In that vein, it's worth checking out a new report released by McAfee called Mapping the Mal Web Report Revisited. It tested 9.9 Million websites in 265 domains to find out which ones had a higher risk of exposing visitors to malware, spam, and malicious attacks via a red, yellow, and green system.
Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning.
Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.
Here at WoW Insider, we've noticed an unusual and disturbing glut of people having trouble with being keylogged or otherwise hacked soon after installing new addons lately (which wouldn't be a surprise -- lots of people were grabbing addons after patch 2.4, so that makes them a likely route for attackers). While it's too early to make any definite connections, It seems like there's one new lead that's just popped up: popular addon site wowui.incgamers.com (not linked for obvious reasons) is apparently passing off bad files, according to reports from Stopbadware.org and other anonymous sources.
If you've been using the site for your addons, especially in the past week or so, it might be a good idea to exercise some caution and run your favorite anti-virus or anti-malware program. The site has already been in trouble recently with reports that their UICentral addon updater (now discontinued) was using copyrighted code, and now it looks like there's more trouble abrewing for them.
Update: Wowui.incgamers not infested with malware. Full story here.
This freeware program purports to work not by blocking installation of keyloggers, but by preventing them from logging your keys once installed. Lifehacker tested it by loading a keylogger and reported that it seemed to work, at least in that case, as the keylogger's log file was completely empty.
Of course, you probably shouldn't just install this program and go off clicking strange links willy nilly, but it does look like it could be one more line of defense in the ever escalating battle to protect your computer and your account from those who would steal it. Plus, it's free, so that's even better.
In Blizzard's attempts to get rid of gold farmers and hackers, one of their most annoyingly persistent enemies has been the WoWGlider bot, now known as MMOGlider. They've been throwing suits and countersuits at each other for a few years now, but the latest salvo seems to have gone against Blizzard, the Game Activist reports. Blizzard was trying to subpoena Joe Thaler, owner of Lavish Software LLC, maker of programs such as EQPlayNice. While Lavish Software's programs do not appear to be cheat programs on their own, they did make a deal with MDY Industries, maker of MMOGlider, to use the programs within MMOGlider.
According the judge's decision, Blizzard was hoping to obtain all documentation related to the deal, all communication between Thaler and Lavish and MDY and its owner, Michael Donnelly. They also wanted a list of all WoW accounts owned by Thaler and Lavish, as well as the contents of the WTF folders of every installation of WOW used by Thaler and Lavish Entertainment. Unfortunately, the Judge ruled that Blizzard was demanding information that could compromise Lavish's trade secrets and client confidentiality, and that the demand for the information within 9 days did not give Thaler and Lavish enough time to respond an gather information.
It's worth noting that the judge did specifically say that Blizzard could file another subpoena that would be more narrow in scope and allow more time for Lavish and Mr. Thaler to respond, so this is probably not a fatal blow to Blizzard by any means. I personally hope not. I've never had much patience for bots, or people who feel they have a civil right to cheat at games, so I'm rooting for the big bad corporation on this one. What about you?
We all deal with them. Their annoying spam, their flooding of the general channels. Those gold sellers deserve the kiss of death. Wouldn't it be nice if their industry just went and slept with the fishes?
In a tactic that even Don Corleone himself would be angry at, gold sellers have sunken to a new low. John M. wrote in to tell us the tale of a fellow guild mate who fell under the gaze of a gold seller who took his account hostage, demanding payment from his guild. Sit back, open up a new window with this Godfather music, and read on after the break.
In one of the most bizarre things I've seen happen to the World of Warcraft in my three years playing, the WoW Armory site today is pointing to a generic GoDaddy.com domain parking page. The screenshot above was taken at 1:08 p.m. CST on March 2nd, 2008. WoW Insider has received numerous reports of this. It seems to be a DNS related issue. The domain name wowarmory.com expires today, and it appears as if a registrant has grabbed the wowarmory.com domain name as soon as it expired.
DNS entries for blizzard.com and worldofwarcraft.com point to cerf.net, while the DNS servers for wowarmory.com are currently pointing to domaincontrol.com. While some of you might be seeing wowarmory.com work correctly, others are not. The ISPs of people who are seeing it work have not had their DNS records updated yet, however within the next 48 hours they will see wowarmoy.com go down as well; unless Blizzard fixes this before then (I am sure they are already aware, or becoming aware of it).
Stay tuned to WoW Insider for the latest on this story.
Thanks to Matthew Rossi and his wife for contributing to the technical sleuthing in this post.
Updated 2:34 p.m. EST: You can access the armory using a sub-domain of worldofwarcraft.com by going to http://armory.worldofwarcraft.com/
Updated 3:03 p.m. EST:http://www.wowarmory.com/ is now working again. It looks like Blizzard really jumped on the issue and fixed it.
Our Guild had been going downhill for a while now. At the beginning of the year, key officers and members, cornerstones of our raiding team, quit the game for one reason or another. Some of our members got hacked, just like WoW Insider's Amanda Dean. This took the wind out from under our sails, despite great success in Serpentshrine Cavern and Tempest Keep. As 2007 closed, I envisioned us taking down Vashj and Kael within the first quarter of 2008. I was stoked. There were good times when we'd take down two new bosses a week. Of course, Murphy's Law happens. While key team members quit the game, others took extended (sometimes unannounced) leaves of absence, and with diminishing raid attendance and obviously performance, other members looked elsewhere for better raiding opportunities. And when it rains, it pours.
A little over a week ago our Guild bank was robbed. It was cleaned out -- so empty I could almost imagine the sound of flies buzzing about -- well, okay, it wasn't that empty. On the third tab, the robber was kind enough to leave us ten stacks of Roasted Clefthooves. At first it struck me as odd because we had fixed our Guild permissions somewhat after our GM left the game to take a shot at a relationship and play with his Nintendo Wii. In what order exactly, I can't be sure. He passed the mantle off to one officer who passed it to another officer who later passed it on to me. So for a while, I was GM of a Guild that wasn't quite doing anything but waiting on people to come back to the game. So imagine my shock (more like anesthetized indifference, to be honest) when I was going to deposit items into the Guild bank only to find that it had nothing. Well, nothing but those clefthooves.
I use a Mac as my production machine. I don't want to get this too much into a Mac v. PC war, so lets just leave it with this: I find I am more productive with my workflows in OS X, and I have the added bonus of not worrying too much about what nasties are included in my downloads. I've been drinking Apple Kool-Aid from a sippy cup for over 10 years, so for me playing WoW on the Mac isn't some life-altering decision. My PC is nothing more than a game/media conversion console. But this whole hacking thing is making me think seriously of playing WoW on the Mac full-time. Sure, I've had WoW sessions of a decent length on my Mac, but not complete PC abstinence. In full disclosure mode, I've worked in IT for over ten years, and many of those years with a dotted-line relationship helping out our Security group. So, I've got a decent understanding of How Not Do Stupid Things On Your PC.
Back in my EverQuest days, we had "hacking" problems, but usually those could be traced back to someone doing stupid with his or her account: they used a powerleveling service or gave their password to a brother or guildie who then did something bad. With WoW, though, it seems much more nefarious. Sure, you give your password away you don't have much of a leg to stand on; I'm not going to say anyone deserves anything, but you've got no moral right to get indignant. Am I just reacting to this with a "oh noes, the sky is falling!" paranoia. Maybe. But when you hear of guild websites getting hacked to install keyloggers, peripherals shipping with keyloggers/viruses installed, it's tough to blame the user. There are always two sides to every story, but I'm getting the feeling there are a lot more true innocents in this battle, including our own Amanda Dean.
World of Warcraft's European site has posted a new page of their FAQ aiming to describe the effects and consequences of third party gold selling, also known as RMT (Real Money Trade or Real Money Transactions). There doesn't seem to be a similar page added to the American site yet, but we've seen enough to know very well that they disapproveas well.
The page mostly focuses on the more underhanded tactics the companies use to get money, such as keyloggers and trojans, or simply stealing the accounts of people who paid for powerleveling, and using them as farming bots, or spamming in high traffic areas on level 1 characters with hard to spell names. It's a good start, and certainly reminds people of the harm that these gold farmers do, and how it can hit close to home.
As a veteran MMORPGer who's watched Johnathan Yantis and Brock Pierce practically invent the industry and most of the dirty tricks it pulls, I'm glad to see Blizzard continue to make a stand against these types of leeches and hope they continue to do so. I'd love to see them explain more fully how the constant amount of kill stealing and spawn and AH camping they do hurts the game. A campaign of information might be just what we need to stop the gold farmers once and for all. Legal measures and community shame (and thus shrinking of their customer base) for a one-two punch? Here's hoping!
In their continued effort to rid Azeroth of hackers and gold farmers, Eyonix announced this evening that 59,000 accounts were closed during the month of June for terms of use violations. Have you seen anyone behaving suspiciously on your server? An account that's being controlled by a bot isn't too difficult to spot if you spend a bit of time paying attention - and Blizzard investigates all reports. So if you suspect such behavior, report it to a GM, and help the community be rid of the annoyance of hackers and bot farmers.
In an era where clicking on the wrong link while browsing the web could mean your account will get hacked, and one of your guild members clicking on the wrong link means your guild bank could get emptied as well, it's always good to protect yourself and keep abreast of web security issues. 
We all deal with them. Their annoying spam, their flooding of the general channels. Those 
Subscribe
