I suspect my computer's recived one of these nasty little blighters, though neither Spybot Search and Destroy or my Symantec Antivirus (corporate edition) has been able to find it. Is there any better program to hunt these things down and remove them?

I suspect my computer's recived one of these nasty little blighters, though neither Spybot Search and Destroy or my Symantec Antivirus (corporate edition) has been able to find it. Is there any better program to hunt these things down and remove them?

Well firstly, what makes you think you have one if two different programs came up negative?

My WoW account got hacked and its password was changed, which..there's no way that I can think of that happening without a key logger or another virus. I could be vastly mistake, I'm sadly not very tech savvy, but thats what Blizzard Support said was probably the case.

My WoW account got hacked and its password was changed, which..there's no way that I can think of that happening without a key logger or another virus. I could be vastly mistake, I'm sadly not very tech savvy, but thats what Blizzard Support said was probably the case.

Well without disparaging you or them, CS types will often try to give this reason to avoid directly implying it was your fault.

Have you logged into your WoW account anywhere else? Do you use the same password for anything else (particularly if it's WoW related)?

Nope, just my home computer, and no I use the WoW password just for WoW and the account because its required

As for it being my fault...well, I mean thats the only real option there is. But I can't for the life of me think of a single website I've logged on to that I haven't a thousand times before, since I really only log the WoW main site, this one, my e-mail and my bank site.

Edit: And, before its asked. No, my WoW information is not stored anywhere other then having to be placed in the game or the account fields. I did not share it with anyone over the internet or phone. I'm the only one with the information.

Both my virus scan and Spybot came up with absolutly zil as far as infected files, though that dosn't always mean anything.

Was your password simple enough to have been brute force guessed?

In any case, you have changed your password to something new now, and not back to your old one?

I find that if I need a truly random password, one that I'll only use in a specific place like in front of my computer at home, I use a bunch of D10s to generate a random sequence and write that down in a book next to my computer.

Was your password simple enough to have been brute force guessed?

In any case, you have changed your password to something new now, and not back to your old one?

I find that if I need a truly random password, one that I'll only use in a specific place like in front of my computer at home, I use a bunch of D10s to generate a random sequence and write that down in a book next to my computer.

Surely D10s only produce numerical characters?

I personally like to use nice, sesquipedalian word rich sentences (with deliberate grammatical errors). Sufficiently hard to guess, sufficiently easy to remember.

Algorithms, Algorithms, Algorithms. I have a sentence for each website I visit, and then I have my own algorithm to convert it into a password. Then, I can write the sentence anywhere and have my passwords "in plain view", as it were. It might take a little while to memorize your algorithm, but once you have and you don't tell anyone, your passwords are pretty safe, and seemingly random.

As an example:
Algorithm - Take the first vowel of the first word. The consonant after it is the first character of my password. After that is the number of letters in that word, then the number of words in the sentence. Then, starting from the back, take the final letter of the word, the penultimate letter in the word, the 3rd to final letter in the word, and so on so forth, skipping words such as to or and, until the word has no more letters or I reach the beginning of the sentence.

What I write down:

Giantitp.com - Wizards have been known to cause many disasters.

What I know is the password, but others don't:

z78snun
Sounds random, doesn't it?

(As a note, this is NOT my personal algorithm, so no luck if you try to steal my accounts)

For some more practical help in determining if you have a virus or not: download Malwarebytes, install it, then restart into safe mode and run a scan using both it and spybot. If nothing turns up then odds are you don't have a virus.

Ya, the password's been changed, nothing else seems to have been bit, though I changed the passwords for everything else as well.

Well, in the mean time, a tip. Keystroke loggers only work if you type your passwords in in order. Move around the password with the mouse adding bit by bit including redundant letters and numbers while also moving around and deleting them.

I suspect that the rash of things like this is what prompted Blizzard to start offering their token generator login things (I can't remember what they're called right now). One of our guild officers was recently hacked and we had all four pages of our guild bank emptied and auctioned off. It lead to a new guild policy - No login token, no bank access. Period.

Ya, at least on the EU main site they've got a big warning that attacks have been on the rise. So far, everything's safe. So here's to hoping.

They're getting crazy, too. Every day I get at least two whispers giving me one reason or another that I should log in to this "official" Blizzard site for something. Once it was to get a rare white tiger pet. Several times it was because "Blizzard has scanned your account and found it hacked. Go to <website> and sign in or your account will be locked out in one hour." Half of them don't have any grasp of grammar, spelling, or punctuation.

What's funny is that right when you log in, there's a big yellow official server message saying "The phishers are being very bold and aggressive lately. Don't sign in to any website that is not the official one with your credentials."

It's like the picture of the guy hitch hiking underneath a sign that says "Hitch hikers may be escaped convicts." :smallcool:

I suspect that the rash of things like this is what prompted Blizzard to start offering their token generator login things (I can't remember what they're called right now). One of our guild officers was recently hacked and we had all four pages of our guild bank emptied and auctioned off. It lead to a new guild policy - No login token, no bank access. Period.

they don't do help. no less than 5 people i know irl were hacked and had one of those.

they don't do help. no less than 5 people i know irl were hacked and had one of those.No kidding? How? I mean, it's not like you can just guess the numbers and get it to work. Barring some very sophisticated software, it seems very unlikely that someone would be able to hack an account tied to one of these without having it in their hands to get the generated key. Granted, I don't know the specifics of how Blizzard's works (I don't have one myself) but I have two similar token generators that I have to use regularly for work and, well, let's just say that work doesn't take security lightly.

EDIT: You've prompted me to do some menial research and I found this.
http://www.hackinthebox.org/index.php?name=News&file=article&sid=35263

Looks like Blizz's don't work quite the same way as the work ones do. If I were to mistype my token when logging in, that number can't be used again. I have to wait for a new one to be generated before I could try again.

They're getting crazy, too. Every day I get at least two whispers giving me one reason or another that I should log in to this "official" Blizzard site for something. Once it was to get a rare white tiger pet. Several times it was because "Blizzard has scanned your account and found it hacked. Go to <website> and sign in or your account will be locked out in one hour." Half of them don't have any grasp of grammar, spelling, or punctuation.

What's funny is that right when you log in, there's a big yellow official server message saying "The phishers are being very bold and aggressive lately. Don't sign in to any website that is not the official one with your credentials."

It's like the picture of the guy hitch hiking underneath a sign that says "Hitch hikers may be escaped convicts." :smallcool:

I've gotten tons of e-mails about my "World of Warcraft" account and that I need to log in to do something about it.

The best part, I don't have a WoW account. They are pretty much e-mailing people at random now.

Honestly though, before blaming a hacker, think if you gave account info to an online "friend". It isn't unheard of for something to exploit another's trust in MMOs and steal a friend's in-game stuff.

Sucks, Innis :smallfrown:.

I remember hearing on G4TV's The Feed, that there was some sort of malware that was going around, that could be sent and downloaded in game without consent, under the nose of your anti-virus programs. However, Blizzard fixed this with in days of it's unveiling...

...However I wouldn't overlook the possibility of someone making a new virus on the same principle.

Were you particularly renown/powerful or hated/loved on your server? Can you think of anyone that would hack you?

Disclaimer: I can't find the article now, so I could totally have imagined this in a lucid dream or something, but I'm almost sure it was reported :smalleek:.

Sucks, Innis :smallfrown:.

I remember hearing on G4TV's The Feed, that there was some sort of malware that was going around, that could be sent and downloaded in game without consent, under the nose of your anti-virus programs. However, Blizzard fixed this with in days of it's unveiling...

...However I wouldn't overlook the possibility of someone making a new virus on the same principle.

Were you particularly renown/powerful or hated/loved on your server? Can you think of anyone that would hack you?

Disclaimer: I can't find the article now, so I could totally have imagined this in a lucid dream or something, but I'm almost sure it was reported :smalleek:.

Naw, not well known and I like it that way. Seems the problem's been fixed. I think I might know where the attack came from, so hopefully my intuition is right. I contacted Blizzard EU with the information, so lets hope they get the suckers.

Hope it all works out for ya. From what I've seen Blizz has been pretty good at making up for losses once you let them know what happened.