There has been a YouTube video that has been circulating around the internet lately claiming to show how to get into the Wrath of the Lich King beta via a backdoor security flaw. The video directs you to another site, which you then must enter your user name and password that you use to get into WoW. Surprise, surprise: this is nothing but another trick to steal your account.

This video has been showing up in links around the WoW community lately just about as much as a certain great music video. This initially caught my attention when it was posted here in our comments a few times.

Since the real beta signups are under way, and access to the beta is expected to begin any time, we were expecting and indeed seeing a large uptick in the number of beta scams. Be sure to protect yourself.

We've already reported that the Blizzard Authenticator is sold out, but here's another twist to the story. WoW Insider reader Ryan told us that he placed his order last Monday, before the sell out was announced.

However, instead of getting his Authenticator, he instead got an unexplained refund. With no other word from Blizzard, they simply canceled the order and refunded the money. He talked to a coworker who had also ordered the Authenticator and found that he had the same experience. As of yet, Blizzard has not explained the refund to him.

It's likely that Ryan was simply unlucky enough to place his order after they'd sold out but before they'd officially announced it, but there's other somewhat unfortunate implications. If they're refunding his order instead of honoring it, it suggests that they don't expect to have any new Authenticators ready for quite some time.

In an era where clicking on the wrong link while browsing the web could mean your account will get hacked, and one of your guild members clicking on the wrong link means your guild bank could get emptied as well, it's always good to protect yourself and keep abreast of web security issues.

In that vein, it's worth checking out a new report released by McAfee called Mapping the Mal Web Report Revisited. It tested 9.9 Million websites in 265 domains to find out which ones had a higher risk of exposing visitors to malware, spam, and malicious attacks via a red, yellow, and green system.

According to reports, a new wave of exploits has appeared taking advantage of a vulnerability Adobe Flash Player. Allegedly over 200,000 web sites now have redirects to malware, including keyloggers, through embedded Flash. And we all know how evil keyloggers can be. Flash Player 9.0.115.0 appear to be the affected version.

Adobe quickly responded to the issue, saying that the vulnerability is fixed in 9.0.124.0, the latest version of the player, so to make yourself secure, all you need to do is update your Flash. To check what version you are running, go to this Adobe page. Keeping your software up-to-date is one of the best ways to close security holes; if you're truly paranoid, you could always go the route of adding Flashblock and/or No-Script into your browser. And be sure to keep an eye on our new Azeroth Security Advisor column for more tips on how to keep yourself from being compromised. Once again, to update your Flash and patch this vulnerability go to Adobe's "Get Flash" page.

Update: It is possible that certain versions of 124 (namely, the standalone version for Linux and the standalone version with debug capabilities for Windows) are also affected by the exploits. At this time it is recommended to disable Flash if you are running those versions.

Update 2: It is currently believed that all versions of 124 are safe. Nevertheless, caution is generally a good idea.

While the Incgamers malware problem is fixed, it looks like there's another malware flare up in the world of addons. The WoW Ace Updater, according to many users, may be passing off a trojan from an ad in the guise of an antivirus program. The program, called Winfixer, pops up in a window and (in some cases automatically) installs malware while claiming your computer is compromised and that you need to buy the full retail version to fix it. It can be detected and removed by Spybot Search and Destroy and Vundofix, and Symantec includes instructions on how to manually remove it here.

Wowace.com site owner Kaelten has disabled the ads on WoW Ace Updater completely for now, and is talking to his Ad provider to find out what went wrong and which ads might be causing problems.

This isn't the first time a popular WoW site has had trouble with trojans in ads, and unfortunately, it is unlikely to be the last. Kaelten seems to be on top of it, though, so hopefully he'll get to the bottom of these claims. Since the ads are currently disabled, the program itself should already be safe to use. If you're feeling a bit skittish, though, you can check out some of Sean's recommendations for other upgrade programs here.

I should note that, being a religious user of WoW Ace Updater myself (I run it at least a good 5 times a week), I just made sure to scan my computer with the aforementioned Spybot Search and Destroy as well as AVG Free Edition. According to those programs, It has a clean bill of health.

Yesterday, I reported to you that Google (via Stopbadware.org) had marked wowui.incgamers.com (which redirects to wowui.worldofwar.net) as a bad site. Today, the site is reported as clean according to the same report (you can check it out here).

Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning.

Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.

Here at WoW Insider, we've noticed an unusual and disturbing glut of people having trouble with being keylogged or otherwise hacked soon after installing new addons lately (which wouldn't be a surprise -- lots of people were grabbing addons after patch 2.4, so that makes them a likely route for attackers). While it's too early to make any definite connections, It seems like there's one new lead that's just popped up: popular addon site wowui.incgamers.com (not linked for obvious reasons) is apparently passing off bad files, according to reports from Stopbadware.org and other anonymous sources.

If you've been using the site for your addons, especially in the past week or so, it might be a good idea to exercise some caution and run your favorite anti-virus or anti-malware program. The site has already been in trouble recently with reports that their UICentral addon updater (now discontinued) was using copyrighted code, and now it looks like there's more trouble abrewing for them.

Update: Wowui.incgamers not infested with malware. Full story here.

Apparently, the Burning Legion is either as deadly and implacable as the army they are named for, or as false and tricky. Us.gorgonnash.info is now reporting them as having come from behind to unlock Phase 4 the first of all servers. Given that they are a PvP server, this would be an especially amazing show of determination and server togetherness.

However, given that, until only a few hours ago, they were only 37% according to the site, according to Trade chat on the Burning Legion server (Thanks, Zulama), and according to a poster on this thread, it seems more likely that someone tampered with their upload file to fool the site.

It's honestly rather disappointing that someone has decided to tamper with a trustworthy group effort like the gorgonnash.info website. I know we're all better than that. So to all of you who've been faithfully uploading legitimate info to the site, and to all of you who have been working hard to help your servers unlock each phase, I say congratulations, and thank you. Hopefully, one jerk from the Burning Legion server doesn't dampen our spirits.

Edit: Thanks to Unagieater of the Burning Legion server for confirming via screenshot in the comments that this is a hoax. The server is only about 41% complete with Phase 3 as of this edit.

Hackers are getting more and more brazen lately, hiding various trojans and keyloggers not only in random forum links, but in ad banners and even in electronic devices. Even common sense avoidance of suspicious links and websites doesn't always seem to work anymore. Luckily, there are other tools you can use, such as the Noscript extension for the Firefox browser. Lifehacker reported on a new one yesterday as well: Anti Keylogger Shield for Windows.

This freeware program purports to work not by blocking installation of keyloggers, but by preventing them from logging your keys once installed. Lifehacker tested it by loading a keylogger and reported that it seemed to work, at least in that case, as the keylogger's log file was completely empty.

Of course, you probably shouldn't just install this program and go off clicking strange links willy nilly, but it does look like it could be one more line of defense in the ever escalating battle to protect your computer and your account from those who would steal it. Plus, it's free, so that's even better.

[Thanks for the forward, DrDiesel!]

In Blizzard's attempts to get rid of gold farmers and hackers, one of their most annoyingly persistent enemies has been the WoWGlider bot, now known as MMOGlider. They've been throwing suits and countersuits at each other for a few years now, but the latest salvo seems to have gone against Blizzard, the Game Activist reports. Blizzard was trying to subpoena Joe Thaler, owner of Lavish Software LLC, maker of programs such as EQPlayNice. While Lavish Software's programs do not appear to be cheat programs on their own, they did make a deal with MDY Industries, maker of MMOGlider, to use the programs within MMOGlider.

According the judge's decision, Blizzard was hoping to obtain all documentation related to the deal, all communication between Thaler and Lavish and MDY and its owner, Michael Donnelly. They also wanted a list of all WoW accounts owned by Thaler and Lavish, as well as the contents of the WTF folders of every installation of WOW used by Thaler and Lavish Entertainment. Unfortunately, the Judge ruled that Blizzard was demanding information that could compromise Lavish's trade secrets and client confidentiality, and that the demand for the information within 9 days did not give Thaler and Lavish enough time to respond an gather information.

It's worth noting that the judge did specifically say that Blizzard could file another subpoena that would be more narrow in scope and allow more time for Lavish and Mr. Thaler to respond, so this is probably not a fatal blow to Blizzard by any means. I personally hope not. I've never had much patience for bots, or people who feel they have a civil right to cheat at games, so I'm rooting for the big bad corporation on this one. What about you?

Thanks for the link, Tyrsenus.

World of Warcraft's European site has posted a new page of their FAQ aiming to describe the effects and consequences of third party gold selling, also known as RMT (Real Money Trade or Real Money Transactions). There doesn't seem to be a similar page added to the American site yet, but we've seen enough to know very well that they disapprove as well.

The page mostly focuses on the more underhanded tactics the companies use to get money, such as keyloggers and trojans, or simply stealing the accounts of people who paid for powerleveling, and using them as farming bots, or spamming in high traffic areas on level 1 characters with hard to spell names. It's a good start, and certainly reminds people of the harm that these gold farmers do, and how it can hit close to home.

As a veteran MMORPGer who's watched Johnathan Yantis and Brock Pierce practically invent the industry and most of the dirty tricks it pulls, I'm glad to see Blizzard continue to make a stand against these types of leeches and hope they continue to do so. I'd love to see them explain more fully how the constant amount of kill stealing and spawn and AH camping they do hurts the game. A campaign of information might be just what we need to stop the gold farmers once and for all. Legal measures and community shame (and thus shrinking of their customer base) for a one-two punch? Here's hoping!

Thanks for the heads up, Richard!

Hackers seem to be trying more and more ways to get legitimate accounts out of players hands and working to steal and farm more gold, but if you think they've had some sneaky schemes in the past, you ain't seen nothing yet. Our colleagues at Massively have a story that's both amazing and disturbing at the same time.

A lot of geeks found a digital photo frame under the tree this year. Seems like a good idea, I'm sure a lot of us have a pretty large collection of digital photographs stored on memory cards and flash drives that we just haven't quite gotten around to printing for display.

Unfortunately, certain frames sold at Best Buy, Target, Costco and Sam's Club come with an extra undocumented feature, in that they have a nasty little bug that's being dubbed Mocmex. The bug can burrow its way into your computer, latch itself in, and sniff out account information. It doesn't seem to affect Linux or Macs, at least not in its current form, but right now there doesn't seem to be a single manufacturer or frame type that's infected, so the origin of the bug hasn't been nailed down.

If you think you've got one of the infected picture frames, Massively recommends contacting the SANS institute and calling the store where the frame was purchased. You can check their story for the contact information.

The upside of this, I suppose, is that if the farmers are starting to branch into using peripherals to steal our accounts, they may be getting pretty desperate. The downside is, when we have people who practice safe web browsing and keep a clean computer getting bitten, like our Amanda Dean for example, we could be in some trouble. With any luck, all the major virus programs will have a cure for Mocmex and programs like it soon. In the meantime, it looks like we'll have to be extra careful about what we install on our computers, and make sure our anti-virus programs and firewalls are up to date.

We covered the story of the dead goldspam gnomes in Ironforge the other day, but now, direct from Alice (complete with Benny Hill accompaniment), here's video footage of exactly how it was done. How incredibly strange.

As far as anyone can figure out, they created these gnomes using a bot, and then used a client-side teleport hack to put them in exactly the right place above the Ironforge floor. They also had to kill them somehow of course, but who knows how that was done. Did they send newly created gnomes out to the trolls in the lowbie area (because most starter mobs are actually neutral, so won't attack normally), and then wait until right as they died to teleport them away? If you went to the starting area while this was happening, would you see little gnomes disappearing? As I said: how extremely strange.

Update: You commenters are so smart-- that's why we keep you around. Jesse and hookkick80 instantly recognized that they probably die from the fall damage after the teleport.

I missed this last night since I don't spend much time on the Customer Support forums, so thanks to Halicante for bringing it to my attention. It seems that a player bought gold from a web site and only received some of it; the gold sellers claimed the unreceived part got "lost in the mail." Our protagonist then decided to run to the forums and ask Blizz for help reclaiming his lost gold. That he had bought.

Now I kinda wish I hadn't used the ASCII headache man for the Carson story, so I could use it here. Revel in the WTFness of the post (names have been removed by forum mods to protect the guilty):

i bought gold on line from Removed.com and they sent it to me as fallows
22 2007-04-27 16:30:44
22 2007-04-27 18:55:28
56 2007-04-28 07:21:25

the two 22 gold were sent buy the character [Removed], but i only got 1 of the 22g and the 56g. they said they sent the gold and that it was lost in the mail system, so i should contact you guys. can youz help me?

here is my info for the order with the company (doubt that will do you any good though)
559271 Name Removed
WOW US - Mug'thol - Horde - 100 Gold

This in Blizzard's official forums. Sometimes I just have to shake my head and move on...but seriously, folks. Could this possibly be for real? Honestly, who pays money for 100 gold?