Thread Tools Display Modes
10-12-09, 04:25 PM   #1
Djinn.Crimsora
An Aku'mai Servant
Join Date: Aug 2009
Posts: 31
Hackers

Hey guys!

I want to put this all out to you guys, since there's been a huge influx of account-hacking over the last few months. After having been hacked just yesterday as well as almost a year ago (with having gotten a new computer in between), there are only a few things that I can think of that hackers are using to get account info on us these days.

First up: the sites we visit. I may have accidentally hit gold-farmer sites on my old machine, leading to my account being hacked a year ago, but the majority of potential hacker-homes are quite possibly websites hosting free ****. I highly advise avoiding websites that offer free **** videos/images, especially ones that offer downloads as well as online/in-browser viewing. The files these websites latch into your system, which I've found you CANNOT remove, even with a binary-overwriter such as AbsoluteShield FileShredder, sink themselves into important system folders that are deep and out of the way.

Secondly: the addons we have come to rely on in this day and age. I myself am starting to question whether I should even bother keeping Atlasloot Enhanced, as that's the only mod from when I got hacked last year that I'm still using today. Even though I get it from Curse.Com, there's still the risk that the files were contaminated with hacker files, so I'm going to be removing almost all addons, sans nUI.

Just thought I'd put out these bits of advice while I wait for word from a GM about them restoring all my stuff/gold the hacker stole.
  Reply With Quote
10-12-09, 05:04 PM   #2
Petrah
A Pyroguard Emberseer
 
Petrah's Avatar
AddOn Author - Click to view addons
Join Date: Jan 2008
Posts: 2,988
As long as the files inside of each addon folder only contain txt, lua, toc, xml, and graphic files then you should have no reason to worry. Curse and WoWInterface are the only two places that I will download from, aside from the one or two beta addons I try from the WoWAce site, and I haven't heard anything about Atlas Loot from Curse containing any keyloggers.

When someone is hacked, that doesn't mean that they just recently became infected. It's well known that those keyloggers sit on your computer for quite some time before the hackers even try to gain access to your account, and it's not just the WoW account that gets compromised. Anything that you use a login and/or password for is also compromised. Your email account(s) (especially the freebie web ones), forum accounts, banking, and any other type of account that you use a login or password for.

Try better prevention to stop it before it can be downloaded. Use a free custom host file and the free service called OpenDNS (public schools and public libraries use this service). Block it before it ever has a chance to even show up in your browser.

Use Hostman to apply a custom host file to your computer.
http://www.abelhadigital.com/2008/07...-released.html

Use OpenDNS to block the ability to get to sites that are known to have harmful flyby downloads.
http://www.opendns.com/

As for the things you manually download to your computer, do like the admins here do with addons that people upload. Open each addon you download and look at the files inside. Manually check everything, then scan it, then scan it again.

Edit: The Authenticator is also another layer of protection for you (looks like they're in stock.. I would grab one before they sell out again!).
http://us.blizzard.com/store/details.xml?id=1100000622
__________________
♪~ ( ) I My Sonos!
AddOn Authors: If your addon spams the chat box with "Addon v8.3.4.5.3 now loaded!", please add an option to disable it!

Last edited by Petrah : 10-12-09 at 05:08 PM.
  Reply With Quote
10-12-09, 10:58 PM   #3
MidgetMage55
Grinch!
 
MidgetMage55's Avatar
AddOn Author - Click to view addons
Join Date: Feb 2007
Posts: 1,498
The thing about addons is they don't even execute until after you have entered your password/account name. Specifically when you select your character and start to enter the world is when they begin to do what ever it is they are designed to do.

So unless your addon required you to use an executable file to install it (an extremely rare creature these days as far as addons go) you are basically in the clear.

This by no means is saying you shouldn't practice safe internet habits. as mentioned above you should scan your files to make sure they are safe. Keep your scanning software up to date. Also do not rely on security software obtained from torrent sites (not to imply you are doing so. just being thorough) as they are difficult to keep up to date in a timely fashion. This is assuming they are clean to begin with.

Another overlooked but relevant issue is using the same login name and password for most if not all web related activity. All it takes is one of the locations to be compromised to put all the services you use at risk. A rule i follow is if its important enough to protect then a unique login and password are worth the trouble. This goes the same for sharing info with someone. Unless you can be absolutely sure they wont do something stupid with your info. Don't give it out.
__________________

I think Hong Kong Phooey was a ninja AND a pirate. That was just too much awesome. - Yhor
  Reply With Quote
10-13-09, 12:32 AM   #4
Xrystal
nUI Maintainer
 
Xrystal's Avatar
Premium Member
AddOn Author - Click to view addons
Join Date: Feb 2006
Posts: 5,892
In all the 4 or 5 years of playing WoW I haven't been hacked. 2 or 3 years ago we had 3 officers in the guild get hacked so the rest of us went and bought the authenticators which eased our consious and the other day was the first in our guild to get hacked since those 3 were. We all pretty much use the same addons and has been said unless you have an executable file in the addons folder there is no way the addons are the cause. Trusting the sites you go to or setting your internet security so that only certain files are permitted to do stuff should get your through alot of problems that way.

That said, I have never gone to gold seller sites or those other questionable sites, so mayhap they are the cause of these kind of problems.

And also, to repeat the mentioned extra protection, login info. Really important info logins ? Use complex logins for those.
__________________
  Reply With Quote

WoWInterface » Featured Projects » nUI, MozzFullWorldMap and PartySpotter » General » nUI: Community Chat » Hackers

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off