This site makes extensive use of JavaScript.
Please
enable JavaScript
in your browser.
Live
PTR
Beta
Classic
Account hacking.
Return to board index
Post by
112742
This post was from a user who has deleted their account.
Post by
236yfpjkjhd
If you've truly been hacked this many times, why haven't you acquired an authenticator yet?
Your post looks more like an advertisement, where you're fishing for someone to buy your account - which might as well be someone else's account that you've simply stolen. Sorry, account selling is not allowed on wowhead, you'll likely get banned now. Buh-bye.
Post by
112742
This post was from a user who has deleted their account.
Post by
hashmel
Keyloggers do get hold of peoples' account info but most often it's just people being "shortsighted" and succumbing to a phishing scheme largely due to "questionable" web browsing...the type of browsing one might do if stuck on a ship of mostly men like yourself? =P
Update your antivirus software and virus definitions regularly and change passwords just as often.
Post by
236yfpjkjhd
There's not been a SINGLE confirmed case of a hacked account that had an authenticator connected to it (where the user themselves did not give up the authenticator code voluntarily to a scammer), so I seriously doubt you actually got hacked despite the authenticator. Sounds to me like you're trying to pull a fast one, buddy. I don't buy it.
Post by
Vlet
And yes I did do the whole authenticator and whatnot.
You had an authenticator on your account, and it was still compromised? Many will find this hard to believe.
Post by
112742
This post was from a user who has deleted their account.
Post by
Naviie
In the OP's defense, it is possible. The auth code, if unused, is still good for a certain amount of time after being generated. If the OP went to a phishing site and put in the auth code, an eager person on the other other end would be waiting to type that into to the WOW client. Once in, the havoc can commence.
The next thing you can deduce is that if someone on your ship would buy it, chances are there is at least one other person playing wow... at least one other person within the vicinity of your authenticator....
Post by
xaratherus
Believe it or not. Im not joking. Otherwise I'd not waste my own time and post this.
The only way that your account could be hacked with an authenticator attached is if someone else physically had access to your authenticator. So if what you're saying is true, you need to check with the people who might have access to your authenticator.
The token itself generates a random character string based on a stored algorithm; those characters are unique to the account, and are only good for about 30 seconds to a minute at most. Without those random characters, you cannot access the connected account.
Someone had access to your token, or someone hacked the authentication server on Blizzard's side (highly unlikely).*
*Or, what I consider more likely, that you're telling tales out of school.
Post by
Strandvaskeren
The only way that your account could be hacked with an authenticator attached is if someone else physically had access to your authenticator.
That is incorrect.
Lets assume that a thief manages to sneak a piece of malware onto your computer. Judging by the number of people that have been tricked into installing keyloggers, having a piece of malicious software on your computer without knowing so is quite common. So you browsed a web page with a nasty script and now your computer has a small malicious program running.
The malicious program changes the hosts file in your windows dir, so that every time your computer tries to connect to any of Blizzards servers, the hosts file feeds your wow or browser the wrong ip number. The hosts file works that way and it's a standard text file, so all the malware needs to do is edit that.
You start your wow game and the game tries to contact blizzards authentication server, but the hosts file claims that the ip numbers for blizzards servers are changed, so the game never actually reach blizzards servers, instead it reaches a server on an ip number of the thiefs choosing.
The thief doesn't bother to try and break the secure algorithm used by blizzard for transmitting your password and authenticator code, he just has his server reply to your game that your password was entered wrong. So you enter your password again, a new authenticator number, it gets encrypted, but the thiefs server still replies "wrong password" and just discards your encrypted package.. The thief is not trying to break the encryption, he just discards your data and say "wrong password, try again".
After a number of failed login tries, you decide to visit battle.net to see if something happened to your account. So far, all you know is for some reason blizzards servers don't acknowledge your password. You have no idea that your login is aimed at a wrong ip and never gets anywhere near blizzards servers.
Anyway, you enter
www.battle.net
in your browser and your browser is told by the hosts file that battle.net has a new ip number. So your browser contacts the thiefs webserver rather than the real battle.net server. Your browser believes it's the right one, so the url is correct too. The thief has made an exact copy of the real battle.net web page, so the address looks real to you and so does the web page. You have no reason to doubt that you hit the right web page.
You enter your email, password and authenticator number to log in to battle.net - only you are entering it on a fake battle.net web page and the data is snatched up by the thief. There is no encryption to deal with as you entered your email, password and authenticator number in clear text on the fake web page.
The thief now has a minute to use your email, password and number for a login on wow and once he's online he can get busy stealing..
Still I think an authenticator is a valuable addition to your wow account, but it isn't bullet proof, so you still need to pay attention to keeping your computer clean.
Post by
TheReal
/applaud Strandvaskeren
Or an account thief could guess your authenticator code. I mean, people
do
hit the lottery.
Post by
Xegony
Its bogus.
Even if the scenario outlined by Strand could happen, it wouldnt. Scammers rely on volume. They dont have the time to individually target people. Why bother making up a site to hack people with authenticators when there are so many others w/o them?
While possible, its slim to none that this happened. Just another troll posted by some dude mad at blizzard for some imagined slight.
Post by
304214
This post was from a user who has deleted their account.
Post by
367590
This post was from a user who has deleted their account.
Post by
278980
This post was from a user who has deleted their account.
Post by
112742
This post was from a user who has deleted their account.
Post by
executorvgk
who is flaming you every post here is giving you information please elaborate
Post by
Xegony
He's just showing his true colors =)
Move along, nothing to see here.
Post by
Miyari
Move along, nothing to see here.
Post Reply
This topic is locked. You cannot post a reply.
© 2021 Fanbyte