The new ParentDish: helping raise kids of all ages
Posts with tag hack

Wowhead and other sites are having trouble with ad banner trojans

Posted Mar 10th 2008 3:50PM by Daniel Whitcomb
Filed under: Bugs, News items

You'll want to be a bit more cautious when looking up information on the game today. World of Raids reports that an unknown ad banner appearing on Wowhead, Thottbot, and Allakhazam has an embedded keylogger trojan. You don't even need to click on the banner, apparently, simply mousing over it will be enough. Wowhead says that all they know for sure is that it originates from "ad.yieldmanager.com", and will produce a redirect to "xpantivirus.com." They're working at isolating it.

The issue is known, and all parties involved are tracking it down, so it should hopefully be resolved soon. In the meantime, if you're looking for a quick way to protect yourself, I would follow the recommendation of World of Raids, and try out the Firefox web browser and the No Script extension. As long as you keep the scripts blocked, it should prevent the banner in question from forcing itself on you. This should also provide you with some protection if you accidentally click on the wrong link elsewhere, such as on the WoW general forums.

Edit: Apparently, the virus in question is not an actual keylogger, but it still does a number on your system, which is reason enough to try to avoid it.

Gold sellers hold account hostage

Posted Mar 8th 2008 11:00AM by Adam Holisky
Filed under: Virtual selves, News items, Economy, Making money, Rumors

We all deal with them. Their annoying spam, their flooding of the general channels. Those gold sellers deserve the kiss of death. Wouldn't it be nice if their industry just went and slept with the fishes?

In a tactic that even Don Corleone himself would be angry at, gold sellers have sunken to a new low. John M. wrote in to tell us the tale of a fellow guild mate who fell under the gaze of a gold seller who took his account hostage, demanding payment from his guild. Sit back, open up a new window with this Godfather music, and read on after the break.

I'm gonna make you an offer you can't refuse.

Continue reading Gold sellers hold account hostage

GoDaddy invades WoW Armory

Posted Mar 2nd 2008 2:08PM by Adam Holisky
Filed under: Blizzard, News items


In one of the most bizarre things I've seen happen to the World of Warcraft in my three years playing, the WoW Armory site today is pointing to a generic GoDaddy.com domain parking page. The screenshot above was taken at 1:08 p.m. CST on March 2nd, 2008. WoW Insider has received numerous reports of this. It seems to be a DNS related issue. The domain name wowarmory.com expires today, and it appears as if a registrant has grabbed the wowarmory.com domain name as soon as it expired.

DNS entries for blizzard.com and worldofwarcraft.com point to cerf.net, while the DNS servers for wowarmory.com are currently pointing to domaincontrol.com. While some of you might be seeing wowarmory.com work correctly, others are not. The ISPs of people who are seeing it work have not had their DNS records updated yet, however within the next 48 hours they will see wowarmoy.com go down as well; unless Blizzard fixes this before then (I am sure they are already aware, or becoming aware of it).

Stay tuned to WoW Insider for the latest on this story.

Thanks to Matthew Rossi and his wife for contributing to the technical sleuthing in this post.

Updated 2:34 p.m. EST: You can access the armory using a sub-domain of worldofwarcraft.com by going to http://armory.worldofwarcraft.com/

Updated 3:03 p.m. EST: http://www.wowarmory.com/ is now working again. It looks like Blizzard really jumped on the issue and fixed it.

Your Christmas gift could be hacking your WoW account

Posted Feb 17th 2008 2:30AM by Daniel Whitcomb
Filed under: Bugs, News items, Economy, Hardware


Hackers seem to be trying more and more ways to get legitimate accounts out of players hands and working to steal and farm more gold, but if you think they've had some sneaky schemes in the past, you ain't seen nothing yet. Our colleagues at Massively have a story that's both amazing and disturbing at the same time.

A lot of geeks found a digital photo frame under the tree this year. Seems like a good idea, I'm sure a lot of us have a pretty large collection of digital photographs stored on memory cards and flash drives that we just haven't quite gotten around to printing for display.

Unfortunately, certain frames sold at Best Buy, Target, Costco and Sam's Club come with an extra undocumented feature, in that they have a nasty little bug that's being dubbed Mocmex. The bug can burrow its way into your computer, latch itself in, and sniff out account information. It doesn't seem to affect Linux or Macs, at least not in its current form, but right now there doesn't seem to be a single manufacturer or frame type that's infected, so the origin of the bug hasn't been nailed down.

If you think you've got one of the infected picture frames, Massively recommends contacting the SANS institute and calling the store where the frame was purchased. You can check their story for the contact information.

The upside of this, I suppose, is that if the farmers are starting to branch into using peripherals to steal our accounts, they may be getting pretty desperate. The downside is, when we have people who practice safe web browsing and keep a clean computer getting bitten, like our Amanda Dean for example, we could be in some trouble. With any luck, all the major virus programs will have a cure for Mocmex and programs like it soon. In the meantime, it looks like we'll have to be extra careful about what we install on our computers, and make sure our anti-virus programs and firewalls are up to date.

Breakfast Topic: Hacked

Posted Feb 15th 2008 8:00AM by Amanda Dean
Filed under: Odds and ends, Blizzard, Breakfast topics

My first post on WoW Insider was about a friend of mine being hacked, this time it's about me. I woke yesterday and tried to copy a character over to the public test realm as I've been doing often lately. I got a password error. I tried to log into my account- same thing. My email had this happy little surprise for me:

Hello Amanda,

The character transfers listed below have been completed as of 2/14/2008. The character[s] listed will now appear in the new location and/or account selected and are immediately available for play!

- <character> - Level 70 Tauren Shaman - now on realm: Blade's Edge.

Continue reading Breakfast Topic: Hacked

Oh Noes!!!1!1!1one: I've been hax0red!

Posted Feb 5th 2008 5:30PM by Amanda Dean
Filed under: Analysis / Opinion, Odds and ends, WoW Rookie, Forums

On Saturday night I noticed a guildie acting strangely. He kept switching between characters and wouldn't respond to tells from even his closest friends in the guild. Concerned about him, we gave him a call... on the phone, to see what was up. You guessed it, he was nowhere near his computer at the time. He went to log in and found his password was changed. Unfortunately, he had also forgotten the correct response to his secret question "What is your favorite activity?"

The hacker kept running in and out of the Shadow Labyrinth. I checked the customer service forums and found that this was common behavior among hackers. Either there is an exploit in that instance, or hackers just really enjoy hanging out with Blackheart the Inciter. I'm leaning toward the latter.

Continue reading Oh Noes!!!1!1!1one: I've been hax0red!

Armory changes URLs

Posted Aug 22nd 2007 2:37PM by Mike Schramm
Filed under: Tips, Odds and ends, Blizzard


Just a quick note: the Armory, which used to be located at armory.worldofwarcraft.com (and still is, actually), can now be found at wowarmory.com. Neth confirms that it's not a bug or a hack or a spammer or anything-- apparently Blizzard just wanted to simplify the URL.

Well, that, and "wowarmory.com" is a lot closer to "wowinsider.com." And we all know that's what you think of when you want to find your favorite information about World of Warcraft, right?

Hello! Are you a farmbot?

Posted Apr 25th 2007 5:36PM by Elizabeth Harper
Filed under: Analysis / Opinion, Cheats


I've run in to more than a few farmbots in my day -- often in Winterspring, while farming Timbermaw reputation. The furbolg you had to kill to gain favor with the Timbermaw also happened to drop good coin and runecloth, making them lucrative targets for farmers. The bots (characters controlled by a computer program of some sort rather than a human being) were always easy to spot. They'd follow a set circuit around the area, taking down targets one at a time. When the area was empty, they would return to a spot near its center and spin around in circles until they managed to target a fresh spawn -- and then they'd begin running an identical circuit. Depending on the particular farmbot, sometimes I could game their system and let them farm reputation for me. See they've targeted something? Assist them and use an instant attack to tap it before they can -- back when I was doing my reputation farming, the farmbots didn't have seem the intelligence to notice if something had been tapped after they've targeted it and sent in their pet to attack. (They were, of course, always hunters.) A real person would certainly be annoyed by this behavior, but the farmbots would simply continue their cycle.

However, a post up on Kinless' Chronicles makes me wonder if the farmbots have managed to get smarter. Kinless noticed an orc hunter constantly (from 4AM to 4PM, server time) mining thorium in the Eastern Plaguelands. That information alone simply screams farmbot to me, but there's more to the story that makes me wonder. On one encounter with this suspicious hunter, Kinless decided to follow him along his farming route. The hunter dismounted in Hearthglen and started to fight the elite guards there. Figuring that anything worth this much effort to an obvious bot must be wealth indeed, Kinless ventured inside to see what was there. And inside? He found not a single thorium vein and he barely made it out alive. But in his chat box, our friendly farmer was kind enough to wave him farewell before mounting up and leaving. Kinless explains the quandary:

This is a live player, with brains, who does nothing but farm mineral nodes across Azeroth. (I later noted him in the Barrens, Winterspring, Burning Steppes.) He does nothing but farm, and plays round the clock, and does not own the expansion. He's certainly not funding a main, or a twink, since he's got no time. And it's a live player since he played that little trick on me.

This isn't possibly an entertaining way to play the game, so what's happening here? Is it an improved intelligence bot? (Now with new player-baiting technology!) Or are we seeing live players out farming for real world profits? Unless we can get them to start answering whispers, we may never find out.

Guildportal, keyloggers, and you

Posted Apr 7th 2007 2:31PM by Elizabeth Harper
Filed under: Analysis / Opinion, Blizzard

In the past week, you may have noticed an increase in complaints about hacked accounts on the forums. Why? Well, the popular guild-hosting website Guildportal was hacked -- hackers added a bit of code exploiting an old Internet Explorer vulnerability (Microsoft had a patch available six months ago) to install a keylogger on visitors' systems. It was a brilliant move by the hackers, who managed to tap into a site visited by a massive number of WoW players -- the perfect place to steal account information. But I can't say it was very good for some of Guildportal's users, who logged on to World of Warcraft to find their characters completely naked next to an unfamiliar mailbox.

However, this entire affair was very preventable. First off, Guildportal itself had a vulnerability that allowed hackers to insert the exploit that installed the keylogger. And then in order for the keylogger to be installed, individuals visiting Guildportal had to be running a version of Internet Explorer that was 6 months out of date.

Guildportal has taken steps to prevent this from happening again, by patching their systems and banning traffic from China, where the hack attack originated from. (According to Guildportal's response as reported on the forums and a commenter on Madness and Games identifying himself as Aaron Lewis of Guildportal.) But have you taken steps? In Blizzard's post on the subject, they point out Microsoft Security Bulletin MS06-055, released by Microsoft on September 26th, 2006. You can stop many potential keylogger threats by simply visiting Windows Update to download patches regularly -- or, even easier, enabling Windows' Automatic Update feature. Either option would have resulted in your computer being protected from this vulnerability well before now.

Think your account has been compromised? GM Kaone offers some good instructions on how to rid your computer of keyloggers (it's a lengthy post but very informative) and then points you to their billing support department for account recovery. (Yes, it is important to get rid of the keylogger before having your account restored -- otherwise you'll end up right back where you started!) But be prepared for a wait -- the account recovery process isn't always fast.

See Guildportal's full response to its users after the jump.

Other recent security advisories:
Beware the cursor hack
Keep keyloggers away: New Microsoft hotfix available
More security warnings from Blizzard
Blizzard reminds us to be careful of keyloggers

[Via PlayNoEvil, with thanks to robodex for the forums link]

Continue reading Guildportal, keyloggers, and you

Beware the cursor hack

Posted Apr 5th 2007 7:14PM by Eliah Hecht
Filed under: Patches, Odds and ends, News items

Apparently there is a flaw in the way windows handles animated cursors that could enable people to hack into your WoW account. Now I'm not sure why anyone would want an animated cursor in the first place, but de gustibus non est disputandum. It seems that malicious cursor sites can install arbitrary code on your computer along with the cursor, where it sometimes lies in waiting until you log in to WoW. At this point it pounces, records your login info, and sends it back to the hacking group responsible.

The good news is Microsoft already has a patch out to fix this vulnerability (released on April 3rd), so go download it (auto-update will get it) and you should be safe. One interesting factoid in the BBC article on this flaw is that the value of a WoW account is now greater than the value of a credit card, at $10 and $6 respectively. What's so useful about the average WoW account that it's worth $10 on the open market?

Update: You can find the download link for Microsoft's patch in our previous article on this vulnerability. Please download the patch if you have not already.

[via MMORPGDot]

The teleport hack issue (or server synchronization and you)

Posted Apr 2nd 2007 4:38PM by Elizabeth Harper
Filed under: Cheats, Bugs, Blizzard, PvP


"Teleporting" all over the map isn't just for hackers these days -- an issue with the way Blizzard synchronizes data between the servers and the clients allows anyone to mysteriously jump from place to place without the use of any third party software. I'm sure we've all been in groups where we see someone start to run forward and then continue running forward, right through a pack of mobs and into another and another... there's a moment of panic before you realize that, oh, they've just gotten disconnected, and none of those mobs noticed him at all.

What's happening is that Blizzard's servers know the person is disconnected (they're no longer synchronized with the server) and hasn't actually moved -- but on everyone else's screens, the character continues to do exactly what it had been doing previously. The purpose here is to keep the game running as smoothly as possible in a world of imperfect network connections. When someone experiences a lag spike and is de-synched from the server, Blizzard made the decision that they wanted game performance to look smooth to the rest of the players in the area -- so instead of freezing the de-synched player in place, the de-synched player continues doing just what they were doing before (at least on other player's screens). When the player re-synchs with the servers (he's no longer lagging, or he reconnects after a disconnect), Blizzard takes the client's data as the most accurate interpretation of events -- meaning that even while lagged, you can continue to play and issue commands as usual. (In this sort of system, you may not even notice lag unless it's quite extreme.) When you re-synch with the servers, Blizzard accepts what you were doing and synchronizes the game world to that. And for the most part this is entirely invisible to players, except for those few times when a lag spike turns into a longer disconnect.

Continue reading The teleport hack issue (or server synchronization and you)

WoW + Wii = WiiCraft

Posted Dec 20th 2006 10:12AM by Mike Schramm
Filed under: How-tos, Fan stuff, Odds and ends

Now this is interesting. Take your Nintendo Wii remote, hook it up to your mac via a free program called DarwiinRemote, and run World of Warcraft. If you're wishing for Warcraft on the Wii, you've... kind of... got it.



He says you can also do this with a free Windows program (that should be Wiindows, actually), but as he shows, I still think it's more of a novelty than an actual control scheme-- he doesn't answer the question of how to actually talk to anyone, and I doubt that by moving the little remote to click all your spells that you can actually get anything done quickly, but for grinding it might be OK. But even as a novelty, it's a pretty nice, extremely easy little hack. Nice job, Wiicast guy.

[ His name, we believe, is Pooch. Thanks, Pooch! ]

59,000 More Accounts Closed

Posted Jul 25th 2006 11:15PM by Elizabeth Harper
Filed under: Cheats, News items, Economy

In their continued effort to rid Azeroth of hackers and gold farmers, Eyonix announced this evening that 59,000 accounts were closed during the month of June for terms of use violations. Have you seen anyone behaving suspiciously on your server? An account that's being controlled by a bot isn't too difficult to spot if you spend a bit of time paying attention - and Blizzard investigates all reports. So if you suspect such behavior, report it to a GM, and help the community be rid of the annoyance of hackers and bot farmers.


RESOURCES

Class Columns
Pimp My Profile (1)
(Druid) Shifting Perspectives (40)
(Hunter) Big Red Kitty (33)
(Hunter) Scattered Shots (14)
(Mage) Arcane Brilliance (35)
(Paladin) The Light and How to Swing It (47)
(Priest) Spiritual Guidance (20)
(Rogue) Encrypted Text (33)
(Shaman) Totem Talk (44)
(Warlock) Blood Pact (26)
(Warrior) The Care and Feeding of Warriors (48)
Gameplay
(Arena PvP) Blood Sport (22)
(BG PvP) The Art of War(craft) (21)
(Casual) WoW, Casually (17)
(Engineering) Hoof and Horn Research and Development (17)
(Guild Leadership) Officers' Quarters (55)
(Professions) Insider Trader (56)
(Raid Healing) Raid Rx (17)
(Raiding) Raiding 101 (2)
(Raiding) Ready Check (19)
(Roleplaying) All the World's a Stage (36)
Hybrid Theory (13)
AddOns and UI
AddOn Spotlight (79)
Macro Anatomy (12)
Reader UI of the Week (25)
Reader WoWspace of the week (28)
The Creamy GUI Center (11)
Lore and Stories
Around Azeroth (472)
Barrens Chat (2)
Know your Lore (51)
Tales from the Lion's Pride Inn (14)
WoW Moviewatch (466)
Features
15 Minutes of Fame (18)
About the Bloggers (24)
Ask WoW Insider (55)
Azeroth Security Advisor (1)
Back In The Day (3)
Breakfast topics (675)
Build Shop (34)
Gamers on the Street (19)
Guildwatch (76)
He Said She Said (4)
It came from the Blog (25)
Phat Loot Phriday (86)
Two Bosses Enter (61)
Well Fed Buff (22)
World of WarCrafts (19)
WoW Insider Show (52)
WoW Rookie (36)
[1.Local] (6)
Classes
Death Knight (54)
Druid (264)
Hunter (252)
Mage (156)
Paladin (266)
Priest (219)
Rogue (160)
Shaman (245)
Warlock (172)
Warrior (182)
News
Account Security (10)
AddOns (231)
Analysis / Opinion (2698)
Blizzard (1472)
BlizzCon (184)
Bugs (212)
Burning Crusade (358)
Contests (204)
Economy (183)
Events (366)
Expansions (562)
Fan stuff (821)
Features (606)
Forums (244)
Guilds (461)
Hardware (25)
Humor (723)
Interviews (136)
Lore (265)
Mounts (128)
News items (1403)
NPCs (186)
Odds and ends (1592)
Patches (1112)
Podcasting (73)
Ranking (50)
Realm News (274)
Realm Status (226)
RP (159)
Rumors (32)
Virtual selves (612)
WoW Insider Business (278)
WoW Social Conventions (135)
WoW TCG (49)
Wrath of the Lich King (262)
Strategy
Alts (85)
Arena (167)
Battlegrounds (104)
Bosses (311)
Buffs (114)
Cheats (67)
Classes (285)
Enchants (30)
Factions (146)
Guides (324)
How-tos (362)
Instances (614)
Items (791)
Leveling (246)
Making money (164)
PvP (692)
Quests (342)
Raiding (670)
Talents (120)
Tips (541)
Tricks (215)
Walkthroughs (74)
Media
Comics (63)
Fan art (34)
Galleries (136)
Machinima (541)
Podcasts (52)
Polls (55)
Screenshots (610)
Races
Alliance (103)
Draenei (61)
Dwarves (15)
Gnomes (39)
Human (15)
Night Elves (42)
Horde (102)
Blood Elves (68)
Orcs (25)
Tauren (42)
Trolls (22)
Undead (21)
Professions
Alchemy (75)
Blacksmithing (55)
Cooking (66)
Enchanting (71)
Engineering (106)
First Aid (16)
Fishing (57)
Herbalism (44)
Inscription (10)
Jewelcrafting (78)
Leatherworking (58)
Mining (42)
Skinning (27)
Tailoring (63)
Retired
Azeroth Interrupted (24)
World Wide WoW (8)
/silly (14)

RSS NEWSFEEDS

Powered by Blogsmith

    Featured Galleries

    Magisters' Terrace walkthrough
    Patch 2.4 Sunwell Isle
    Kil'jaeden loot
    It came from the Blog: Mother's Day Event
    It came from the Blog: Children's Week Gallery
    Children's Week: Stormwind
    Children's Week: Orgrimmar
    M'uru loot
    Children's Week: Dornaa's quests

     

    Most Commented On (30 days)

    Recent Comments

    Weblogs, Inc. Network

    Other Weblogs Inc. Network blogs you might be interested in:

    PS3 Fanboy
    WOW Insider
    Xbox 360 Fanboy
    Nintendo Wii Fanboy
    DS Fanboy
    PSP Fanboy