Nope, not me. I wasn’t hacked. It was much worse actually.
Early Monday morning my wife decided to log on and knock out a few dailies. Being that she’s been using the same password for nearly her entire WoW tenure, it was more than a bit odd that she was unable to log in this particular morning.
Her desk is only about eight feet away from where I’m sleeping, but normally I don’t wake up if she’s on playing in the morning. Daddy needs his sleep. 😉 Anyway, I suppose I sensed something was not right, because I woke up and immediately saw the invalid login message on her screen. When I asked her what was up, she told me that she couldn’t log in for some reason.
My first thought was perhaps she had caps lock on by accident. Nope. I then told her to check the forums and see if they were currently experiencing authentication issues. Nope, nothing on the foums; technical support, realm forums or otherwise.
After we exhausted just about all of the possible causes, I thought oh no… maybe she’s been hacked! It seemed like a far-fetched possibility because why would anyone want to hack my wife’s account..? She’s about as casual as it gets. She’s not decked out in T9 or sitting on 100K gold. Hmmm…
Well, apparently there’s really no rhyme or reason behind the hacking. It just boils down to whose accounts are vulnerable. Perhaps some people get targeted specifically, but in my wife’s case, it was pure luck.
The reason I say “luck”, is because she is our guild’s banker.
My wife was finally able to log on after completing a password reset through Battle.net. The first thing she did was open up her bags. Empty… completely empty except for her mining pick and hearthstone. Next she went to her bank. Cleaned out. Totally.
It was at this time that both of us had that sinking feeling that her inventory was the least of our worries. Sure enough… the Guild Vault had been raped. Our stacks and stacks of Abyss Crystals, Ulduar BoE epics, countless blues, flasks, etc… all gone.
MOTHERF**KERS!!!
Apparently the hacking swine logged on in the wee morning hours, which would have been been 2:30am-3:30am for my wife and I. I’ve been known to stick it out that late once in awhile if I’m trying to finish up a dungeon or a raid boss, but not this night. We were both catching Zzzz’s when the criminals performed their dastardly deeds.
A handful of members were on at the time this all went down. One person who happened to be on while it happened gave us a brief description of the crime…
Apart from my wife actually being on at that time, the first thing that seemed unusual was that my wife’s banker toon quit the guild. Next, the criminal began logging into all of her characters. Immediately after that, they began inviting anonymous toons into the guild.
It was at this time that someone checked the guild bank to see that it was being pilfered. My wife’s main was draining the guild dry and there was nothing anyone could do about it, because the only one with the power to /gkick was offline and fast asleep.
To add insult to injury, while they were cleaning out our guild bank, the hooligan typed into guild chat, “Lucky day, eh..!”
Grrrrr…
Knowing that something was awry, a couple of the guild members had quickly submitted tickets once they suspected foul play. Blizzard responded by resetting my wife’s password in an attempt to put an immediate halt to the sabotage. Unfortunately, it was too little too late.
Blizzard responded to her ticket stating that the guild items should be retrievable, and will be returned to our GM via the mail system within several days. However, they gave her no guarantees when it came to her personal items.
Brutal.
Needless to say, after she was done getting the in-game matter sorted out, I ran an anti-spyware program on her PC to try and sniff out the culprit. Sure enough, there was a piece of malware in her registry which I quickly disposed of.
Her password’s changed and the malware gone… let’s just hope that she gets her items back. She lost a ton of enchanting mats, along with a countless number of other untold riches.
They even messed with her action bar skills!!! Can you believe these a$$holes..?! I really hope Blizzard is able to trace the activity back to these MF’ers and deal with them accordingly.
I went and changed my password too, just because I think it’s a good preventative measure to take every several months anyway.
I tell ya… times like these make me even more grateful that I use a Mac. 😉
By the way… for anyone who’s curious, the name of the file that I turned up was: Adware.MyWebSearch. It was located in the windows registry and seems to have a lot of controversy attached to it if you’re to search for it in Google. Most of the information out there concerning this bit of software indicates that it’s something you should delete if found by a MalWare program. The one I used to detect it was Malwarebytes’ Anti-Malware 1.40.
Hope this helps some of you. 🙂
yeah sorry to hear this but it also happen to me b4..
the worst thing is that it happen while i was playing.. at my frenz house..
we all play wow and raiding and then i got d/c trying to relog but invalid p/w appeared and thinking to myself “WTF?!?!?” looking across on my frenz seen i was my toons log on ..
i as fren to pst ifthere is a reply or error.. log…
first thing came out of my mouth was “HACKER” i yelled at my frenz and we started to spam swearing at him .. and get frenz to /gkick all my toon .. but that was also too late they raped my gbanks. and all my toons and gears.. took me 3 wks to get my acc back,,,
and few days later my 1/2 of my loot was restored..
but it’s was never the same…
i got key logged .. while testing out a addon from curse.com call farmer ” thinking it’s new version of gatherer” so i reported it to bliz GM.. and ask them to look into it.
That’s too bad julz. Addons were some of the things I was suspicious of right away, but my wife doesn’t have many, and the ones she does use are pretty popular.
Good to know though. I’ll be sure to stay away from “farmer”. I guess it probably works as intended though, by “farming” gold from various accounts in order to sell online.
My friends guild banker was also recently hacked. It’s like they have a way of knowing or something. I hate hackers. So sorry this happened.
I had thought they must have known she was the Gbanker, but it’s tough to say. It may have just been dumb luck.
Blizzard restored nearly all of her and the guild bank’s items within a few days. Probably 5-10% of the stuff is gone forever, but we can chalk that up to experience.
Now I just need to get her to use an authenticator.
@Suniojii
This is not true. The Windows clipboard is as accessible to the keylogger as anything else, it will know exactly what text is being copied into the password field.
The authenticator makes your account essentially hack-proof and only costs a few bucks. It’s by far the best solution.
Thank you for the heads up wedgeski. My wife has an iPhone, which I believe has a free authenticator available. I’ll keep riding her about downloading it.
You dont need an authenticator. Put your passwords in a text document.
When you want to play, open the doc use the copy/paste method to input password.
Keylogger will only see ctrl-v.
Hi there, I hope you are helping her to get over it.. I was blasted a year ago by a key logger in a LAN center, blessedly my online guild helped me get over with some gold and new clothes, but you can never get back your gears..even with Blizz’s compensation which comes after their investigation is done…but it takes a while to get it over.. this hurts bad..hope she gets back to her feet soon..
Duval/Nagrand/Oceanic
@ Duval
They ended up restoring most of her stuff. I’d say about 90% of it, including the items from the bank. They were pretty quick with it too. Only took maybe 2-3 days at most.
She’s alright now, but the hacking did leave her a little uneasy. Blizz did a good job of making things right though. I just wish there was some way they could track down and penalize these jerks. If they did manage to catch the perps, it’s unknown to us at least.
@ Courtney
That’s comforting information. I’ve known a handful of people over the years who’d been hacked. Seemed like they usually got their stuff back in time as well. It’s just such a huge inconvenience in the meantime.
I can’t believe they vendored your keys!! These jerks stop at nothing.
@ Molo
My wife has an iPhone, so I told her to look into the authenticator app for it. I’ll keep on her about it.
I can’t really recommend an authenticator enough, they are cheap and the peace of mind is enourmous. I think some guilds are already requiring one for high level access to the gbank, a sensible precaution. Hope it sorts itself out soon.
I’m sorry that happened to your wife. I highly recommend getting an authenticator off the Blizz Store website. My account was hacked not once, but twice. I had a really nasty key logger that was missed by several malware/spyware/adware programs.
The good news is that Blizz WILL fix it. It sometimes takes a few days (even weeks) and like in my case some items may still be missing (the creep sold all my keys and Blizz couldn’t restore them). I was really impressed with Blizz customer support after I was hacked.
Dude, that sucks. One of our guildies had this happen and had 5kg never returned. He was really really bummed about it. I hear blizzard has a pay extra account protection service i might invest in. Only thing is, WHY DOES BLIZZARD MAKE THAT EXTRA. That is lame to me. Hi, you can buy and play our game and pay extra to make sure it stays safe. Sincerely, we hate you and only want ur money.
Anyway, I hope it gets returned man. that sucks. 🙁
Holy crap Gar, so sorry to hear this. This hacking thing sure is getting ridiculous lately, it’s seems to be hitting so many of us.
Sorry bro. It kills me when I hear stories like this. Yes, we’re talking virtual possessions here but it doesn’t make you feel any less violated. I hope this has a happy (and vengeful) ending. Blizz takes forever to process a ticket but they usually do right. She should get it all back…eventually. Order those authenticators today if you haven’t already.
Yeah, I agree. While not as bad as banking or CC details, it’s still a violation that leaves you uneasy. Countless hours had been spent over the years to amass all of the items she had on her toons, and for all that to be undone in a matter of minutes is just a kick in the stomach.
I’ve been a victim of CC fraud twice in my life, once via a lost card and another time as a result of stolen numbers. This incident here doesn’t actually feel that far off. Our characters become very personal to us, and knowing that someone was messing around in your account with malicious intent really gets under your skin.