Like many others, I’m an avid player of the MMORPG World of Warcraft. A couple of days ago, my account was compromised. When I tried to log in, I was prompted for an authenticator code even though I had never used an authenticator with my account. I found out less than an hour later that all of my characters had been deleted and many new characters were created, on many different realms, for the purpose of spamming the in-game chat system with advertisements.
Judging by countless stories and threads all over the web, I’m not alone. This problem affects thousands of users and has been continuously affecting users almost since the game has been in existence. According to the standard reply from Blizzard, my computer has been compromised. They suggest that I scan for viruses, trojans, and other malicious software using several different tools and identify all of the processes running on the system. This is a very reasonable approach to solving and eliminating problems on a computer that has been infected. However…
I suffer from a slightly obsessive Windows paranoia and I’m extremely cautious. I don’t install software that isn’t from a trusted source. I don’t open email attachments. I don’t click on banner ads or links from unknown sources. I don’t use Internet Explorer, and I use Adblock Plus with my Firefox installation. I always ensure that my anti-virus software definitions, operating system updates, and other software versions are kept current. I’m very familiar with the Windows registry, Task Manager, and Services, and I regularly check the registry and other places for undesirable programs. I know what each of the processes listed in the Task Manager are. Even after all of this, I still don’t use the computer for much other than playing WoW. I use another system with Linux as my primary operating system for all of my computing needs.
But I believed it, too… at first. After I learned of the activity on my account there was no doubt the account had been hacked. I knew I didn’t respond to any phishing emails or provide any of my account information to anyone anywhere. I didn’t think that a large, successful, and responsible company like Blizzard could have a breach in account security, so I figured it must be malicious software on my own computer… I never feel safe on a Windows computer. However, after very thorough investigation of my own computer and computing habits, I have come to believe that the problem did not happen on my computer.
I’ll spare you the details of my investigation because I’m not trying to convince you, and I’ve already convinced myself.
There are some things to consider…
We’re all stupid?!
Among the millions of people around the world who play World of Warcraft, and the thousands of users who have had their accounts “hacked”, I’m not alone. There are other tech-savvy and careful people who have had their accounts hacked. I may not be the most cautious and tech-savvy user (although I’m probably close), but I have no doubt that there are others who know more than me. If I made few mistakes, they made even fewer mistakes. This problem is affecting far too many people for it to be entirely a user problem. There must be at least some people who don’t take chances and have also had their accounts hacked.
What’s the cause?
In all of the years that this has been happening to World of Warcraft players, there have been very few specific causes, if any, identified and confirmed. Terminology such as “keylogger”, “trojan”, and “phishing scam” are used, but there are few references to any specific threats. Where are they? Other malicious software and scams are mentioned regularly all over the web and even in the mainstream news. Each vendor of anti-virus software maintains a database of threats, but even with 11 million WoW players no one has risen to meet the potential demand for information about threats to WoW account security. Is that because there are no documented threats?
They only steal play money?!
The term keylogging is often used in reference to hacked World of Warcraft accounts. This is what I thought might have affected me, but there is a logical disconnect with this idea when I consider that only WoW account information seems to be affected. If so many of the thousands of people who have had their WoW accounts hacked have a keylogger running on their system, then it stands to reason that at least some of them also type other valuable sensitive information on their computer. Why haven’t there been any reports of people who have had their WoW accounts and other accounts such as their bank accounts compromised? If there are people stealing in-game valuables, why wouldn’t they steal your other information, too?
My (conspiracy) theory:
Although Blizzard may be making a profit from their authenticators, I don’t believe they, as a company, would create this problem. However, Blizzard is a huge and successful company with thousands of employees. I don’t know how many people have access to WoW account information, but it would probably only take one person to sell hundreds of accounts for a little extra pocket-money.
What do you think?
