Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Flash victims

Forum Avatar
Wey
#0 - June 12, 2010, 5:46 p.m.
Blizzard Post
People need to stop blaming the victim. The latest spate of hack victims are the result of a vulneralbility in Adobe Flash 9The biggest pile of garbage software created). I play on a Wow only computer that is not used except to access the game and Blizzards website. Full anti virus and spyware scanners. Yes my account got compromised.
If a token generator is what you call security you do not pay attention to software much. Token based security was broken and subject to man in the middle attacks many years ago. Even your online banking security 128mb was broken way back in 1995 by a college student on then normal computer hardware. How much more powerful are the computers now than in 1995.

Blizzard could have put a warning on the login screen about Adobe instead of just phishing attacks.
I personally didnt even find out about it until after when I went to the forums, honestly the forums suck so why go there instead of playing the game.


You do not have to do anything wrong to have your account compromised anymore. Even the most secure computer will be vulnerable if it is forced to use unsafe and garbage software, ie Flash.

I totally understand why Apple refuses to support Adobe Flash in any way.
Maybe Blizzard should get rid of its Flash ads too.

Forum Avatar
Syndri
#7 - June 12, 2010, 6:02 p.m.
Blizzard Post
We're not blaming anyone for their account compromises, Wey. Unfortunate things happens—sometimes they can be prevented, and sometimes not.

Your responsibility as an end-user does include maintaining the security of your account, though. While we've established numerous checks and balances to ensure that your account information is safe on our end and provided copious amounts of security education on our website(s), we cannot prevent you from visiting malicious websites, or force you to keep your scanning software up to date, or stop you from giving out your login information to other parties. These are things that only you can do, you know? And, in the end, accepting that compromises occur client-side is the first and most important step to protecting your account.

Regardless, we'll be happy to help you reclaim your account (if necessary) and recoup any losses your characters may have suffered as a result—regardless of how You'll want to get started on the account recovery process as soon as possible, and here's a guide that will walk you through step-by-step:


Securing your computer, securing your account information, reporting any losses, and prepping for the restoration process—all of this is included. I sincerely encourage you to give the guide a read and follow the instructions provided within.

Also, if you want to spread the word about the Adobe vulnerability (now patched for Flash), here's a quick link: http://forums.worldofwarcraft.com/thread.html?topicId=25170612629&sid=1

We've also promoted this vulnerability on Twitter and Facebook, as well. :)
Forum Avatar
Syndri
#10 - June 12, 2010, 6:07 p.m.
Blizzard Post
Q u o t e:
No one around here has ever said that... and those that do usually take a forum holiday...


While I'm sure nothing inherently malicious is meant by those statements (I imagine some players are simply unaware of devious some security threats can be), they are occasionally provided in response to a compromise report.

If moderators of this forum do see such statements being made, we will typically attempt to provide clarity. Knowledge is power, after all. :)
Forum Avatar
Syndri
#14 - June 12, 2010, 6:14 p.m.
Blizzard Post
Q u o t e:
Can I just get my answer as to why there wasn't a message at the login screen telling us of this Adobe security issue? I know it's our responsibility to keep our software updated, but a little notification would have saved us and yourselves a ton of time.


Those who moderate the Customer Service forum do not possess purview over what information is included in the Breaking News page, so I am unfortunately unable to discuss why a separate news is not currently available. I can say, however, that this information is still posted both in this forum, in General Discusion, and on both the Warcraft Facebook and Twitter pages.
Forum Avatar
Syndri
#29 - June 12, 2010, 8:49 p.m.
Blizzard Post
Hey Stedman, I recently addressed some of your other questions in another thread: http://forums.worldofwarcraft.com/thread.html?topicId=25399740555&sid=1&pageNo=1#11

Just making sure you didn't miss it!