Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

My brother is hacked again?

Forum Avatar
Luckybob
#0 - June 12, 2010, 6:46 p.m.
Blizzard Post
Seriously how is this possible?

I was trying to play World of Warcraft with my brother today, and he tells me he could not log in to his account. He does not tell the password to anyone. Even i do NOT know his password. We never fall for phishing attempts by email because we can see the original email that it was sent from. If we get an official looking email we will go into the message options and see the actual senders email.

He did NOTHING wrong to get his account locked. I can only blame blizzard on this one...


$15 a month and he cannot play with me because blizzard is failing on their security. Now he is trying hard to reach someone from blizzard on the phone to fix his account. So far he has to constantly redial(probably because everyone is getting hacked and blizzard has their hands full).
Forum Avatar
Syndri
#35 - June 12, 2010, 8:07 p.m.
Blizzard Post
I would like to assure you that Battle.net has not been compromised, Luckybob. Since you're not sure how your brother's account was compromised a second time, though, I have a few questions for you about his account's security. Nothing major, but these questions should give you some food for thought and/or point you in a direction you hadn't yet considered:

    1) Is your scanning software running on the latest version? The programs you've used thus far to scan your system should have a button, tab, or drop-down option that will check for and then install any available updates. If you haven't used this option recently, please go ahead and do so now. Sometimes, if a certain scanning program isn't updated, it may miss specific, newer threats. (Also, be sure to have the World of Warcraft client open and gibberish typed into the account name and password entry fields. Unfortunately, there are some forms of malware that cannot be detected unless this criteria is met.)

    2) Is your brother's operating system up-to-date? Similarly, are all of his browser plugins (like Adobe Flash Player) up-to-date, as well? The latter is very important to check, as running an un-updated version of some plugins can lead to vulnerabilities in your system's security. For example: http://forums.worldofwarcraft.com/thread.html?topicId=25170612629&sid=1

    3) Does your brother ever access (or has he ever accessed) his account from a different computer? If so, could that computer perhaps be at risk? Remember that you will need to examine all computers from which your brother logged into the game client, the World of Warcraft forums, and/or Battle.net Account Management. All three of these locations require an account name and password.

    4) Does your brother use his account name and/or password as his login for any other website? Perhaps a networking site like Facebook or Twitter or MySpace? Or a guild website? If so, this could have lead to his second compromise.

    5) On a similar note, is his registered email address publicly available? A quick way to check is to plug in his address into any online search engine. If the search returns results, then it's probably a good idea for him to update that piece of his contact information. Instead of simply using a different email address, though, my advice would be to set up a completely new address. When creating this new address, make sure that the username and password are unique. Don't use a username (e.g. character name, IM screen name, profile tag) or password that your brother already uses online.

    On a similar note, if your brother's email address has not been updated since your his account's first compromise, that could have certainly caused the second compromise to occur. In many situations, a malicious party will compromise an email address in addition to a World of Warcraft account.

    6) Is it possible that your brother responded to a phishing email and gave out key account information? Or perhaps visited a malicious website and logged in? Unfortunately, some phishing emails and websites in circulation right now are very elaborate. I'm sure even the most diligent of users could be fooled if not paying total attention. It happens, you know?


Lastly, you might want to try using Combofix or Spybot - Search and Destroy. Players have noted success using these two scanning programs, so you may want to give them a whirl. Few more tips and tricks can be found here: http://us.blizzard.com/support/article/30794 :)



Edit:
Q u o t e:
If it's not blizzards fault, then it was not my fault. Some how they hacked my brother and i guess we will never know.


I would agree. The fault of the compromise lay solely on the shoulders of the malicious party. You and your brother, however, are empowered and ultimately responsible for looking at this situation as objectively as possible and doing what you can to ensure that is does not happen again. I'm here, as well as several other posters, to help you through that process.