On all the unauthorized authenicator hacks

Q u o t e:
My account just got hacked today. Cool right? It's certainly a little odd that almost everyone that didn't pay for an authenticator is getting hacked, or will soon enough. My friends account got hacked just the other day, and I didn't think much of it until I try to log in this morning and... whaddya know.

Anyone have any information on what's causing all of this? It has become an epidemic, and all we get from big blue is "be safe" or "Buy an Authenticator! =D".

Actually, while I recognize the stress and frustration that being compromised can cause, hyperbole and spurious claims don't help.

So, first step, please try to remain calm. Next step is to leave the conspiracies at the door. The implication that all non-authenticator protected accounts will be compromised is more than faintly ridiculous. While we encourage use of the Authenticator since it's a potent additional layer of security (and a Mobile Authenticator is either free of charge or extremely inexpensive), we also engage in other efforts to help ensure the security of player accounts, and we provide guidance and information on how our players can secure their accounts.

Actually, I do have a little information on what is causing this. The two main culprits for account compromise scenarios are phishing and keyloggers. As players get more savvy and employ better security measures, phishing seems to have been taking the fore a bit. After all, it doesn't matter how good one's malware scans are, if one simply hands over the information that they are trying to protect. Phishing has become quite sophisticated; emails disguise malicious phishing sites behind legitimate looking links, they purchase the sponsored links section of major search providers to post spoof phishing sites which appear like legitimate sites, and in-game mail and whispers make promises which lure in the incautious.

The spyware that has been developed is no less cunning, and when running scans it's important to have your World of Warcraft client open and with gibberish typed into the login and password fields, since some keyloggers will 'hide' until certain conditions are fulfilled. Using the right malware and spyware scans is also key - some popular and common virus scanning programs may not pick up spyware at all.

Is it so ridiculous to think that players that know one another might be compromised near the same time? Perhaps you both were sent the same tempting (and spurious) Cataclysm beta phishing message, or frequent the same sites, or perhaps downloaded the same applications.

Please have a look at our sticky regarding account security and compromised account recovery, as it will help you navigate this process:

Account Hacked? Security Issue? Look Here!
http://forums.worldofwarcraft.com/thread.html?topicId=24702231244&sid=1

While no restoration is guaranteed, I'm sure that our staff will be happy to help you achieve as complete a recovery as possible.

Q u o t e:

I'm tired of seeing this. I just want people to realize that while yes it is technically possible to be hacked with an authenticator that it's a VERY VERY low chance of this happening. If they simply get the code you type then it's not possible because as soon as you type that code to login then the same code cannot be used again.

I happen to agree. While this did indeed occur, it was extremely rare to begin with. It has become vanishingly rare since then. For more information on the alert we sent, please refer to our post on the subject:

http://forums.worldofwarcraft.com/thread.html?topicId=23425467207&sid=1

If one uses comprehensive and effective malware protection in conjunction with their Authenticator, rather than relying exclusively on the Authenticator for protection, then that hugely reduces the risks of ever being the target of such an attack, and largely eliminates the chances of such an attack being successful.