keylogger
Latest
Play safe because a trojan can get you banned
Remember that "non-personal system information" that Blizzard said they are searching for? Part of it is a search for keyloggers, trojans and viruses that affect WoW. If the system check finds one of those on any of the computers you are using, Blizzard will ban your account for 24 hours so that you can get it fixed.When this happened to a guildie, I must admit I was skeptical. Blizzard scans for viruses? And then sends an email that sounds suspiciously similar to the various phishing emails out there? But my friend sent me a copy of the email and described the whole process to me and I am a believer. Blizzard has some issues it needs to resolve with how it is handling this, however.
The Queue: Nuts and bolts
Oh boy. Most of us are the walking dead after BlizzCon, but let's get back to something resembling normalcy with a Queue. We're going to start off today with an important matter concerning authenticators and account security, then move on to a bit of WoW.com business and Onyxia. I'd also like to direct attention to two really good comments from the last column re: technical issues, Shadow's and Logarth's.Zerounit asks... I recently got an Authenticator in the mail and I noticed something while I was inspecting it: there appears to be no way to open it short of cracking it open with large objects. Is there a battery life on these? If it stops giving me my magic codes, will I have to get a new one? I got an authenticator for my own use recently and have to admit I hadn't thought to look into the battery life, which is a very good question indeed. A dead authenticator means you have no way of getting into the game (or even into your online account) without official help from Blizzard. Turns out the little security doodads are manufactured by a company named Vasco, and after poking around their website, I'm reasonably certain that Blizzard authenticators are a variant of Vasco's DIGIPASS GO 6 model. What makes me so sure? The GO 6 model page is the only one accompanied by an article on fraud and hacking in online gaming. They don't come right out and say that Blizzard is a customer, but unless Hello Kitty Online is a bigger hive of scum and villainy than even we gave it credit for, you don't have to be a genius to figure out that World of Warcraft figures prominently in MMORPG account theft.
An interview with a scammer
digg_url = 'http://digg.com/pc_games/Interview_with_a_WoW_scammer'; Recently, I wrote about a scam involving selling Spectral Tiger Mounts, but I never thought I would be able to actually interview the guy responsible. Luckily, this particular scammer was willing to discuss the scam candidly with my husband and I. He ended being very like a Ferengi in his attitude toward what he calls "business". Here is the story.Late last night, The Spousal Unit saw someone spamming Trade Chat, supposedly offering a Spectral Tiger Mount for sale. Since he knew two people that had been scammed by this, he called the seller a scammer in Trade Chat. The scammer sent him a tell and they proceeded to debate the issue in whispers. TSU called me over to show me the conversation, so of course I had to log on and pursue the interview further. Following are both interviews, copied over from in-game whispers.
Beware of Blood Elves selling mounts
A friend of mine recently got hit by a pretty devious phishing scam targeting wealthy (in-game) players looking to make legitimate purchases. My friend, we'll call him Cobra, was in a major city when an offer in the Trade Channel caught his eye. A player, we'll call him Bubbles, was offering a Spectral Tiger Mount for 5000 gold. Since this mount is only available as a code on a rare loot card, Cobra contacted Bubbles to inquire. Purchasing codes for in-game items with in-game cash is perfectly legitimate, according to Blizzard, so Cobra did not worry about going against the TOS with this transaction.Bubbles, a level 78 Blood Elf Mage, seemed legitimate. For one thing, he was not a throwaway low level character. Also, he didn't want to take the cash then, but just see it in a trade window to make sure Cobra was in possession of it. So Cobra gave Bubbles his email address only and waited for the email that included the code and a link to where to input the information.
WoW Rookie: Keeping your account safe and sound
New around here? WoW Rookie points WoW's newest players to the resources they need to get acclimated. Send us a note to suggest a WoW Rookie topic.It doesn't take keyboard gymnastics to prevent your account from getting hacked. As a new player, you're bound to be concerned – and if you do any digging at all, you're also bound to uncover a tangle of acerbic, rather arcane-sounding comments (many of them on posts right here at WoW Insider) about what operating systems, browsers and browser add-ons are most secure.You really don't have to change your entire computer system simply to keep your WoW account safe. This week, WoW Rookie rounds up a selection of WoW Insider posts that show you how (and why) to keep your WoW account from being hacked and prevent your computer from spilling its beans to the world at large.
Norway giving free laptops to angsty teens
What do we know so far about Norway? That it likes electric cars, has buses powered by poo, and offers so much snow even its billboards are filled with the stuff. Now we're learning something else: that it's in the middle of a pilot program that would put a laptop (a real one, not one of those OLPC toys) into the Bedazzled rucksack of every 16 - 19 year old. The trial is currently underway in a single county, Nord-Trondelag (site of the Battle of Stiklestad in 1030), where 6,000 lappys have been distributed featuring Big Brother-like software. The stuff, provided by 3ami, captures screenshots and keystrokes when students take quizzes and exams electronically. If all goes well Norway will expand this program nation-wide, and since each laptop comes with a copy of Photoshop we're expecting a whole new generation of expert image manipulators.[Image courtesy of mrsviennau]
Account security is your responsibility, not Blizzard's
PlayNoEvil recently published an article explaining why they think it is that hackers target gamers by stealing their passwords and other account information. While there is some truth in the premises offered, articles like this one only serve to fuel conspiracy rumors and encourage players to think of themselves as victims rather than take responsibility for their own account security. Gaming companies do place some of the blame for a compromised account on the account holder, and for good reason. The hacker certainly didn't gain access to your computer because of their actions, and their computers that store your information are as yet untouchable.The browsers you use, sites you visit, firewall settings, anti-virus software and update practices are just a few of the ways that you contribute to your own hacking experience. Sharing your account information with your lover, best friend and mother may sound safe, but you don't control the security of their computers, or their friends' computers. The majority of people I know who have been hacked signed into their accounts on their sibling's computer or a publically shared machine. In fact, NASA ended up with a keylogger targeted at gamers on the International Space Station. It traveled aboard on the laptop of one of the astronauts. You just can't trust any computer that isn't your own.It may be hard to hear, but a hacked account is because of something you did, whether it was an unfortunate stroke of luck, such as stumbling onto a redirect on a legitimate website in the small window before the site addresses it, or a serious oversight in security on your part.
Account security mythbusting
So, you might have noticed the increased number of warnings and advice from Blizzard regarding account security lately. They've even popped up in the game itself, as a server message when you first log in. Needless to say, this has caused no dearth of consternation in the WoW community (read: people be trippin'). So, why the sudden notices? Has something changed? Has Blizzard lost their footing in the war against hackers and gold farmers? Is Blizzard in cahoots with them? What's this itchy pentagram-shaped rash I've developed?Now, there's a lot I can't talk about regarding this stuff, and certainly not for any sinister reason. It's a selfish reason, though, that being that I really like not getting sued. I can, however, use my experience and knowledge to bust or confirm some common account security myths. Ready? I'm a trained professional. Don't try this at home!
Wealth category removed from Armory statistics
The Armory was updated with achievement and statistic tracking last week to accompany the new game features introducted in patch 3.0.2, along with tools to compare your achievements and stats to other players on your realm. There was a lot of concern over someone the things displayed out in the open for all to see such as the Wealth stat. How much gold you've had, how much you have, things like that. Players felt it made them into targets of sorts, figuring hackers, scammers and phishing sites would focus fire a little more. Heck, some people were just plain uncomfortable with other players seeing their gold stores.It looks like Blizzard actually agrees in this case. If they don't agree, at least they were feeling a little sympathy and wanted to calm some nerves. The Wealth category has been removed completely, and while you can still check up on other achievements and stats, you don't get a free look into someone's money bags anymore. I don't know that how much gold you have on display actually had an effect on who scammers target or not, but it's not like it was important information anyway and you might as well be more safe than sorry. Some stats are fun to see and compare, but I don't know that gold is one of those stats.
Antivirus company claims viruses are out to get you
McAfee Avert Labs, a monitoring and research division of McAfee Inc., claims that malware attacks are on the rise, and the targets are often gamers. According to McAfee, there was a 245% growth in the amount of malware being developed from 2006 to 2007, with roughly 300% more developed from 2007 to 2008. So far this year, development already exceeds 2006 and 2007 combined. Earlier this year, McAfee released a list of some of the most dangerous web domains. Even major, reputable websites are not immune, although the problems are usually addressed almost instantly. Commonly targeted websites include social networking sites like Facebook, as well as gaming sites.The developers harvest the information, and sell it to others who then exploit it, possibly to steal your account information. With so little time until Wrath of the Lich King, I'd like to remind everyone that buying gold or power-leveling services is not only not permitted, it is likely to get you burned. For more information on protecting your computer from keyloggers and other malware, check out the following guides:
Keyboard "eavesdropping" just got way easier, thanks to electromagnetic emanations
We always knew those electromagnetic emanations would amount to no good, and now here they go ruining any shred of privacy we once thought to possess. Some folks from the Security and Cryptography Lab at Switzerland's EPFL have managed to eavesdrop on the electromagnetic radiation shot off by shoddy wired keyboards with every keystroke. They've found four different ways to listen in, including one previously-published general vulnerability, on eleven keyboard models ranging from 2001 to 2008, with PS/2, USB and laptop keyboards all falling to at least one of the four attacks. The attack works through walls, as far as 65 feet away, and analyzes a wide swath of electromagnetic spectrum to get its results. With wireless keyboards already feeling the sting of hackers, it's probably fair to say that no one is safe, and that cave bunkers far, far away from civilization are pretty much our only hope now. Videos of the attacks are after the break.[Thanks, Dave]
WoW Insider interviews Blizzard on security
Big concerns require authoritative answers, and to get those, you often have to go to the top. That's what our friends at WoW Insider have recently been able to do, getting answers straight from Blizzard, the masters of World of Warcraft. As issues go, it's pretty damn big: not concerns about class balance or content, but about the basic security of your account, the protection currently being provided against hacking, and what the Authenticator key actually does.Blizzard, who actively sought an interview with WoW Insider following a (since contested) report of a customer allegedly having his account hacked while using one of the new Authenticators, explain the specific steps the technology takes to ensure security. They also address player concerns about how reliable the Authenticator is. The bottom line: '... we have no verified occurrences of an account being compromised that has a Blizzard Authenticator attached to it.' The full interview can be read at WoW Insider.For those that don't know, the Authenticator is an optional item (now available through the Blizzard store) that adds an extra layer of security to one or more World of Warcraft accounts. 'It supplies a random digital code that must be entered at login, providing an additional layer of security to help prevent unauthorized account access. Each code is valid for a limited time and can only be used once, so the Blizzard Authenticator must be in the possession of the account holder to log in to the account.'
International Space Station has a keylogger
var digg_url = 'http://digg.com/pc_games/Keyloggers_in_Spaaaaaaaace'; NASA has confirmed that the International Space Station has been infected by a keylogger. It was carried onto the station by an astronaut's laptop back in July. The keylogger in question is the W32.Gammima.AG -- which is specifically a gaming keylogger. In other words, the ISS has the exact kind of keylogger that plagues so many of us in WoW. NASA describes the keylogger as merely a "nuisance," but at least two of the laptops on board had the virus. That probably means it arrived on one laptop, and a removable device like a thumb drive carried it to another. Kelly Humphries, a NASA spokesperson, said "This is not the first time we have had a worm or a virus. It's not a frequent occurrence, but this isn't the first time." For security reasons, Humphries couldn't say whether mission-critical systems were affected by the keylogger. NASA is working with its Russian partners to figure out how the virus got space-born. Here's hoping the International Space Station has their Blizzard Authenticators installed properly.
Authenticator ordering leads to unexplained refunds
We've already reported that the Blizzard Authenticator is sold out, but here's another twist to the story. WoW Insider reader Ryan told us that he placed his order last Monday, before the sell out was announced. However, instead of getting his Authenticator, he instead got an unexplained refund. With no other word from Blizzard, they simply canceled the order and refunded the money. He talked to a coworker who had also ordered the Authenticator and found that he had the same experience. As of yet, Blizzard has not explained the refund to him. It's likely that Ryan was simply unlucky enough to place his order after they'd sold out but before they'd officially announced it, but there's other somewhat unfortunate implications. If they're refunding his order instead of honoring it, it suggests that they don't expect to have any new Authenticators ready for quite some time.
Blizzard's WoW Authenticator to be revealed at WWI
An added security feature for those worried about account theft, Blizzard is introducing an Authenticator at this weekend's Worldwide Invitational (WWI) in Paris. The Authenticator is a piece of hardware (we're guessing USB-related) has a button you press whenever you start World of Warcraft that must be inputted to log in. The purpose of the dongle is to prevent keyloggers and other instances of account theft. We doubt it's the big suprise, but it's certainly good news for those worried about security. More information can be found via the FAQ.
Blizzard Authenticator adds new layer of security, for a price
When you play online games these days, you always have to be mindful that you don't leave yourself vulnerable to viruses, account fraud, and hacks. Something as seemingly simplistic as a hidden keylogger in a UI mod can open the floodgates to strangers to come on your computer and take your account information. Stories abound of players losing accounts they've dumped thousands of hours into because they didn't take the proper precautions. While some of the blame certainly lies with the players, there are some critics who have charge that the MMO industry doesn't do enough to prevent fraud.Enter the Blizzard Authenticator. This new keychain SecurID device can be attached to your World of Warcraft account, making it impossible for anybody to access it without the Authenticator plugged into the computer They'll be debuting the device at the upcoming Blizzard Invitational, but it should be available on Blizzard's online store soon at the low, low price of $6.50. It's a small price to pay for peace of mind.
McAfee report reveals the most dangerous web domains
In an era where clicking on the wrong link while browsing the web could mean your account will get hacked, and one of your guild members clicking on the wrong link means your guild bank could get emptied as well, it's always good to protect yourself and keep abreast of web security issues. In that vein, it's worth checking out a new report released by McAfee called Mapping the Mal Web Report Revisited. It tested 9.9 Million websites in 265 domains to find out which ones had a higher risk of exposing visitors to malware, spam, and malicious attacks via a red, yellow, and green system.
Arena Junkies suffers virus attack
Arena Junkies is one of the most reputable online sources for. . .arena junkies. Its posters are numbered predominately among the 2000+ Arena Rated teams, and thus the site serves as a key resource for arena veterans and up-and-comers alike. Arena Junkies hosts dozens of forums, macros, strategies, and example Arena-centric Talent builds. Arena Junkies is also an official part of the Blizzard Fan Site Program. Oh, and they've got their own T-Shirts.Which is why it can be so troubling to see they've been attacked by one of Vaneras's malicious "eVillains." The eVillain posted a "malicious applet" in their Interface forums, planting a virus which apparently spread to the hosting server itself. Naxos warns forum-goers that if any Junkie clicked on the link responsible for the attack, he or she should be careful that their system isn't under any danger. With the rising number of keyloggers and account theft, that kind of precaution is starting to get common for even the most casual WoW player.Naxos definitely seems to have a handle on the problem, though. Arena Junkies reverted to its last-saved backup, from very early that morning, and now Arena Junkies is back to running smoothly. According to Naxos, the virus itself was a variation of the i-worm/stration virus. Links to the virus have, understandably, been removed. It's unclear whether this attack was an attack of opportunity, or if someone has it out for the Arena Junkies. As Bio puts it: "He prob sucks at the arena."
How misspelling might get you keylogged
There have been a lot of scares recently about AddOns having keyloggers in them. For the most part, it turned out to be ads on the sites that were the problem. And now we have the Fraps scare. Unfortunately, no one is immune and it's best to be as careful as possible. Recently, I came across another particularly sneaky way you could get keylogged.I don't use many AddOns when I play. Cartographer, Auctioneer and Gatherer are pretty much it. I've tried tarting my UI up with some of the fancier mods, but I always come back to my minimalist setup. Because I don't use many, I don't have to upgrade very often and I always neglect to bookmark the appropriate download sites. I'm also a believer in convenience, so I make full use of my Firefox address bar to do my "searches". Firefox will either bring up a Google search for whatever I type in or it will bring up the closest webpage to what I have typed.
WoW Ace Updater ad banners may contain trojans, claim some users
While the Incgamers malware problem is fixed, it looks like there's another malware flare up in the world of addons. The WoW Ace Updater, according to many users, may be passing off a trojan from an ad in the guise of an antivirus program. The program, called Winfixer, pops up in a window and (in some cases automatically) installs malware while claiming your computer is compromised and that you need to buy the full retail version to fix it. It can be detected and removed by Spybot Search and Destroy and Vundofix, and Symantec includes instructions on how to manually remove it here. Wowace.com site owner Kaelten has disabled the ads on WoW Ace Updater completely for now, and is talking to his Ad provider to find out what went wrong and which ads might be causing problems. This isn't the first time a popular WoW site has had trouble with trojans in ads, and unfortunately, it is unlikely to be the last. Kaelten seems to be on top of it, though, so hopefully he'll get to the bottom of these claims. Since the ads are currently disabled, the program itself should already be safe to use. If you're feeling a bit skittish, though, you can check out some of Sean's recommendations for other upgrade programs here. I should note that, being a religious user of WoW Ace Updater myself (I run it at least a good 5 times a week), I just made sure to scan my computer with the aforementioned Spybot Search and Destroy as well as AVG Free Edition. According to those programs, It has a clean bill of health.
