While the Incgamers malware problem is fixed, it looks like there's another malware flare up in the world of addons. The WoW Ace Updater, according to many users, may be passing off a trojan from an ad in the guise of an antivirus program. The program, called Winfixer, pops up in a window and (in some cases automatically) installs malware while claiming your computer is compromised and that you need to buy the full retail version to fix it. It can be detected and removed by Spybot Search and Destroy and Vundofix, and Symantec includes instructions on how to manually remove it here.

Wowace.com site owner Kaelten has disabled the ads on WoW Ace Updater completely for now, and is talking to his Ad provider to find out what went wrong and which ads might be causing problems.

This isn't the first time a popular WoW site has had trouble with trojans in ads, and unfortunately, it is unlikely to be the last. Kaelten seems to be on top of it, though, so hopefully he'll get to the bottom of these claims. Since the ads are currently disabled, the program itself should already be safe to use. If you're feeling a bit skittish, though, you can check out some of Sean's recommendations for other upgrade programs here.

I should note that, being a religious user of WoW Ace Updater myself (I run it at least a good 5 times a week), I just made sure to scan my computer with the aforementioned Spybot Search and Destroy as well as AVG Free Edition. According to those programs, It has a clean bill of health.

Yesterday, I reported to you that Google (via Stopbadware.org) had marked wowui.incgamers.com (which redirects to wowui.worldofwar.net) as a bad site. Today, the site is reported as clean according to the same report (you can check it out here).

Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning.

Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.

Here at WoW Insider, we've noticed an unusual and disturbing glut of people having trouble with being keylogged or otherwise hacked soon after installing new addons lately (which wouldn't be a surprise -- lots of people were grabbing addons after patch 2.4, so that makes them a likely route for attackers). While it's too early to make any definite connections, It seems like there's one new lead that's just popped up: popular addon site wowui.incgamers.com (not linked for obvious reasons) is apparently passing off bad files, according to reports from Stopbadware.org and other anonymous sources.

If you've been using the site for your addons, especially in the past week or so, it might be a good idea to exercise some caution and run your favorite anti-virus or anti-malware program. The site has already been in trouble recently with reports that their UICentral addon updater (now discontinued) was using copyrighted code, and now it looks like there's more trouble abrewing for them.

Update: Wowui.incgamers not infested with malware. Full story here.

Hackers are getting more and more brazen lately, hiding various trojans and keyloggers not only in random forum links, but in ad banners and even in electronic devices. Even common sense avoidance of suspicious links and websites doesn't always seem to work anymore. Luckily, there are other tools you can use, such as the Noscript extension for the Firefox browser. Lifehacker reported on a new one yesterday as well: Anti Keylogger Shield for Windows.

This freeware program purports to work not by blocking installation of keyloggers, but by preventing them from logging your keys once installed. Lifehacker tested it by loading a keylogger and reported that it seemed to work, at least in that case, as the keylogger's log file was completely empty.

Of course, you probably shouldn't just install this program and go off clicking strange links willy nilly, but it does look like it could be one more line of defense in the ever escalating battle to protect your computer and your account from those who would steal it. Plus, it's free, so that's even better.

[Thanks for the forward, DrDiesel!]

Recently we've had several posts about being hacked, guild banks assaulted, and Blizzard's typical response. The Customer Service Forum is filled with threads started by desperate World of Warcraft players seeking the return of their accounts and belongings as a gesture of goodwill. It is our responsibility to keep our accounts safe from hackers.

I speak from experience when I say that being hacked is just dreadful. Although it is usually possible to have your account returned, there is usually significant damage done in the process. In the past, even Blizzard employees have had their accounts compromised. This post is designed to help you do the best you can to protect your World of Warcraft investment.

Our Guild had been going downhill for a while now. At the beginning of the year, key officers and members, cornerstones of our raiding team, quit the game for one reason or another. Some of our members got hacked, just like WoW Insider's Amanda Dean. This took the wind out from under our sails, despite great success in Serpentshrine Cavern and Tempest Keep. As 2007 closed, I envisioned us taking down Vashj and Kael within the first quarter of 2008. I was stoked. There were good times when we'd take down two new bosses a week. Of course, Murphy's Law happens. While key team members quit the game, others took extended (sometimes unannounced) leaves of absence, and with diminishing raid attendance and obviously performance, other members looked elsewhere for better raiding opportunities. And when it rains, it pours.

A little over a week ago our Guild bank was robbed. It was cleaned out -- so empty I could almost imagine the sound of flies buzzing about -- well, okay, it wasn't that empty. On the third tab, the robber was kind enough to leave us ten stacks of Roasted Clefthooves. At first it struck me as odd because we had fixed our Guild permissions somewhat after our GM left the game to take a shot at a relationship and play with his Nintendo Wii. In what order exactly, I can't be sure. He passed the mantle off to one officer who passed it to another officer who later passed it on to me. So for a while, I was GM of a Guild that wasn't quite doing anything but waiting on people to come back to the game. So imagine my shock (more like anesthetized indifference, to be honest) when I was going to deposit items into the Guild bank only to find that it had nothing. Well, nothing but those clefthooves.

I use a Mac as my production machine. I don't want to get this too much into a Mac v. PC war, so lets just leave it with this: I find I am more productive with my workflows in OS X, and I have the added bonus of not worrying too much about what nasties are included in my downloads. I've been drinking Apple Kool-Aid from a sippy cup for over 10 years, so for me playing WoW on the Mac isn't some life-altering decision. My PC is nothing more than a game/media conversion console. But this whole hacking thing is making me think seriously of playing WoW on the Mac full-time. Sure, I've had WoW sessions of a decent length on my Mac, but not complete PC abstinence. In full disclosure mode, I've worked in IT for over ten years, and many of those years with a dotted-line relationship helping out our Security group. So, I've got a decent understanding of How Not Do Stupid Things On Your PC.

Back in my EverQuest days, we had "hacking" problems, but usually those could be traced back to someone doing stupid with his or her account: they used a powerleveling service or gave their password to a brother or guildie who then did something bad. With WoW, though, it seems much more nefarious. Sure, you give your password away you don't have much of a leg to stand on; I'm not going to say anyone deserves anything, but you've got no moral right to get indignant. Am I just reacting to this with a "oh noes, the sky is falling!" paranoia. Maybe. But when you hear of guild websites getting hacked to install keyloggers, peripherals shipping with keyloggers/viruses installed, it's tough to blame the user. There are always two sides to every story, but I'm getting the feeling there are a lot more true innocents in this battle, including our own Amanda Dean.

World of Warcraft's European site has posted a new page of their FAQ aiming to describe the effects and consequences of third party gold selling, also known as RMT (Real Money Trade or Real Money Transactions). There doesn't seem to be a similar page added to the American site yet, but we've seen enough to know very well that they disapprove as well.

The page mostly focuses on the more underhanded tactics the companies use to get money, such as keyloggers and trojans, or simply stealing the accounts of people who paid for powerleveling, and using them as farming bots, or spamming in high traffic areas on level 1 characters with hard to spell names. It's a good start, and certainly reminds people of the harm that these gold farmers do, and how it can hit close to home.

As a veteran MMORPGer who's watched Johnathan Yantis and Brock Pierce practically invent the industry and most of the dirty tricks it pulls, I'm glad to see Blizzard continue to make a stand against these types of leeches and hope they continue to do so. I'd love to see them explain more fully how the constant amount of kill stealing and spawn and AH camping they do hurts the game. A campaign of information might be just what we need to stop the gold farmers once and for all. Legal measures and community shame (and thus shrinking of their customer base) for a one-two punch? Here's hoping!

Thanks for the heads up, Richard!

There was a weird development on the keylogger front tonight, as Blizzard community managers Drokthul and Nethaera apparently got their accounts hacked and started posting keyloggers on the forums. And of course, because Blue posters are assumed to be trustworthy, many people clicked the links.

I personally thought the whole thing was a photoshop hoax until I read Tyren's comment, "Folks, we're definitely dealing with the issue at hand with the greatest amount of speed and care. We always appreciate our community's support when it comes to alerting us about key loggers on the forums and we hope you'll continue to do so. This is a good chance to remind our players to always check a URL before clicking on it." It sounds like Blizzard is taking this seriously. Eyonix later noted that he kind of enjoyed banning his coworkers.

Hopefully, this will help Blizzard finally do something about the keyloggers and hackers infesting this game. While I realize that it's our own responsibility to keep from getting hacked, if two Blizzard employees can get logged, it can happen to just about anyone. I clicked a keylogger link once myself, back before they became so common on the forums, but my antivirus program caught it before it could do any harm.

As Eliah posted, Blizzard is considering disabling links on the forums. While this may cause many to miss the many new "hot sex girls" and "Ashbringr secrits" that are posted on the forum daily, it may be a risk we'll have to take.

Reader Randomdruid sent along this tip that might interest you if you've picked up Apple's new AppleTV set-top box (I'm too busy working on Sha'tar rep to watch TV, but our good friends at Engadget and TUAW have been doing almost nothing but since the thing came out). Apparently, hackers have already gotten WoW up and running on it.

It's not too big a deal, since I'm pretty sure the box is running a specialized version of OS X anyway, and of course WoW runs on that. The guys at Tutorial Ninja have worked up detailed instructions on how to get any number of applications working on the AppleTV (including Firefox and Centerstage, the open source Mac media center). Scroll down to the middle of the page there, and on the list of "confirmed working apps," you'll find World of Warcraft.

But there is one catch: it looks like pretty much everything has to be installed onto the hard drive by plugging it into another computer. So not only will you have to crack open your pretty new AppleTV, but odds are that you'll have to somehow run WoW from a text interface. And I don't know how you'd actually play it even if it is running-- one of TN's goals is to "get USB working so people can play WoW comfortably." So it's not as easy as throwing the WoW disc in and jumping into Azeroth.

Of course, if you're someone with the time and talent to do all this, you're probably not playing WoW anyway. But if you've got an AppleTV and are already cracking it open to put all the other cool stuff on it, it's good to know that you have the option to get WoW running on your TV screen. Now all we have to figure out is how to get WoW on the iPhone...