There was a weird development on the keylogger front tonight, as Blizzard community managers Drokthul and Nethaera apparently got their accounts hacked and started posting keyloggers on the forums. And of course, because Blue posters are assumed to be trustworthy, many people clicked the links.
I personally thought the whole thing was a photoshop hoax until I read Tyren's comment, "Folks, we're definitely dealing with the issue at hand with the greatest amount of speed and care. We always appreciate our community's support when it comes to alerting us about key loggers on the forums and we hope you'll continue to do so. This is a good chance to remind our players to always check a URL before clicking on it." It sounds like Blizzard is taking this seriously. Eyonix later noted that he kind of enjoyed banning his coworkers.
Hopefully, this will help Blizzard finally do something about the keyloggers and hackers infesting this game. While I realize that it's our own responsibility to keep from getting hacked, if two Blizzard employees can get logged, it can happen to just about anyone. I clicked a keylogger link once myself, back before they became so common on the forums, but my antivirus program caught it before it could do any harm.
As Eliah posted, Blizzard is considering disabling links on the forums. While this may cause many to miss the many new "hot sex girls" and "Ashbringr secrits" that are posted on the forum daily, it may be a risk we'll have to take.
Subscribe
Reader Comments (Page 1 of 2)
6-12-2007 @ 10:16PM
Kurimu said...
That's too rich...
Blizzard, Blizzard, Blizzard...
If they do end up blocking links entirely, I'll be sad. I don't see an all-around block helping tons (although people might actually think about where they're surfing to if they need to copy-paste), but rather it's time to instate some kind of pre-viewer of websites to scan a page for viruses, trojans, and other background badness before the user's browser loads the webpage.
It's a touchy subject, this keylogging problem. Going too far with protection will anger the forum user base, but being too lax will get people hacked and put a heavier load on the GMs. What to do?
Reply
6-12-2007 @ 10:35PM
Sockninja said...
lawl, another reason i never click on anything if i dont know what it is...
Reply
6-12-2007 @ 11:32PM
Savok said...
Well thank christ is all I can say. Now it's finally bitten Blizzard on the ass maybe they'll start doing something about it instead of just pretending.
Reply
6-12-2007 @ 11:46PM
Joshua Ochs said...
Or, just use a platform that's not susceptible to this...
Or avoid the WoW forums. =D
Reply
6-13-2007 @ 12:16AM
Os said...
Ya know, part of me thinks it is just Blizz testing the keyloggers to see how they work.
I mean, c'mon, they can't be THAT ignorant :P
Reply
6-13-2007 @ 12:18AM
BlizzardIsSoLame said...
ROFLMAO -- Blizzard Community people gets hacked? That's too freaking funny!! Blue (im)Posters!?!??! And of course, what does Blizzard do, they take the sledge hammer approach!
That's so like them -- instead of checking if they're out of gas when their cars stop running, they just haul them to the junkyard and turn them into metal cubes and declare them worthless! Much like themselves...
Reply
6-13-2007 @ 12:39AM
Kyrra said...
All Blizzard CMs should post using Macs rather than PCs. Though Macs could just as easily be hacked, no one targets them. :)
Reply
6-13-2007 @ 1:11AM
BradFoSho said...
What people CAN do is goto google, search the website and then click Cached under the description. It will bring up a screenshot of said page!
Reply
6-13-2007 @ 1:25AM
IKT said...
wow
Reply
6-13-2007 @ 2:00AM
Halin said...
I clicked on the one that Neth posted just randomly because it was the only blue post I saw up at the time I was on the forums. It was a link to a youtube video where they parellel the in game dances to the real life dances.
If I get a keylogger from that it will be so not cool.
Reply
6-13-2007 @ 2:22AM
john said...
there is one simple solution for this.
JUST MAKE EVERY ACCOUNT DO AN IP CHECK .
i mean most peeps play from the same adress all the time.
if not they just login on the site request another ip added from where they want to play.
blizz send them a message to the regged email adress to confirm.
if they now want to hack your account they have to hack your whole pc.
Reply
6-13-2007 @ 3:33AM
Patrick Schriner said...
Email to the registered adress on password change - that´s by far the best and most common approach to such problems.
Without the password change an account hack is almost worthless.
Reply
6-13-2007 @ 5:44AM
Bresh said...
I could care less if they totally did away with links in the forums. Honestly, what would you lose? 2-click access to a rickroll or keylogger (1 click to hit the link, 1 click to hit "proceed" on their interceptor).
As for angering the forums userbase... Is that really an issue? Nothing will ever please that group of bottom-feeders. And honestly, it would affect a *very* small portion of the WoW population. Forum users fail to realize they are the extremely vocal minority in almost any community. So if it pisses off the forum users, it's only because they're not seeing the instant benefit: slowing down the spread of keyloggers. Which, granted, isn't nearly as big of a problem as it's made out to be.
... Although hearing that two of the CM's got hit with em tends to make me lose even more faith in humanity, as it pertains to WoW. Next we'll hear about GM's, possibly even Dev's getting hit with em. At which point... well... use your imagination.
Reply
6-13-2007 @ 5:45AM
Senior Coconut said...
Use a Mac. Seriously, now that they can boot XP, theres no reason not to just get one to avoid a chance of getting something like a keylogger. when you're done playing WoW, switch back to XP.
Reply
6-13-2007 @ 6:00AM
Savok said...
@11
Some of us have dynamic IPs, especially in countries that aren't America.
Now a country of origin check, that might be more helpful. Granted it'll annoy the travelers, but Blizzard seems to ban them anyway, avoiding that with email checks would be a nicer alternative.
Reply
6-13-2007 @ 6:22AM
john said...
yeh but if you get a mail where you are asked if you change your pasword. and you didnt i think the hacker already have you login en already cleaned out your account?
maybe an option so you can choose for an ip check if you want or an mac code or whatever its savest way and easiest .
or maybe an electronic fingerprint file on your pc so that when you login and you dont have the fingerprint file you cant login. (in case you lose the file you can ask for new one and it wil be send to your email adress.) so hackers just dont get to log on your account just an idea .
btw a tip would be remembering your login name on login screen (option in lowerleft corner) and only type pasword so when they even log your keys they only have the pass but they dont know wich acount it belongs to so they cant login either.
Reply
6-13-2007 @ 7:35AM
KeyloggersAre4Idiots said...
Only idiots get keyloggers or other hacker programs installed on their systems. Ergo, Blizzard employees are, well, you get the point...
Once again, it's all the freaking democrats in the crowd making rules to save people from ther hapless selves -- let the people be, it's survival of the fittest (or the smartest, in this case). If you're stupid, you deserved it!
Reply
6-13-2007 @ 8:23AM
Tool said...
Oh how I love thy noscript.
Reply
6-13-2007 @ 10:00AM
homant said...
Hah! I love those sex girl links, I click on them on my iMac and get to keep my account :)
-Gritz
Reply
6-13-2007 @ 10:20AM
Ear21 said...
As far as I know the majority of WoW players had problems with keyloggers before, so I deem this time, after they assumed the measures and installed anti-keyloggers, keyloggers were unable to damage their systems. But it is funny to find out that Blizzard community managers haven't done that, maybe they should visit something like http://anti-keylogger.org now and finally protect their PCs ?:)
Reply