Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Is Hacking Illegal?

Forum Avatar
Folstaff
#0 - Sept. 6, 2009, 10:37 a.m.
Blizzard Post
Is game hacking Illegal? Our guildie has been hacked twice in two days. We suspeced her last addon. Chasites her for DL it. And we helped her run Spybot to get rid of the keylogger. By the time she finally got her acct back she was exhausted from the stress. I know, if you get hacked its ur own fault... lets not spiral down that path please. And try to have a real forum of minds to address the topic at hand. Catching these hackers.

The first thign ive noticed they do is switch the acct over to Battle.net. Why is this and what would Battle.net do to facilitate the hacing of someone's acct?

As one having interest in law and hope to teach law after college, I have seen a real lack of regard in our area of rights. lol.

What im asking is what resources are are there to actually report and catch these guys? They sifted thru her Facebook, her email, and certainly if she had her bank acct info or credit card info on her puter they would have stolen that as well. All from playing an MMO? So certainly, being in the business, Blizzard would possibly know of some reporting agencies. As for TOS its certainly intellectual and privacy laws related. But is it really Identity theft to do this? If you steal the info necessary to do the crime, is it a crime already, or only after you use it to cause real damage other than in-game? And what real legal action can victims do to get some of these guys off the net?

Well, I'll start off the Forum with what I did following the first hacking. I provided on my site trusted software my college labs use to clean their systems daily, added a link instructing who to contact regarding your acct (Blizz 1-800), Daily or weekly safeguards such as deleting temp internet files and cookies that save passwords, and i even found a reporting link to the FTC that has a complaints form to fill out to report Identity theft. Not sure this last lil part would merit more than a laugh from the Feds tho.
Forum Avatar
Syndri
#69 - Sept. 9, 2009, 12:49 a.m.
Blizzard Post
I'd sincerely encourage you to review the following conversation, Folstaff. It may prove both insightful and helpful: http://forums.worldofwarcraft.com/thread.html?topicId=18360840329&pageNo=1&sid=1#8

Specifically:
Q u o t e:
With that all said, as unsettling—and, perhaps, as humbling—as it may be, accepting that compromises occur client-side is the first and most important step to bolstering an account's security.

Please know that this assertion is not the blanket assignment of blame. To say that those who are compromised are always to blame for their account compromise is to insinuate, semantically, that each and every affected owner willfully contributed to the dissemination of the account's log in and password. Neither you nor I believe this is the case for all account compromises. Some, yes. All, no.

I am simply asking you to realize that an account owner's network of security may be imperfect. As the old adage goes, "There's more than one way to skin a cat," and, regrettably, this sentiment also holds true in the case of compromise.

One's security may be compromised through malware, for example, or through the unknowing provision of account-specific information (through a phishing email or website). One's email address may be gleaned or Security Answer & Question guessed. Our goal, as end users, is to admit that these threats exist, understand that we have underestimated how secure our systems are, and take the appropriate steps to strengthen our defenses.


As a follow up to this, I can assure you that the information we store related to our player base remains secure and that your guild mate's compromises were the result of a client-side breach in security. Was she directly and actively responsible for these breaches? It's possible that she wasn't, as humans are most certainly not omniscient and cannot predict all ends. We are not faulting her for these events, and we ask that you not fault us in return.

Now, with that said, repeat compromise can occur for various reasons. Many times it's due to a lingering, malicious program which continues to pull account-specific information. Other times, though, it's because the email registered to the account is also compromised, prolonging the issue even after access to the account is restored. So long as the registered address is accessible to a malicious party, the associated WoW (or Battle.net) account will remain at risk. This is why we encourage all players to consistently check and re-check the security of not only their computer and account, but their registered email address, as well.

Some great step-by-step suggestions regarding how best to secure all three elements may be found within the following sticky. I'd strongly recommend that your guild mate review it in its entirety:

Also, if your guild mate has any questions regarding how best to recoup from an account compromise, this thread should be of great assistance:

As for the repercussions malicious parties face in light of a compromise, please know that we take all appropriate action. If you wish to learn about what sort of litigation we may or may not pursue, though, this would be a matter best addressed by our Legal staff and not the Game Master department.

    Attn: Legal Department
    Blizzard Entertainment, Inc.
    P.O. Box 18979
    Irvine CA 92623


For those who wish to examine the possibility of legal action on the individual level, please contact your local authorities or available legal representative.


Thank you for your concern, Folstaff. I wish both you and your guild mate the best of luck. :)