account compromised?

[Vis]

I'd use Delmara's link to the Blizz store, apparently they've changed the coloring now And they're available at this moment, buy it quick! They have a tendancy to sell out real fast, generally within days.

[Sepioth]

I was hacked over the weekend.

Fortunately I have my iPhone set up to receive e-mails every 15 mins and I saw a e-mail saying my password was changed on Saturday while I was at work.

I took my hour lunch and ran home to check my account. Unfortunately I was locked out.

I tried to retrieve my password and it says this has been done to may time to call Blizz support. Unfortunately you can't do this on weekends So I emailed their billing account.

On Sunday I received an email saying my account was closed do to "Inappropriate Advertising" in WoW. I immediately replied with info saying I was hacked. On Sunday night I regained control of my account and it was unlocked.

Fortunately I had nothing stripped off my characters and they where all still there .. It may be because i caught it in time who knows.



Also I have McAfee running as well as Ad-Aware and I still got hacked. How I'm not too sure but it sucked.


Also I wiped all my drives and reinstalled everything. It may have been possible that I had a keylogger so a wipe is best way to remove any virus. I backed up what can be considered safe -- pictures, videos, text documents, music and my WoW WTF and interface folders -- I deleted and formatted and reinstalled Windows.


Before doing the wipe though I did notice a file running that I didn't recognize. It was named "testdb.exe" It resided in "\Program Files\ThunMail" .
It also had a .dll file by the same name. It was also hidden from view.

Searching Google resulted in very little but what it did show was it may have been some sort of virus.

[spiritwulf]

Id be more concerned about the fact that the password retriever said you had made to many attempts. Sounds like they did a brute force attack on the Blizz system to me.

[Sepioth]

The password retrieval system asks for User/account name and email address.

If your email does not match the account it won't send out the password.

Even then how many time can you try to retrieve it before it locks anyway?? 3 maybe 5 times?? The chances of brute force getting it in that many tries is <NIL :P

I'm just glad it was resolved before something could actually happen to my account.

[MysticalNyte]

I recommend getting something like KeyScrambler or similar. It embeds into your browser and encrypts what you type into it but doesn't work outside of your browser or browsers of choice. Just my .02. Hope it helps.

[wreck]

First of all, the iPod Touch/iPhone Battle.net Account authenticator is free. If you own either of those devices this is THE way to go. My wife and I use this. Now I can' log in to her account unless I steal here iPod touch, and no WAY I'm going to try that.

Second, I was a guide for Everquest for many years, back in the day. We got as many as three petitions for people who had their accounts "hacked" every month. SOE investigated those very seriously. Want to know what the results were in every single case? The user had shared their account with someone else. In every case. They had given their user name and password to a friend, schoolmate, kid brother or "the really cute girl next door that I just KNOW would never abuse it."

In every case we investigated. That was over twenty individual cases of account hacking. The customer had given the account information to someone themselves.

I remember one case very vividly. I talked to the "victim" every day for a week, we had investigated every possibility and after all that time he finally logs in and says "It turns out I gave my password to my best friend at school and he gave it to a bunch of his friends as a prank." He even said he'd asked his friend on several occasions. His friend freaked out when he heard SOE was trying to find what happened. His "very best friend ever" lied to him.

Yep, don't even trust your best friend with your password. Ever.

I'm not saying the OP did this. There are plenty of other ways this can happen today. I'm just pointing out the overwhelming results from another game I did CS for.

[gman265]

Originally Posted by Aligatr No one could ever guess my password whether they knew me personally or not, but i do use the same password for everything, and relatively the same username for most everything. Also, i don't run an anti-virus program at this time, but i do have a firewall up. I do virus scans periodically and nothing has been caught yet.

I have been "unplugged" for a week or so. I know I am late to the party, but after reading what Aligatr posted, I about had a heart attack.

Please, for the love of Pete, never use the same password and/or username for more than one login. If you feel you must do this, you need to have 5 or more usernames and passwords to rotate through. It really doesn't matter how awesome your password is. The more you throw it out there, the higher the chance it will be compromised.

Social engineering and Keyloggers are the most effective method for gathering your information. If you use the same username and password for just about everything, then social engineering was probably the culprit. Always pay attention to where you enter your information. Never follow any links in email, even if you trust the person sending you the link. Your friend could have been compromised and not even know it. Always make sure the site you are about to enter your information on, is actually a real site.

I also recommend using Firefox as your main browser with these addons installed:

External IP - Shows your external IP address

Flagfox - Displays a flag depicting the location of the current server

IDND - IDN detection for Firefox

NoScript - Extra protection for your Firefox. NoScript allows JavaScript, Java ( and other plugins) only for trusted domains of your choice. Prevents exploitaion of security vulnerabilities (known and even unknown) with no loss of functionality

ShowIP - Show the IP address of the current page in the status bar

WOT - web of trust

Personally, I scan my computer 3 ways before I even do anything on it. I schedule daily malware scans, weekly antivirus scans, run antivirus and malware detectors in the background. Anything I plug into my computer gets automatically scanned before it is allowed access to the system. I have 30 base passwords that get modified, linked together or twisted around. I keep these passwords, usernames and account information in 3 different files. These files are generically named, compressed separately using 256bit AES encryption, and stored on 3 different media devices (which are encrypted using truecrypt).

I know I am a bit of a nut, my wife can't stand it. But try having your identity or a wow account that you have poured 3 or 4 years of your life into stolen. I know it seems crazy and more trouble than it is worth, but it is really not that bad. I am a bit of a freak and can remember almost anything I come across. So I only use the stored data as a reference.

There are other good secure tools for managing usernames and passwords, but I chose not to put my trust in anyone else.

Good luck and I hope your recovery processes goes well.

-gman

[Sepioth]

Originally Posted by wreck First of all, the iPod Touch/iPhone Battle.net Account authenticator is free. If you own either of those devices this is THE way to go. My wife and I use this. Now I can' log in to her account unless I steal here iPod touch, and no WAY I'm going to try that. Second, I was a guide for Everquest for many years, back in the day. We got as many as three petitions for people who had their accounts "hacked" every month. SOE investigated those very seriously. Want to know what the results were in every single case? The user had shared their account with someone else. In every case. They had given their user name and password to a friend, schoolmate, kid brother or "the really cute girl next door that I just KNOW would never abuse it." In every case we investigated. That was over twenty individual cases of account hacking. The customer had given the account information to someone themselves. I remember one case very vividly. I talked to the "victim" every day for a week, we had investigated every possibility and after all that time he finally logs in and says "It turns out I gave my password to my best friend at school and he gave it to a bunch of his friends as a prank." He even said he'd asked his friend on several occasions. His friend freaked out when he heard SOE was trying to find what happened. His "very best friend ever" lied to him. Yep, don't even trust your best friend with your password. Ever. I'm not saying the OP did this. There are plenty of other ways this can happen today. I'm just pointing out the overwhelming results from another game I did CS for.

Well I know for SURE that my password was not from a "friend" giving it out to anyone.

No one but ME knows my password.

BUT I can honestly say that my best friend of almost 30 years would never give it to any one else even if I HAD given it to him. If your "best friend" is giving your passwords out as a PRANK !!! then he's not your best friend is he :P

[wreck]

Originally Posted by Sepioth No one but ME knows my password.

Well, you and the guy who hacked your account. I'm sure that's what you meant to say

[Sepioth]

Originally Posted by wreck Well, you and the guy who hacked your account. I'm sure that's what you meant to say

HEHE .. true true ... but now he doesn't know it anymore so it's just me again .. and I now use the authenticator so there will no longer be any account hacking for me.

[MadCow]

can you get a keylogger or infected by clicking a confirmation link? say in a newsletter or forum signup email? If so is thir a way around it?

I remember a yr or 2 ago i got hacked by the ace updater.

Also which Antivirus would you guys suggest that interferes w/ online gaming or is the least memory hoggish. I hate programs that sticks it fingers into every part of my pc adding thing i dont want or will never use.

[spiel2001]

The only way you can get hacked by following a link is if they use an exploit to install something on your computer and as long as you are careful, that should never happen... the usual rules:

Don't ever approve installing anything on your computer unless you know exactly what it is, where it came from and are certain of the integrity of the source.

If you're following links, always always always look at the address bar and make sure the link took you where you expected to go before you consider completing any forms, especially if they are asking for a user name & password. If you are not 110% certain the URL in the address bar is the one you expected to see, stop.

If you're going to be "surfing for information" and you are unsure of the integrity of the sites you're visiting, disable java and javascript and always be sure you have an anti-virus running.

Follow those three rules and it's just about impossible to be hacked just by following a link.

[wreck]

Safe browsing habits beat Anti-Virus tools every time. I never use AV tools because they often cause more problems than they are worth. That's why just about every installer tells you to disable AV software before proceeding. AV programs also take up resources in a world where keeping your machine running as fast as possible is key.

Scott has already given some good suggestions. Here are some others:

Don't use IE or ActiveX. They have a long history of security issues. Some have been fixed but you are safer using something else. I recommend Firefox.

Outlook is suspect as well. While later versions are much safer I don't trust them at all from the old days. Again Thunderbird is a great alternative as it won't even allow executables to run from email.

Don't install stuff you download unless you know exactly what you downloaded and you got it from a reputable site (like FilePlanet.com). Anything your friends send you is suspect. Worst case of viral infection I ever saw was on my Nephews computer when he installed a hacked game his friend gave him on a self made CD. The hard drive had to be formatted and run through a sand blaster to get it back to working condition. He had over 10000 virus files when we first looked.

Trust isn't a matter of "being very best friends." If your friend isn't careful with his computer, you should not trust him with yours. Even if s/he doesn't intend to cause harm.

Drinking buddies are drinking buddies. Security experts don't even trust each other.

[Petrah]

Originally Posted by MadCow can you get a keylogger or infected by clicking a confirmation link? say in a newsletter or forum signup email? If so is thir a way around it? I remember a yr or 2 ago i got hacked by the ace updater. Also which Antivirus would you guys suggest that interferes w/ online gaming or is the least memory hoggish. I hate programs that sticks it fingers into every part of my pc adding thing i dont want or will never use.

From what I've read, Nod32 is best if you're a gamer. But that doesn't necessarily mean it's the best for protection.
http://www.eset.com/solutions/gaming.php

I've read time and time again from a lot of people on the WoW forums that Kaspersky is the best for keylogger protection. I tried it and did not care for it.

Personally, I use AVG. I have it set to check for new versions at 5:40am, download new updates at 5:45am, and to deep scan my computer at 6am. Everyday. At this time of the morning I'm getting ready to get the kids up for school and am just reading emails or perusing the forums.

Something I've noticed since I did a complete system upgrade is that on my old system AVG lagged the system a bit when it was running (which is why I chose the scan times that I did), or when I was surfing (it checks links etcetera). With my new system, I could play the game while AVG was deep scanning and I wouldn't notice any system lag at all.

[Vyper]

Originally Posted by MadCow Also which Antivirus would you guys suggest that interferes w/ online gaming or is the least memory hoggish. I hate programs that sticks it fingers into every part of my pc adding thing i dont want or will never use.

Personally, I love Avast Antivirus. It feels much lighter than AVG to me, but includes all the goodies you would expect.

Originally Posted by wreck Safe browsing habits beat Anti-Virus tools every time. I never use AV tools because they often cause more problems than they are worth. That's why just about every installer tells you to disable AV software before proceeding. AV programs also take up resources in a world where keeping your machine running as fast as possible is key.

Safe browsing habits are important, but Anti-virus is important as well. There have been instances where popular sites such as CNN have been hacked and modified to take advantage of MS vulnerabilities. There are simply
too many ways for a virus/worm to get on your compter for you too ever be 100% sure of not picking something up. While I agree there scanners such as McAfee and Norton often cause unneccesary problems, and are massive resource hogs, others (such as Avast) are much lower impact.

BTW just because an installer tells you to turn off your virus scan, does not mean it's a good idea. While there have been conflicts from time to time, if your virus scanner stops a program from doing something, it probably shouldn't be doing it in the first place.

[spiel2001]

As much as it pains me to admit this, I actually like Microsoft's "OneCare" anti-virus... I leave it running all the time on my laptop and have no issues with it being too heavy or interfering with game play... I figure if I can run an AV on a laptop an still pull 60fps frame rates, it's lightweight enough ~smile~

Of all of the AV software I've tried under Windows, this is hands down the least intrusive one I've used imo.

[Vis]

My vote since learning about it is Vipre, made by SunbeltSoftware (also the author of Counterspy). http://www.sunbeltsoftware.com/ Seems to be very low memory usage, updated regularly, fast full deep scans, and no issues as of yet affecting either playability of games, installing applications etc.

I've been running it for about 6 months now and love it. Ended up using it over AVG, Avast, Kaspersky, and a few others I've tried.

[wreck]

Originally Posted by Vyper Safe browsing habits are important, but Anti-virus is important as well. There have been instances where popular sites such as CNN have been hacked and modified to take advantage of MS vulnerabilities.

Please post a attribution for that. Misinformation is one of the powerful drugs that get people hooked on the wrong behavior.

There was an email scam being spread a few years back that claimed to be a CNN news story. When people followed the link they were lead to a website that distributed a virus. Neither the email nor the website link were connected to CNN in any way.

I'm not saying that major websites have not been hacked, but in your example the problem was people not being careful about what they were browsing. In that case, people using a Virus scanner may have been protected. People who know better than to follow such links were safe.

[Delmara]

Originally Posted by wreck I'm not saying that major websites have not been hacked, but in your example the problem was people not being careful about what they were browsing. In that case, people using a Virus scanner may have been protected. People who know better than to follow such links were safe.

Well maybe not CNN ... How about the Myspace thing a few years back ..

http://voices.washingtonpost.com/sec...are_to_mo.html

[spiel2001]

Just wanna poke my head in here real quick and command that I can see this conversation quickly heading to a place where people start getting upset with one another... this is a topic much like politics and religion, so please everyone tread lightly here.