World of Warcraft users are seeing increasingly more issues involving theft of their accounts but Blizzard springs into action.
World of Warcraft is probably THE most popular massively multiplayer online role-playing game (MMORPG) in history, with almost 9 million subscribers around the world. When a game is this popular, there is invariably going to be people our there who seem to only gain pleasure from ruining the fun of others, not to mention compromising the rules of the game. In this case we will be discussing the in-game economy.
If you have ever played World of Warcraft, you have undoubtedly received whispers or tells from some unknown player with an advertisement. The ad is for the “opportunity” to buy gold using real money. The other “opportunity” is for the player to pay someone else to power-level their character, (also known in the WoW culture as a ‘toon). By buying gold, a player compromises the economy of the game, ultimately making prices inflate to higher and higher levels while the value of the gold becomes more and more worthless. That’s what happens if a country prints money without the assets to back up their currency; it will eventually become worthless.
Often times, the buyer of the gold will also receive another unwanted guest. A little Trojan called a keylogger. This is a malicious program code hidden on the player’s computer, that captures the players keystrokes and sends that data back to its master. Those keystrokes are most ofter the player’s password. The keylogger is not only received by buying gold from unscrupulous persons, but can also be placed on the player’s computer hidden in a game add-on, or even by visiting a seemingly harmless website and installing what looks like a normal add-on. Some sources have even revealed that a keylogger can be hidden inside an image on a malicious website, and installed on the user system just by using a certain browser and visiting the site – Microsoft’s Internet Explorer seems to be the browser most targeted. Mote information can be obtained about keyloggers at the Blizzard website.
Now that the “bad guy” has the user’s account information, they have a world of choices ahead of them. Most ofter those accounts will be used to transfer bought gold to another player or players. You should keep an eye on the amount of gold in your inventory and be suspect if you see it change without your knowledge. This is where Blizzard springs into action. When they detect a large amount of gold transferring from one player to others, they will immediately freeze the account. This action is not only to stop the action that can damage the in-game economy but usually the “bad guy’s” next step is to clean out the user’s inventory and transfer all the gold and items to another of character of their control, leaving the victim standing naked and penniless.
When Blizzard shuts down the account, the user will receive an email stating that their account has been terminated for actions that were damaging to the game’s economy. Now if you receive this email and you have not been buying and selling gold, then you will be okay though it will take some work to restore your account and you will likely not get all of your inventory returned to you. If you feel your account has been compromised, below are some links that will help you restore your account:
http://www.blizzard.com/support/wowgm/?id=agm01715p – In-game Support (GMs)
http://www.blizzard.com/support/wowaa/ – Account Administration
http://www.blizzard.com/support/wowbilling/?id=abl01922p – Billing and Account Services
There are other ways that you can have your account compromised as well. We already mentioned downloading some innocent add-ons. There are good clean add-ons out there such as Cosmos, WoWEcon, Titan Panel, and Ctmots from Ctmods.net, and there are more. Just ask your close friends in the game and fellow guild members which ones work best for them and which have caused trouble. Be sure to scan them with updated ad detection and anti-virus software before installing them on your system, but even then it is not 100% certain that you won’t receive an unwanted nasty. The safest way to avoid these key loggers is to use no add-ons.
Phishing is another way that “bad guys” can gain control of victim computers. Players will receive an official-looking email from Blizzard that will sometimes link to a website or in some other way ask the player for their account name and password. Please don’t fall prey to this. Blizzard Entertainment employees will NEVER ask players for their passwords through email. Yes, these emails look official, as if they actually came from Blizzard and even will threaten dire action unless the player provides his or her login information, usually so that “Blizzard may verify the legitimacy of the account”. If you receive an email such as this, please forward it onto Blizzard at and they will take it from there. Do not even reply to the sender even if it does look official.
Another way for the “bad guys” to compromise a user account is through account sharing. Okay, you remember when I said above that some in-game advertising will offer “power-leveling” for a price? Well that price is way too high. In my never-too-humble opinion, anyone who knowingly gives their account login information to another whether it is someone they know or that they don’t know, they deserve what they get. NEVER share your account with another especially one of these “power-levelers”. If you do you are just begging to loose your account.
Now a few more points about keyloggers. I have read some information on the web that suggests that if you check the box to remember your account login name and then cut-n-paste your password into the password field that you will be immune to the keylogger. I’m sorry to tell you that it really takes one additional line of code to pick up what you have cut-n-pasted. If you suspect that you have a keylogger on your system, you should find it and destroy it. One of the keyloggers going around will appear in your task manager as svch0st.exe (note the zero where an o should be), or NTDETECT.EXE, and others. If you find this in your task manager, you will need to clean your system. But the loggers can appear under a number of other names so don’t count on being clean if you don’t have svch0st.exe in your task manager. There are several programs that will catch and destroy these nasty little loggers from your system. I use a combination of AdAware, AVG anti-virus, and Spybot Search and Destroy. Others may include Kaspersky, Avast, Mksvir, and others. Either way, do not try to get back into a restored account until you find and completely kill the logger.
Blizzard support also strongly recommends open World of Warcraft only by using the Blizzard Launcher. It is designed to deliver news about WoW and support updates as well as community events. But it also automatically runs a Trojan/cheat scan, and if anything is detected, a message will appear that will alert the player. Of course Blizzard further recommends that players run virus-scanning programs in addition to the Blizzard Launcher. More information about the Launcher can be found at these links:
http://www.worldofwarcraft.com/misc/launcher.html
http://www.blizzard.com/support/wow/?id=aww01907p1
Look, the bottom line is that we must all be vigilant in protecting our accounts. If you need gold, don;t be a fool and buy it. And by the way, quit begging for gold…we all had to earn ours the hard way and so should you so knock that stuff out. This is a great game and a few “bad guys” are trying to make their fortune on our passion…World of Warcraft. Play the game by the rules, be careful of what you put on your computers to enhance the gaming experience, don’t share your login and password with ANYBODY, and just have fun. Let’s not let these few bad apples, (i bet you thought I was going to say bad guys again…hehe), ruin it for the rest of us. Let’s play nice out there, and always remember, you get extra points for playing well with others. Cya in there!
Leave a reply to World of Warcraft Faces Keylogger Account Problems