Account hacked authenticator add'd to account

#0 - Dec. 23, 2009, 6:28 a.m.

My account was hacked sometime between monday and now, and the hacker added to autenticator to my account and now i cant log in i changed the password threw the forgot password thing but the authenticator is still on my account is the only way to get this removed is by phoning blizzard?

Orlyia

#15 - Dec. 23, 2009, 8:21 p.m.

Q u o t e:
Happened to me today. Currently sitting in Zul Drak on another account watching my character farm Argent Stand mobs. 6 or more hours she's been doing it and not a GM to come stop her. Wonder what they consider serious?

I replied in your other thread, Darlia - but I've not seen an answer to my question yet.

Orlyia

#18 - Dec. 23, 2009, 10:43 a.m.

Q u o t e:
i like how the GM replys to a poster who has his own thread in my thread and completly ignores my problem and doesnt even say anything about it..... i like this customer service.. it makes me feel helped..... /end sarcasm

Sorry, Paralyze - I thought you probably saw the standard response for this scenario in some of the other threads. This really is standard, not a lot of difference initially in most compromises.

If an account has been merged to a Battle.net (not your own), or if an email has been changed, or an authenticator added, one of your first stops is going to be Billing. They need to get those sorted out first so the rest of the processes can continue.

Billing and Account Services
Phone Support - 1 (800) 59-BLIZZ (1 (800) 592 5499)
Live Representatives Available 8AM – 8PM Pacific Time, 7-Day Support
E-mail Support - [email protected]

Our Billing Support page can be found at http://us.blizzard.com/support/article.xml?locale=en_US&articleId=20606

Now, it's very very important to figure out where the security breach occurred. If they CAN get back in, they WILL be back. That, unfortunately, you can count on.

These two stickies should prove helpful. I'd also recommend doing your scans with the launcher open and some junk entry in the account ID. We've seen some nasty keyloggers pop up lately that don't want to show on scanners unless the launcher is active.

I also highly recommend changing your email password once you are certain your system is secure. They don't need into a system once they can dip into an inbox.

Computer Security Recommendations
http://forums.worldofwarcraft.com/thread.html?topicId=1778038509&sid=1

Account Compromise Info Center
http://forums.worldofwarcraft.com/thread.html?topicId=14318909866&sid=1

You may also want to look into getting an authenticator for your account. It's no substitute for good security habits, but it will keep anyone else out of your WoW account. Not to mention core hounds make adorable pets!

Blizzard Store
http://us.blizzard.com/store/browse.xml?f=c:6

Mobile Authenticator
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=26109

I do wish you all the very best on a speedy recovery.

Orlyia

#20 - Dec. 23, 2009, 10:48 a.m.

That I'm not sure about. Tech may be able to help more.

I am terribly sorry if I missed that question.

Orlyia

#22 - Dec. 23, 2009, 3:03 p.m.

Q u o t e:
my account just got hacked too. i just tried to log on and...same thing. my friend said my guy was in wintergrasp. cant get through to blizz for another hour at least by phone. not sure how this could have happened, but it looks as though they added an authenticator to the account now so i cant log in.

I've responded in your own thread, DirtyrÃ³Ã²ster.

Orlyia

#25 - Dec. 23, 2009, 3:23 p.m.

The authenticator isn't the issue folks - prior to this, they just changed emails -etc.

The problem is someone got your information that should not have it.

Had there already been an authenticator on these accounts, the point would be moot - they wouldn't have been able to get in.

Give Billing a ring in the cases of an authenticator added - not by you, email changes - or merges to unauthorized Battle.net accounts. Once those bits are ironed out - things can proceed from there.

Orlyia

#28 - Dec. 23, 2009, 3:27 p.m.

Q u o t e:
any idea how they do this or how it happens?

Malware on your system and phish emails are the two most common causes, but there are many others.

That is why it's important to make absolutely sure your system and email account are secure - not respond to emails - especially ones that are asking for your password and never ever share you account information with anyone else.

Orlyia

#31 - Dec. 23, 2009, 3:34 p.m.

Q u o t e:
i have norton antivirus, wouldnt that keep stuff like that off my comp? and how can they access the account and add an authenticator without personal info, such as secret ? and other info on the acct?

They did have your password and ID, DirtyrÃ³Ã²ster.

Norton is good as far as it goes, but most malware aimed at WoW accounts anymore is often of the spyware variety - and Norton isn't that great with spyware.

I'd recommend running at least one scanner aimed at virus/trojans and one at adware/spyware (not at the same time). Scanners good at one are seldom good at the other.

Orlyia

#34 - Dec. 23, 2009, 3:41 p.m.

This sticky thread should prove useful.

Computer Security Recommendations
http://forums.worldofwarcraft.com/thread.html?topicId=1778038509&sid=1

Malwarebytes is often recommended by our players. Do be careful though - there are actually viruses that masquerade as scanners - you want to be careful where you get your scanners too!

Orlyia

#37 - Dec. 23, 2009, 3:50 p.m.

I'd also recommend doing your scans with the launcher open and some junk entry in the account ID. We've seen some nasty keyloggers pop up lately that don't want to show on scanners unless the launcher is active.

Orlyia

#39 - Dec. 23, 2009, 4 p.m.

Q u o t e:
just put in a fake email and pass and not click run? then minimize and run malware? correct?

it says malwarebytes in an av. i thought it was a spyware

There is a look-a-like version of malwarebytes that IS spyware - you need to be careful where you get it from.