battle.net account. My account has been frozen for half a year so someone must have hacked it and have reactivated it. Next thing I did was checking my characters and my armory page looked like this:




Kind of them to put on my Christmas hat, it's the season!. Everything that a vendor will accept is sold however. After seeing that picture I  really started to worry. They reactivated my account, how much will that cost me? If they've extended my account for six months it'll cost me €65. Then could also transfer my characters which will cost me even more.

 But of course the real damage is in the items and gold you loose. I've spent over 5.000 hours in the game. And suddenly it's all for nothing, all that you worked for is gone. All my items must be sold. Maybe they moved my characters to another realm? And worse case scenario my account is banned for selling gold to other players.

Seeing how it was Friday I had to wait until Monday to get a reply from a Blizzard employee. It's quite frustrating to have to wait for three days. Blizzard was however very quick to solve the problem. That same evening my account was restored and I got the message "if you miss any items, please contact a game master". So I reactivated my account and after some searching I found my items back in the mailbox.

So, what was the damage done?  Every one of my four level >70 characters had their bags and gear completely stripped. Every gold coin my characters had was gone. I found my mage in the new lands with completely damaged gear and a bunch of herbs and mining materials in her bag. Apparently someone used her to farm herbs. On the plus side, when I logged in she now has level 450 mining where it was 375 before. Someone must have had fun in Northrend. My lower level characters weren't harmed in any way. Not even my level one alt who looks *nothing* like a bank alt:




The fancy monocle and pretty tuxedo suit must have scared them as for some reason my bank alt was untouched. She still had hundreds of glyphs and the majority of my gold.

So: who's to blame for this? I think it's a mixture of me, Blizzard and of course the damn hacker. I do not think I had a keylogger installed as I didn't log into the game for half a year. None the less: before reactivating my account I scanned my entire pc with a virus scanner and two malware scanners. My password was on the weak side though so I tried to enter a strong password with non alphabetic signs. That does not seem to work so I'm just going to use a keyphrase.

As for Blizzards side:
  1. It's impossible to stop your account. When I loose my cellphone, bank card or visa card I can call a number and my account is disabled that very minute. Why not do the same for WoW? Take up your phone, type in your account name and your cd key and there, it's locked.
  2. There are no protections against a brute force attack. On most websites with a login you get a captcha after five attempts. World of Warcraft does not seem to have of these protection measures.
  3. They sell an authenticator but it feels like a ripoff. €8 posting costs for a €6 item? I bought a book flown in from the UK *with shipment* for €2.4 two weeks ago. Still, I'll just go ahead and buy one.
  4. They put everything back... in my mailbox with a 90 days timeout. It's forcing people to pay a subscription for at least a month. 
I do have to add that I am happy with the support they gave. A response within the day is something I didn't expect. And I'm very happy to see my items returned in my mailbox. Paying €13 is a small price to pay for that. It's also a lot of fun to log on again and get whispers from five people at once. Some people seemed to have genuinely missed me.

So, is everything back to normal again? Not quite. I lost all my characters on other servers. It's a mixture from lower level characters but I did want to level my level 55 warrior. Sadly I forgot on which server she was and the armory shows nothing when I search for her name. I'll try to look with warcraftrealms.com to see if I can track her down. Besides that there is probably some damage I  haven't seen yet.

What can we do about this? Be sure to pick a strong password and be safe: use noscript for firefox, a virus scanner, a malware scanner and a firewall. But above all: do not buy gold or leveled characters. As Blizzard states a lot of the items sold there do not come from Chinese farmers or levelers but from hacking accounts. By buying those items you are supporting crime. Don't do it.

Comments

  1. I'm sorry to hear about you being hacked. But it was nice to see you online again and I hope everything will sort out as much as it possibly can.
    Welcome back to Azeroth - and possibly to raiding!

    ReplyDelete

Post a Comment

Popular posts from this blog

EvoLisa - Comparing two images: performance tuning

It looks like the program is rather slow. Using DotTrace , I took a look at where the bottleneck is. The method that calculates the 'fitnesse', how closely the created image resembles the original image, is where most of the time goes to. Can we improve that? So what happens in this function? We compare each pixel of both images to compare their ARGB values. The better they match, the better the result! How can be compare this? First, I tried using the naive approach: compare each pixel using a bitmaps GetPixel(x, y) . Do that however, and you'll quickly see how excruciatingly slow that is. Especially considering that even with an image of 333x333 you're already comparing a million pixels each time you compare two images! So, instead I tried using a 'FastBitmap'. It's a project I found which wraps the Bitmap and provides much faster Get and SetPixel performance. Using this instead, the performance went up by an order of magnitude! But we can still do be

EvoLisa - My own version

It's an old idea by now, can we recreate the Mona Lisa with fifty polygons by using random changes? The idea and original implementation by Roger Johansson can be found here . So, how does it work? You start with an source image. Then you create an empty image. We keep on doing small changes to this image. In my case this is one of these changes: Recolor our polygon Change the position of one of the polygon points Add or remove a new point to our polygon Add or remove a new polygon Switch two polygons After each action, we take a look and check if the newly changed image looks more like the original image by comparing each pixel. If it is, we continue using this one. If it's not, we discard the changes. Looks like a fun project! So I built my own version from scratch eight years ago, reusing some of the same ideas. Here's my result using the Mona Lisa: Mona Lisa with 50 polygons: You can see that it's the Mona Lisa but the details around the eyes and mou