Same for me. I canceled my accounts at eh request to merge into Battle.net, and within three months my accoutns were hacked (at least according to Blizzard) and I need to by an authenticator and and re-sub to fix this issue. It seems like a scam to get more ooney to me and this problem seems unusually prevalent.
As a person highly skeptical of these "conspiracies", I could not help but think the same thing. After the battle.net merge, I began to hear about alot of people's accounts getting hacked, friends, friends of friends and even my boyfriend's got hacked. I thought it might be a one-off thing, but then there was alot of stuff about it in the forums as well...then Blizzard are quick to push people to buy their authenticator... Something seems off. But the bigger the company, the dirtier they get. So I wouldn't be surprised at all.
No conspricy - the change to battle net ment your login was now your email.
Now your email address and WoW password is somthing you would type quite often and such information could of been key logged a long time ago. So you have some one with a list of email address and wow password (useless before battle net) - when the switch to battlenet came about most people used their regular email address and keeped the same password and there you have it. A list of almost usless email addresses and password keylogged along time ago now grants access to the accounts.
This is still not blizzards fault. But maybe blizzard should have forced a password change when the bnet stuff came in.
I wonder how you people manage to get so many scam mails sent to you.
I actually talked about this issue with a friend of mine a few days ago, I asked him if he had got any scam mails regarding the Cataclysm beta. He told me he didn't and I hadn't got any either. The reason I asked was because I'm reading everywhere of people getting tons and tons of these mails, some up to 20-25 per day.
I can't remember having been sent one scam mail about WoW, and I've been playing since CBT/release. How is this possible?
Also, I've never been hacked and I don't know anyone of my RL friends who have been either. I'm not bashing anyone, but, do you really know your way around the internet?
well Lorgarn.. it could of been by an addon as well..
I and a friend, have both been hacked within 2 weeks of each other, after recently updating an "addon".. I have played WoW for 5 years.. him 3 years, and neither of us have ever received an email from outside Blizzard.. When I called Blizzard concerning my hacked account (which was after my friend was hacked) the Blizz customer service employee was also hacked that week as well and waiting for her account to be corrected.. She indicated to me, that hack that we most likely suffered was the same one that got her.. An Addon, that installs an exec file, that sends you to a fake website IF you happen to ever log or try to log into an offical WoW forum or Armory..
Furthermore, these piggy back hacks are only temp.. and are often deleted and removed the next "update" to your addon.. There is more to the story, but for saving us all alot of reading.. Phising Emails are a huge problem yes.. but a lesser known issue that Blizzard will do their best to keep secret and private is the addon hacks.. Can you imagine the implosion in WoW if they went public tellign people that addon hacks are running rampid and they cant' stop it... That is why the authenticator was installed, it was Blizzards ONLY way of combating the addon hacks, because they know damn well people are going to keep using addons in WoW..
There are 2 fronts to this battle.. but only 1 seems to be publisized..
I've been playing MMO's for years as well and was hacked after a year of inactivity. I get atleast 5 scams per week. They all look legit, the only way I can tell is by hovering over their fake hyperlinks. It usually contains a mispelled word such as Blizzerd or WorldofWarcreft and I am running out of patience nowadays...
So much fail in this thread. it's funny. You seriously think that blizzard would risk their company/reputation etc by selling email addresses to illegal gold sites? You seriously think they are doing this, and not the fact that your systems are insecure.
Remember, you don't have to download addons. You dont have to Click phising emails. You dont have to copy links from a random lvl 1 ingame. All you need to do is go to any website that uses flash banner ads, and if just one of those ads has a hidden activex script in it, Unless you were using the latest updated security software (not norton(lol) or avg) you just got compromised.
For reference, and you can call me very lucky, or not, i run an unfirewalled system, with no AV software or Sypware software.
Why dont i get hacked? Simple. Because i practice safe browsing habits.
I use firefox with adblock plus and noscript, so even if there were 100 hidden scripts in a flash banner ad, i would never know they were there because the advertisment code would never have been loaded. I simply wouldnt see the banner adds.
The simplest things can make all the difference. But feel free to continue the conspirarcy theories about how your home systems are more secure than a multi-billion dollar corporation's that has regular security checks both by themselves and banking institutions.
So much fail in this thread. it's funny. You seriously think that blizzard would risk their company/reputation etc by selling email addresses to illegal gold sites? You seriously think they are doing this, and not the fact that your systems are insecure.
Remember, you don't have to download addons. You dont have to Click phising emails. You dont have to copy links from a random lvl 1 ingame. All you need to do is go to any website that uses flash banner ads, and if just one of those ads has a hidden activex script in it, Unless you were using the latest updated security software (not norton(lol) or avg) you just got compromised.
For reference, and you can call me very lucky, or not, i run an unfirewalled system, with no AV software or Sypware software.
Why dont i get hacked? Simple. Because i practice safe browsing habits.
I use firefox with adblock plus and noscript, so even if there were 100 hidden scripts in a flash banner ad, i would never know they were there because the advertisment code would never have been loaded. I simply wouldnt see the banner adds.
The simplest things can make all the difference. But feel free to continue the conspirarcy theories about how your home systems are more secure than a multi-billion dollar corporation's that has regular security checks both by themselves and banking institutions.
You seem very overconfident . I'd seriously advice you to get an anti malware software asap because your pc might be compromised, no matter how cautious you are. I once caught a worm with a 100% legit media file reader simply because the download link was compromised by some dirty bastards who had nothing better to do than implementing malware into legit content . Now i got it removed , but there was no way i could have known a perfectly legit file downloaded through a perfectly legit link could give me a Worm .
Fere libenter homines id quod volunt credunt. Among those who dislike oppression are many who like to oppress.
So much fail in this thread. it's funny. You seriously think that blizzard would risk their company/reputation etc by selling email addresses to illegal gold sites? You seriously think they are doing this, and not the fact that your systems are insecure.
Yes. Maybe you didn't realize that its Acti-Blizz now. Bob Kotick is the greediest scum bucket in the game industry and I definetely wouldn't put it by him to do something like this to earn more money. The question is - does he actually have the power to do something like that? Maybe. Perhaps Blizzard just messed up with the bnet merge? However, instead of asking me to purchase another of their products in order to protect my account security which they comprimised in the first place, they should be providing more service to cover their own mistake. They're becoming increasingly "under the table" nowadays, and I'm definetely not looking into buying more Blizzard products (especially after the whole real-id business).
I believe it because I lived it. On 9/11 two years ago, my account was stolen and then merged with a Battle.net account (before it became mandatory). I did some digging on forums and found that many accounts were stolen on the same day. I have read about other mass thefts since then.
Yes, some of the people only have themselves to blame but some appear to be comletely innocent. I really wish that Blizzard would do something about their security problems. I play a ton of MMO's and WoW is the ONLY one that I have ever had these kind of issues with.
On the flipside however I have lost an account before to an overly security zealous company (ncsoft) doing mass wipes of accounts suspected of fraud , theft, etc. I honestly don't know whats worse.
Add-on (and bot) creation requires some form of data mining. This is done in order to learn enough about the code/files to create programmes that alter the way the game is played in some appreciable way. This violates Blizzard's ToS/EULA. There are who-knows-how-many add-ons out there for WoW, doing simple things like comsmetically altering the UI to telling a Paladin when they should buff what character with what. Blizzard knows that this happens (e.g. videos on YouTube of raiding guilds brining down bosses) and does virtually nothing, or nothing at all, about it (e.g. mmo-champion.com following raiding guilds progress through high-end content). Blizzard is not stupid, whatever we may want to think in view of their generally poor customer support that does not require account-based and technical support.
When we look at this it seems fairly clear that Blizzard has a 'off the record' yet consistently enforced policy of aiding and abedding data piracy for commercial profit. This, of course, is a rather inflammatory statement but it is not one that is intended to slander Blizzard in any way, shape or form: it is simply intended to give credit where credit is due. When we consider the sort of action that is taken against illegal RMT, merely perma-banning accounts instead of an active civil and/or criminal case, it seems as thought Blizzard is really quite at home with allowing their data to be used in ways that officially violate their ToS/EULA provided someone, somewhere, is buying another box, paying for another subscription or both.
Yes, this is a highly contentious argument but I think we can safely say that add-ons pose a serious risk and are completely unnecessary to enjoy World of Warcraft. I think that we can also say that Blizzard is not doing it's job in taking this risk seriously, it seems that they are encouraging it due to their lack of action. Instead of offering up this RealID nonsense -which is also something that they have not backed away from, merely postponed- Blizzard should do something to discourage and harshly punish data mining. Until they do they simply look like the worst sort of opportunist.
Think about it for awhile, just think about it.
(1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain. (2) It's not about community, is it? You just have nothing better to do.
Yes, this is a highly contentious argument but I think we can safely say that add-ons pose a serious risk and are completely unnecessary to enjoy World of Warcraft. I think that we can also say that Blizzard is not doing it's job in taking this risk seriously, it seems that they are encouraging it due to their lack of action. Instead of offering up this RealID nonsense -which is also something that they have not backed away from, merely postponed- Blizzard should do something to discourage and harshly punish data mining. Until they do they simply look like the worst sort of opportunist.
Think about it for awhile, just think about it.
Problem is that Blizzard tried to be nice in the first place by allowing players to create/use addons. If they were to even attempt to stop people from doing this, even in the name of security, the playerbase as a whole would throw a shit-fit. I mean I agree that you dont need addons to play WoW, and would love to see all of them blocked, but it's just too late for Blizzard to even bother attempt doing so.
Maybe their next game won't be so user created friendly (one can hope). I don't know how many times I've listened to friends whine about their accounts being hacked (even those using Authenticators) because some addon opened a hole or they fell for some stupid email at 3am (Thank you Blizzard for the Bnet merge....)
I feel one of the problems today is that Blizzard just doesn't really care too much. People get hacked, but keep paying. They lose characters, but keep playing. Large portions of the playerbase have been comprimised, but the sub numbers never really drop. Blizzard sees all the crap going on yet they know the players (a vast majority of them that is) will continue playing and paying no matter what. Blizzard doesn't care about you, me or any other player in their games. All they care about is the $$$, and as long as that keeps coming in, all is good in their eyes.
There are 3 types of people in the world. 1.) Those who make things happen 2.) Those who watch things happen 3.) And those who wonder "What the %#*& just happened?!"
Add-on (and bot) creation requires some form of data mining. This is done in order to learn enough about the code/files to create programmes that alter the way the game is played in some appreciable way. This violates Blizzard's ToS/EULA. There are who-knows-how-many add-ons out there for WoW, doing simple things like comsmetically altering the UI to telling a Paladin when they should buff what character with what. Blizzard knows that this happens (e.g. videos on YouTube of raiding guilds brining down bosses) and does virtually nothing, or nothing at all, about it (e.g. mmo-champion.com following raiding guilds progress through high-end content). Blizzard is not stupid, whatever we may want to think in view of their generally poor customer support that does not require account-based and technical support.
When we look at this it seems fairly clear that Blizzard has a 'off the record' yet consistently enforced policy of aiding and abedding data piracy for commercial profit. This, of course, is a rather inflammatory statement but it is not one that is intended to slander Blizzard in any way, shape or form: it is simply intended to give credit where credit is due. When we consider the sort of action that is taken against illegal RMT, merely perma-banning accounts instead of an active civil and/or criminal case, it seems as thought Blizzard is really quite at home with allowing their data to be used in ways that officially violate their ToS/EULA provided someone, somewhere, is buying another box, paying for another subscription or both.
Yes, this is a highly contentious argument but I think we can safely say that add-ons pose a serious risk and are completely unnecessary to enjoy World of Warcraft. I think that we can also say that Blizzard is not doing it's job in taking this risk seriously, it seems that they are encouraging it due to their lack of action. Instead of offering up this RealID nonsense -which is also something that they have not backed away from, merely postponed- Blizzard should do something to discourage and harshly punish data mining. Until they do they simply look like the worst sort of opportunist.
Think about it for awhile, just think about it.
I thought about it and it is nonsense.
There is no 'data mining' involved when writing addons. Blizzard provides addon developers with an API they can use to program their addons with. As such any action that an addon does is specificly allowed by Blizzard (barring bugs). One can write whole suites of addons without having to know anything about actual game files or the data structures WoW uses.
So much fail in this thread. it's funny. You seriously think that blizzard would risk their company/reputation etc by selling email addresses to illegal gold sites? You seriously think they are doing this, and not the fact that your systems are insecure.
.........
The simplest things can make all the difference. But feel free to continue the conspirarcy theories about how your home systems are more secure than a multi-billion dollar corporation's that has regular security checks both by themselves and banking institutions.
So much fail in this quote it's funny. You seriously think that these people are trying to insinuate that Blizzard is, in a corporate capacity, selling account info to gold sellers and hackers and such? No no no, what I would think people are insinuating w/ all this is the possibility of one, or multiple, Blizzard employees acting on their own behalf and taking data that they have access to and selling it on the sly for personal gain.
I don't think anyone is really trying to say that Blizzard, or Activision/Blizzard, as a corporation, is selling their account info to gold sellers, or is secretely leaking account info in order to boost authenticator sales. Or maybe they are, in which case then I would agree w/ a call for tin-foil hats.
Now, that being said...
I too am a victim of having a long unused account suddenely reactivated. It was about a year ago, and I can't say if it corresponded w/ this change over to battle.net everyone is mentioning b/c I wasn't following WoW enough to tell you, but I do remember when I first became aware that my account was reactivated and I went to the WoW site there was a new log-in process I had to go through and I remember being told that I had to go through that process b/c they merged WoW accounts w/ bnet or something.
Anyway, my account had been inactive for about a year when it was suddenly reactivated by someone and used without my knowledge. Now, what made me really suspicous about the whole thing was that, at that time, my user-name and password I was using was the same across all my online games, but nothing else besides my WoW account was accessed. I mean, w/ that user-name and password they got from my WoW account, they could have done some serious damage. So if I had a keylogger on my system that provided a hacker w/ my info I find it hard to believe they would have only tried accessing WoW, especially when I hadn't logged into WoW in over a year.
I don't know, personally I think the root of all these "compromised" or "hacked" accounts is most likely a disgruntled, underpaid, or just straight-up sleazy Blizzard employee that is selling this info for personal gain, OR that Blizz slipped up and left some back-doors open in their security somewhere. There are just too many people coming forward w/ eerily similar scenarios for it all to be coincidental, I mean look how many people we have so far in this thread alone that are telling almost indentical stories. The accounts being compromised here are almost all inactive for a few months, and there are usually no signs of a person being "hacked". For instance, no one is finding trojans/keyloggers, and no other information is being utilized, or in other words, if it was a case of all these people legitimatlly being the victim of a hacker or identity thief, then other, potentially more valuable information (bank account, social security #s, credit cards, etc) would also be utilized but it's not.
I'm not one for conspiracy theories, but I don't understand how people can defend Blizzard in this case. Yes, a lot of people don't take proper precaucions to protect their personal info, so some accounts being compromised is to be expected. But the available info clearly shows that there is indeed an actuall trend, and that while it is certainly easiest to point the finger at the end-user, imo there are just too many people coming forward all saying the same thing for it to be coincidence and laid at their own feet.
Problem is that Blizzard tried to be nice in the first place by allowing players to create/use addons. If they were to even attempt to stop people from doing this, even in the name of security, the playerbase as a whole would throw a shit-fit.
Doesn't have much to do with being "nice", I don't think. WoW shipped with a really basic GUI, and it's much more cost-effective to let the users design advanced GUIs for themselves. Case in point: the guild UI. They're finally getting around to it now, but for all these years it's been this really quick mock-up that they haven't bothered with, even though any CS student could provide a better design for it in less than a week. (They eventually made a raid calendar, but it was just a less functional version of a popular, player-made addon.)
Sure, they could disable add-ons, but then they'd have to implement a lot of different UIs themselves to cater to various play styles, and they'd never be able to serve those needs as fully as the players do now.
I don't know, personally I think the root of all these "compromised" or "hacked" accounts is most likely a disgruntled, underpaid, or just straight-up sleazy Blizzard employee that is selling this info for personal gain, OR that Blizz slipped up and left some back-doors open in their security somewhere. There are just too many people coming forward w/ eerily similar scenarios for it all to be coincidental, I mean look how many people we have so far in this thread alone that are telling almost indentical stories. The accounts being compromised here are almost all inactive for a few months, and there are usually no signs of a person being "hacked". For instance, no one is finding trojans/keyloggers, and no other information is being utilized, or in other words, if it was a case of all these people legitimatlly being the victim of a hacker or identity thief, then other, potentially more valuable information (bank account, social security #s, credit cards, etc) would also be utilized but it's not.
I also could see this (the highlighted portion) as a possible cause of a lot of the account compromises. All it takes is some greedy dirtbag with access to the info trying to make a quick buck on the side. And crap like this happens all the time. Credit card companies deal with this issue alot, there has even been a few stories about it in the news a while back.
But yeah, I could easily see some enterprising twit working at Blizzard (or a small group of them) looking up inactive accounts and selling the info behind the companies back for a quick buck. Because no matter how robust/strong a companies security is, the weakest link will always be the human element.
There are 3 types of people in the world. 1.) Those who make things happen 2.) Those who watch things happen 3.) And those who wonder "What the %#*& just happened?!"
I cant see what Blizz could gain by a purposefull "leak". However, there was either a security breech during the battlenet thing or a whole lot of people got stupid all at the same time. I leave it up to people to decide for themselves which is most likely.
Keep in mind that millions of people changed their wow account login name to an email address they have been posting all over the internet for years. Many of which use the same password all over the place. Compound that with the fact that most wow related sites are owned by gold selling companies and I think we can absolutely say that yes, people are being stupid with their account security.
Every single account compromoise has come from the players side. You can deny it all you want, but that is what has happened. I can prove numerous ways people get hacked client side. YOU cannot prove even one single way accoutns have been hacked through blizzards side. That is FACT. Not opinion.
Though i know the conspirarcy theorists will come in here to try and debunk it, as they seem to either get a kick from blaming others, or just flat out refuse to take the blame for something that happened on their side.
I cant see what Blizz could gain by a purposefull "leak". However, there was either a security breech during the battlenet thing or a whole lot of people got stupid all at the same time. I leave it up to people to decide for themselves which is most likely.
Keep in mind that millions of people changed their wow account login name to an email address they have been posting all over the internet for years. Many of which use the same password all over the place. Compound that with the fact that most wow related sites are owned by gold selling companies and I think we can absolutely say that yes, people are being stupid with their account security.
Didn't ING/IEG/IGE or whatever that goldseller site's name is buy the Zam network?
Yeah, guess the company that 'owned' IGE also owned Zam network (Thottbot, Wowhead, etc). They claim to have 'sold' off IGE and are no longer in business with them, but who knows....
There are 3 types of people in the world. 1.) Those who make things happen 2.) Those who watch things happen 3.) And those who wonder "What the %#*& just happened?!"
Wow has always had a fraud team. That is where every hacked account goes to for review. Always has been that way and this isn't something new. Either they catch some dumb player trying to pull a fast one on the customer service team (fraud) or they find an account that was hacked and restore the account for the user (fraud).
In many of these cases the hackers use stolen credit cards and thus a fraudulent transaction. It is the same problem soe was having with massive chargebacks due to hackers and why they put together their account specialist team (I think it was called GNOME or something similarly funny)
Here is one of the "smoking gun" screen shots the author provides.
Yes blizzard is losing a lot of money to hackers via credit card chargebacks.
Yes they want to prevent that and are looking to hire someone to run that department.
No this job descriptions didn't say anything about internal security or inter office credit card theft.
Yes account hackers thrive by using stolen credit card numbers and this is a problem for any mmo that has gold sellers.
This isn't a job listing for game account security specialist. It is for someone experienced in credit card fraud.
Every single account compromoise has come from the players side. You can deny it all you want, but that is what has happened. I can prove numerous ways people get hacked client side. YOU cannot prove even one single way accoutns have been hacked through blizzards side. That is FACT. Not opinion.
Though i know the conspirarcy theorists will come in here to try and debunk it, as they seem to either get a kick from blaming others, or just flat out refuse to take the blame for something that happened on their side.
Then again you can't prove that it's not happening.
And just because you can't see it happening or read about it daily, doesn't mean it doesn't happen.
There are 3 types of people in the world. 1.) Those who make things happen 2.) Those who watch things happen 3.) And those who wonder "What the %#*& just happened?!"
Every single account compromoise has come from the players side. You can deny it all you want, but that is what has happened. I can prove numerous ways people get hacked client side. YOU cannot prove even one single way accoutns have been hacked through blizzards side. That is FACT. Not opinion.
Though i know the conspirarcy theorists will come in here to try and debunk it, as they seem to either get a kick from blaming others, or just flat out refuse to take the blame for something that happened on their side.
Then again you can't prove that it's not happening.
And just because you can't see it happening or read about it daily, doesn't mean it doesn't happen.
And Obama is putting mind control chips in, atheist really believe in God, WW2 was made up, Milk kills 99% of people that drink it you are just in that 1% and everyone you know is also, etc....
Every single account compromoise has come from the players side. You can deny it all you want, but that is what has happened. I can prove numerous ways people get hacked client side. YOU cannot prove even one single way accoutns have been hacked through blizzards side. That is FACT. Not opinion.
Though i know the conspirarcy theorists will come in here to try and debunk it, as they seem to either get a kick from blaming others, or just flat out refuse to take the blame for something that happened on their side.
Then again you can't prove that it's not happening.
And just because you can't see it happening or read about it daily, doesn't mean it doesn't happen.
When you accuse someone of doing something, the onus is on the accuser to prove it.
I know, for some weird reason you want to be right and you want blizzard to have hacked accounts or w/e. But there is absolutely no proof at all, apart from random people with no sense of computer security, and people that just have no clue shouting random rumours in a pure attempt to gain attention.
If you can PROVE that blizzard has hacked or lhad lax security which led to the compromise of just one single account, then your point is proven. I however think you cant, whilst i can find hundreds of thousands of cases of accounts being hacked purely due to a lapse in basic safe browsing habits by the player.
Care to continue to spread your false rumors more?
Comments
No conspricy - the change to battle net ment your login was now your email.
Now your email address and WoW password is somthing you would type quite often and such information could of been key logged a long time ago. So you have some one with a list of email address and wow password (useless before battle net) - when the switch to battlenet came about most people used their regular email address and keeped the same password and there you have it. A list of almost usless email addresses and password keylogged along time ago now grants access to the accounts.
This is still not blizzards fault. But maybe blizzard should have forced a password change when the bnet stuff came in.
I wonder how you people manage to get so many scam mails sent to you.
I actually talked about this issue with a friend of mine a few days ago, I asked him if he had got any scam mails regarding the Cataclysm beta. He told me he didn't and I hadn't got any either. The reason I asked was because I'm reading everywhere of people getting tons and tons of these mails, some up to 20-25 per day.
I can't remember having been sent one scam mail about WoW, and I've been playing since CBT/release. How is this possible?
Also, I've never been hacked and I don't know anyone of my RL friends who have been either. I'm not bashing anyone, but, do you really know your way around the internet?
Tweet at me - Visit my website
well Lorgarn.. it could of been by an addon as well..
I and a friend, have both been hacked within 2 weeks of each other, after recently updating an "addon".. I have played WoW for 5 years.. him 3 years, and neither of us have ever received an email from outside Blizzard.. When I called Blizzard concerning my hacked account (which was after my friend was hacked) the Blizz customer service employee was also hacked that week as well and waiting for her account to be corrected.. She indicated to me, that hack that we most likely suffered was the same one that got her.. An Addon, that installs an exec file, that sends you to a fake website IF you happen to ever log or try to log into an offical WoW forum or Armory..
Furthermore, these piggy back hacks are only temp.. and are often deleted and removed the next "update" to your addon.. There is more to the story, but for saving us all alot of reading.. Phising Emails are a huge problem yes.. but a lesser known issue that Blizzard will do their best to keep secret and private is the addon hacks.. Can you imagine the implosion in WoW if they went public tellign people that addon hacks are running rampid and they cant' stop it... That is why the authenticator was installed, it was Blizzards ONLY way of combating the addon hacks, because they know damn well people are going to keep using addons in WoW..
There are 2 fronts to this battle.. but only 1 seems to be publisized..
I've been playing MMO's for years as well and was hacked after a year of inactivity. I get atleast 5 scams per week. They all look legit, the only way I can tell is by hovering over their fake hyperlinks. It usually contains a mispelled word such as Blizzerd or WorldofWarcreft and I am running out of patience nowadays...
So much fail in this thread. it's funny. You seriously think that blizzard would risk their company/reputation etc by selling email addresses to illegal gold sites? You seriously think they are doing this, and not the fact that your systems are insecure.
Remember, you don't have to download addons. You dont have to Click phising emails. You dont have to copy links from a random lvl 1 ingame. All you need to do is go to any website that uses flash banner ads, and if just one of those ads has a hidden activex script in it, Unless you were using the latest updated security software (not norton(lol) or avg) you just got compromised.
For reference, and you can call me very lucky, or not, i run an unfirewalled system, with no AV software or Sypware software.
Why dont i get hacked? Simple. Because i practice safe browsing habits.
I use firefox with adblock plus and noscript, so even if there were 100 hidden scripts in a flash banner ad, i would never know they were there because the advertisment code would never have been loaded. I simply wouldnt see the banner adds.
The simplest things can make all the difference. But feel free to continue the conspirarcy theories about how your home systems are more secure than a multi-billion dollar corporation's that has regular security checks both by themselves and banking institutions.
and TY for your opinion
You seem very overconfident . I'd seriously advice you to get an anti malware software asap because your pc might be compromised, no matter how cautious you are. I once caught a worm with a 100% legit media file reader simply because the download link was compromised by some dirty bastards who had nothing better to do than implementing malware into legit content . Now i got it removed , but there was no way i could have known a perfectly legit file downloaded through a perfectly legit link could give me a Worm .
Fere libenter homines id quod volunt credunt.
Among those who dislike oppression are many who like to oppress.
Yes. Maybe you didn't realize that its Acti-Blizz now. Bob Kotick is the greediest scum bucket in the game industry and I definetely wouldn't put it by him to do something like this to earn more money. The question is - does he actually have the power to do something like that? Maybe. Perhaps Blizzard just messed up with the bnet merge? However, instead of asking me to purchase another of their products in order to protect my account security which they comprimised in the first place, they should be providing more service to cover their own mistake. They're becoming increasingly "under the table" nowadays, and I'm definetely not looking into buying more Blizzard products (especially after the whole real-id business).
I got adspam after going to Vivendi's website to check out their financial records to setttle and argument between two people.
Did you put on your tinfoil head?
Fine, we'll compromise. I'll get my way & you'll find a way to be okay with that.
I believe it because I lived it. On 9/11 two years ago, my account was stolen and then merged with a Battle.net account (before it became mandatory). I did some digging on forums and found that many accounts were stolen on the same day. I have read about other mass thefts since then.
Yes, some of the people only have themselves to blame but some appear to be comletely innocent. I really wish that Blizzard would do something about their security problems. I play a ton of MMO's and WoW is the ONLY one that I have ever had these kind of issues with.
On the flipside however I have lost an account before to an overly security zealous company (ncsoft) doing mass wipes of accounts suspected of fraud , theft, etc. I honestly don't know whats worse.
Here is something to think about.
Add-on (and bot) creation requires some form of data mining. This is done in order to learn enough about the code/files to create programmes that alter the way the game is played in some appreciable way. This violates Blizzard's ToS/EULA. There are who-knows-how-many add-ons out there for WoW, doing simple things like comsmetically altering the UI to telling a Paladin when they should buff what character with what. Blizzard knows that this happens (e.g. videos on YouTube of raiding guilds brining down bosses) and does virtually nothing, or nothing at all, about it (e.g. mmo-champion.com following raiding guilds progress through high-end content). Blizzard is not stupid, whatever we may want to think in view of their generally poor customer support that does not require account-based and technical support.
When we look at this it seems fairly clear that Blizzard has a 'off the record' yet consistently enforced policy of aiding and abedding data piracy for commercial profit. This, of course, is a rather inflammatory statement but it is not one that is intended to slander Blizzard in any way, shape or form: it is simply intended to give credit where credit is due. When we consider the sort of action that is taken against illegal RMT, merely perma-banning accounts instead of an active civil and/or criminal case, it seems as thought Blizzard is really quite at home with allowing their data to be used in ways that officially violate their ToS/EULA provided someone, somewhere, is buying another box, paying for another subscription or both.
Yes, this is a highly contentious argument but I think we can safely say that add-ons pose a serious risk and are completely unnecessary to enjoy World of Warcraft. I think that we can also say that Blizzard is not doing it's job in taking this risk seriously, it seems that they are encouraging it due to their lack of action. Instead of offering up this RealID nonsense -which is also something that they have not backed away from, merely postponed- Blizzard should do something to discourage and harshly punish data mining. Until they do they simply look like the worst sort of opportunist.
Think about it for awhile, just think about it.
(1)TL:DR must be your way of saying that thinking hurts. Then again, this may explain why it looks like you responded to the post without using your brain.
(2) It's not about community, is it? You just have nothing better to do.
Problem is that Blizzard tried to be nice in the first place by allowing players to create/use addons. If they were to even attempt to stop people from doing this, even in the name of security, the playerbase as a whole would throw a shit-fit. I mean I agree that you dont need addons to play WoW, and would love to see all of them blocked, but it's just too late for Blizzard to even bother attempt doing so.
Maybe their next game won't be so user created friendly (one can hope). I don't know how many times I've listened to friends whine about their accounts being hacked (even those using Authenticators) because some addon opened a hole or they fell for some stupid email at 3am (Thank you Blizzard for the Bnet merge....)
I feel one of the problems today is that Blizzard just doesn't really care too much. People get hacked, but keep paying. They lose characters, but keep playing. Large portions of the playerbase have been comprimised, but the sub numbers never really drop. Blizzard sees all the crap going on yet they know the players (a vast majority of them that is) will continue playing and paying no matter what. Blizzard doesn't care about you, me or any other player in their games. All they care about is the $$$, and as long as that keeps coming in, all is good in their eyes.
There are 3 types of people in the world.
1.) Those who make things happen
2.) Those who watch things happen
3.) And those who wonder "What the %#*& just happened?!"
I thought about it and it is nonsense.
There is no 'data mining' involved when writing addons. Blizzard provides addon developers with an API they can use to program their addons with. As such any action that an addon does is specificly allowed by Blizzard (barring bugs). One can write whole suites of addons without having to know anything about actual game files or the data structures WoW uses.
And thank you for your opinion Torik..
So much fail in this quote it's funny. You seriously think that these people are trying to insinuate that Blizzard is, in a corporate capacity, selling account info to gold sellers and hackers and such? No no no, what I would think people are insinuating w/ all this is the possibility of one, or multiple, Blizzard employees acting on their own behalf and taking data that they have access to and selling it on the sly for personal gain.
I don't think anyone is really trying to say that Blizzard, or Activision/Blizzard, as a corporation, is selling their account info to gold sellers, or is secretely leaking account info in order to boost authenticator sales. Or maybe they are, in which case then I would agree w/ a call for tin-foil hats.
Now, that being said...
I too am a victim of having a long unused account suddenely reactivated. It was about a year ago, and I can't say if it corresponded w/ this change over to battle.net everyone is mentioning b/c I wasn't following WoW enough to tell you, but I do remember when I first became aware that my account was reactivated and I went to the WoW site there was a new log-in process I had to go through and I remember being told that I had to go through that process b/c they merged WoW accounts w/ bnet or something.
Anyway, my account had been inactive for about a year when it was suddenly reactivated by someone and used without my knowledge. Now, what made me really suspicous about the whole thing was that, at that time, my user-name and password I was using was the same across all my online games, but nothing else besides my WoW account was accessed. I mean, w/ that user-name and password they got from my WoW account, they could have done some serious damage. So if I had a keylogger on my system that provided a hacker w/ my info I find it hard to believe they would have only tried accessing WoW, especially when I hadn't logged into WoW in over a year.
I don't know, personally I think the root of all these "compromised" or "hacked" accounts is most likely a disgruntled, underpaid, or just straight-up sleazy Blizzard employee that is selling this info for personal gain, OR that Blizz slipped up and left some back-doors open in their security somewhere. There are just too many people coming forward w/ eerily similar scenarios for it all to be coincidental, I mean look how many people we have so far in this thread alone that are telling almost indentical stories. The accounts being compromised here are almost all inactive for a few months, and there are usually no signs of a person being "hacked". For instance, no one is finding trojans/keyloggers, and no other information is being utilized, or in other words, if it was a case of all these people legitimatlly being the victim of a hacker or identity thief, then other, potentially more valuable information (bank account, social security #s, credit cards, etc) would also be utilized but it's not.
I'm not one for conspiracy theories, but I don't understand how people can defend Blizzard in this case. Yes, a lot of people don't take proper precaucions to protect their personal info, so some accounts being compromised is to be expected. But the available info clearly shows that there is indeed an actuall trend, and that while it is certainly easiest to point the finger at the end-user, imo there are just too many people coming forward all saying the same thing for it to be coincidence and laid at their own feet.
Doesn't have much to do with being "nice", I don't think. WoW shipped with a really basic GUI, and it's much more cost-effective to let the users design advanced GUIs for themselves. Case in point: the guild UI. They're finally getting around to it now, but for all these years it's been this really quick mock-up that they haven't bothered with, even though any CS student could provide a better design for it in less than a week. (They eventually made a raid calendar, but it was just a less functional version of a popular, player-made addon.)
Sure, they could disable add-ons, but then they'd have to implement a lot of different UIs themselves to cater to various play styles, and they'd never be able to serve those needs as fully as the players do now.
I also could see this (the highlighted portion) as a possible cause of a lot of the account compromises. All it takes is some greedy dirtbag with access to the info trying to make a quick buck on the side. And crap like this happens all the time. Credit card companies deal with this issue alot, there has even been a few stories about it in the news a while back.
But yeah, I could easily see some enterprising twit working at Blizzard (or a small group of them) looking up inactive accounts and selling the info behind the companies back for a quick buck. Because no matter how robust/strong a companies security is, the weakest link will always be the human element.
There are 3 types of people in the world.
1.) Those who make things happen
2.) Those who watch things happen
3.) And those who wonder "What the %#*& just happened?!"
Keep in mind that millions of people changed their wow account login name to an email address they have been posting all over the internet for years. Many of which use the same password all over the place. Compound that with the fact that most wow related sites are owned by gold selling companies and I think we can absolutely say that yes, people are being stupid with their account security.
Every single account compromoise has come from the players side. You can deny it all you want, but that is what has happened. I can prove numerous ways people get hacked client side. YOU cannot prove even one single way accoutns have been hacked through blizzards side. That is FACT. Not opinion.
Though i know the conspirarcy theorists will come in here to try and debunk it, as they seem to either get a kick from blaming others, or just flat out refuse to take the blame for something that happened on their side.
Didn't ING/IEG/IGE or whatever that goldseller site's name is buy the Zam network?
http://www.gamasutra.com/php-bin/news_index.php?story=14451
Yeah, guess the company that 'owned' IGE also owned Zam network (Thottbot, Wowhead, etc). They claim to have 'sold' off IGE and are no longer in business with them, but who knows....
There are 3 types of people in the world.
1.) Those who make things happen
2.) Those who watch things happen
3.) And those who wonder "What the %#*& just happened?!"
@ Original Poster
Wow has always had a fraud team. That is where every hacked account goes to for review. Always has been that way and this isn't something new. Either they catch some dumb player trying to pull a fast one on the customer service team (fraud) or they find an account that was hacked and restore the account for the user (fraud).
In many of these cases the hackers use stolen credit cards and thus a fraudulent transaction. It is the same problem soe was having with massive chargebacks due to hackers and why they put together their account specialist team (I think it was called GNOME or something similarly funny)
Here is one of the "smoking gun" screen shots the author provides.
Yes blizzard is losing a lot of money to hackers via credit card chargebacks.
Yes they want to prevent that and are looking to hire someone to run that department.
No this job descriptions didn't say anything about internal security or inter office credit card theft.
Yes account hackers thrive by using stolen credit card numbers and this is a problem for any mmo that has gold sellers.
This isn't a job listing for game account security specialist. It is for someone experienced in credit card fraud.
Tin Foil Hat required? I think so.
Then again you can't prove that it's not happening.
And just because you can't see it happening or read about it daily, doesn't mean it doesn't happen.
There are 3 types of people in the world.
1.) Those who make things happen
2.) Those who watch things happen
3.) And those who wonder "What the %#*& just happened?!"
And Obama is putting mind control chips in, atheist really believe in God, WW2 was made up, Milk kills 99% of people that drink it you are just in that 1% and everyone you know is also, etc....
When you accuse someone of doing something, the onus is on the accuser to prove it.
I know, for some weird reason you want to be right and you want blizzard to have hacked accounts or w/e. But there is absolutely no proof at all, apart from random people with no sense of computer security, and people that just have no clue shouting random rumours in a pure attempt to gain attention.
If you can PROVE that blizzard has hacked or lhad lax security which led to the compromise of just one single account, then your point is proven. I however think you cant, whilst i can find hundreds of thousands of cases of accounts being hacked purely due to a lapse in basic safe browsing habits by the player.
Care to continue to spread your false rumors more?