#0 - Jan. 8, 2010, 4:32 a.m.
Then the strangest thing happened. I got a call from a second friend, who had an authenticator on his account, and he had been hacked. He had tried to log in and it wouldn't let him. After a few tries, he then got a memory error and wow crashed. If he went to battle.net, his information worked and got him in fine. It doesn't sound like a hacking at first, but when he went and checked his characters on wowarmory, all of them were naked except the things you can't sell.
My brother, in the last hour, went to log into wow. When he launched wow, he had a dos window open up in the top left and run a whole bunch of stuff and then disappear. I told him not to try and login, and he went and ran Malwarebyte and Spybot on his machine, found some things, and they were removed. He then tried to log in again and had the exact same experience as friend #2 above with the memory error, not being able to login, but being able to access his battle.net account. He also has an authenticator on his account. Strangely, as well, his gear appears to still be there, but it may just be a matter of time.
My account also has an authenticator on it, but I was not hacked.
I can also successfully log into my brother's account on my machine. Friend #2 also changed his password like 3 times before his gear actually disappeared.
I'm having a hard time wrapping my head around this.
1. If they were being prevented from logging in because somehow the password or authenticator was changed, then how can they log into their battle.net account?
2. I would like to say they just can't log in because their client is corrupt and this has nothing to do with a hacking (brother even ran a repair and still doesn't work), but that still leaves no explanation of friend #2s stuff all being sold.
So somehow they are being prevented from logging in through the client, but the password and authenticator key have not changed, yet someone else is accessing it, even without access to their authenticator keys.
I just read in the news that the encryption for cell-phone signals was broken by some computer scientists in Germany. I know that's unrelated, but has Blizzard considered that maybe the algorithm they use for these has been hacked, allowing someone with access to one key through a key logger to know the keys?
I'm welcome to any information that anyone has. If anyone else has seen this I'd like to hear about it, and Blue's if you are aware of any issues like this, please let me know.
Further information that may be pertinent:
1. We LAN a lot. There are usually 6 of us, three of those six have been hacked.
2. The only addons we all have in common are very mainstream... DBM, Atlas Loot, Recount, etc.
3. Some of use the Curse client, others do not.
4. The two accounts with authenticators were using authenticators from Blizzcon 2009 (not sure if that is in any way important)
