Well kids, looks like I got hacked sometime this morning. I got a pair of strange emails at about 8:30 indicating my account had been suspended for three hours for trade chat spam or somesuch. Things really went amiss when I went to log into my email address this afternoon and found out the password has been changed (stupidly, it was the same as my wow password). So now I get to deal with that as well.
So I'm racking my brains, trying to figure out how the hell it happened, and just can't come up with anything. I'm pretty careful about what I install on my computer, and I run antivirus and anti-malware stuff, so I'm befuddled.
Update: Aaron said it might have something to do with curse and wowmatrix addon clients. They leave your computer vulnerable to sniffers. So ... it might be in your best interest to use an authenticator or manually updated addons.
He's currently trying to get his stuff back, and hopefully the GBank's stuff.
-- Edited by Monk on Tuesday 27th of April 2010 01:39:44 PM
For everyone's enlightenment and education, here's an email the support guy sent me: __________________________________________________
Hello Aaron, ******************Please make sure you read through this ENTIRE EMAIL, as all of this information is VERY important.******************
My name is Michael, and I'm the Blizzard Representative that will be assisted you with your account today.
Below I have attached some information on how to recover this account and your items/gear/characters in it; as well, it includes some information on how to keep your account secure. I will admit--it's very wordy, but if you follow the instructions, it will help you from getting compromised in the future.
REGAINING ACCESS:
I have went ahead and removed that authenticator from the account for you.
I reset your password to the account. You should be recieving that here shortly; it'll let you sign back into the account.
MISSING CHARACTERS, ITEMS, AND GOLD:
After a further review of your World of Warcraft account, we have found evidence of damages to one or more of the characters as a result of the recent compromise.
As a result, we have forwarded your ticket to the In-Game Support department for further investigation and troubleshooting. Please keep in mind that, due to the nature and complexity of these types of tickets, it may take several days for us to contact you with the conclusion of our investigation. We apologize for the delay and thank you for your patience and understanding in this time.
You do not need to worry about putting in a ticket yourself; this has all been taken care of for you.
COMPUTER AND ACCOUNT SECURITY:
Please follow the steps at http://us.battle.net/security/checklist.html to completely secure this computer and your account from future attacks. Please follow this simple check list to keep your account secured.
Also, there is an issue with certaing 3rd party websites. Websites with weak security (ie: 3rd party fan websites) make easy targets. Basically this will bypass any security software you have since it's running through a script on the affected web page. No user action or downloading would be required, which is why it's so dangerous. Just having the website up in the background when you go to login could potentially compromise the account information. So when you play, try to make sure you don't have any non-secure websites up.
Our own tech reps also know another possible issue. Do you use the Curse Client or WowMatrix? These programs seem to be getting everybody I've talked to keylogged. Be very, very careful with programs that install addons for you. Rather, install the addons yourself. Better safe than sorry!
You can install the UI mods you wish to use. By default, all UI mods should be installed in the Interface/AddOns folder. If you are not sure how to install your UI mods please contact the publisher of your mods. Technical Support does not offer assistance with UI mods.
BLIZZARD AUTHENTICATOR:
We have provided an optional layer of security for World of Warcraft. The Blizzard Authenticator is a small electronic device, designed to be attached to a keychain that generates a six digit security code at the press of a button. The code is a unique code that is only valid for a limited time to use along with the account name and password upon login. With each push of a button, the Blizzard Authenticator will generate a new code to be used upon login. The Blizzard Authenticator will be available for purchase at Blizzard's online store for $6.50 USD (http://blizzard.com/store/).
Each Blizzard Authenticator can be associated to several accounts, as it will be required to have the Blizzard Authenticator present in order to login. To associate your account with the Blizzard Authenticator, you will need to enter the serial number on the back of your Blizzard Authenticator at the Account Management screen (https://www.worldofwarcraft.com/account).
We have recently seen an increase in these phishing attempts which pose a real threat for account security. As a friendly reminder, many scams will ask you for your password, which is something Blizzard Entertainment will *NEVER* do.
You may wish to review the following links for more information on phishing emails: