![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Everybody hax, sometimes
Feb. 27th, 2009 08:31 amToday (yesterday?) I got to be like everybody else--my WoW account was hacked into. Got called about 3:15am by Aaron, to say Akseru was online and not responding to anyone talking to him (time and that being how they knew it wasn't me). Then they hit two alts, as well as an unguilded bank alt the Nightmare Walking people couldn't see. I was able to use James' laptop and pc to get my password rechanged and log in to boot the hacker offline. Contacted ingame support, and they started the process to hopefully restore what was taken/sold (including quite a lot of game gold, materials, consumables : / ), and have been running scans on my computer since--Macscan, then Avast.
I know of good scanner programs for finding viruses/malware/spyware/trojans/keyloggers, but all the ones I know of are PC only, so been having to do some websearching, using stuff that James, Aaron, and I have come up with. So far Macscan found nothing but 97 'tracker cookies', but Avast is showing 5 viruses. Don't look like keylogger sorts, but it's not done yet. Then I'll see what I can find at another site I was recommended. Hoping some Mac users in my guild and James' (couple in each) might have some advice.
Several dumb things about it, from the I Am So Stupid files: I've known that someone's been trying to compromise my account. I've been getting the auto emails from Blizzard saying that password retrieval has been requested. It means someone's been *trying*. Add to this that yesterday am I logged in to check my bank toon okay, but a couple hours later my password wouldn't work. At all. How I handled this was *extremely* stupid--I rechanged my password...on my own computer. Meaning that if it is a keylogger, they had the new one just as easily as the old. Then after, I didn't start scouring for malware or anything WHY NOT OMG. I don't know. What was I thinking? So naturally it happened again.
I should have had a scanning regimen all along. The "I have a Mac" defense really doesn't fly anymore--especially when hackers focused on WoW know it's both Mac and PC. I should have changed the pw on James' computer if I thought mine was compromised. The moment I suspected something I should have started scanning and whatnot then. I should have changed my pw, which I'd been using forever, long before this. I should have bought the special authenticator gadget they've been offering since hax have started becoming so frequent.
I'm just lucky Aaron and other guild people were online, and that he had my phone number. I'm lucky that he and another guild buddy just dropped *everything* that they were doing in game to find my toon and keep sending the person invites and trade requests (which cause ingame pop up windows) to harass them and slow them down. Lot of hacking cases end with people logging in to totally empty banks and naked toons. I've got my gear, and should be able to have things restored or rolled back to before-hack. And I'm lucky there're multiple computers in the house so I could try to fix things quick from an uncompromised one.
The weird bit though, that concerns us since even clearing out malware and keyloggers won't help--I'd received alerts that someone was trying to access my password recently. When *I* changed my password both times, I got email saying that the password had been changed. The two times the hacker somehow changed my password...no email either time. No alert. They changed it, my email address never was altered, but I didn't get any notification. But I did when *I* then rechanged it. What the hell. I've made sure that was part of my report to Blizz, but still, what the hell.
Anyway, long story short: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF. And that's at myself just as much as at the hacker.
I know of good scanner programs for finding viruses/malware/spyware/trojans/keyloggers, but all the ones I know of are PC only, so been having to do some websearching, using stuff that James, Aaron, and I have come up with. So far Macscan found nothing but 97 'tracker cookies', but Avast is showing 5 viruses. Don't look like keylogger sorts, but it's not done yet. Then I'll see what I can find at another site I was recommended. Hoping some Mac users in my guild and James' (couple in each) might have some advice.
Several dumb things about it, from the I Am So Stupid files: I've known that someone's been trying to compromise my account. I've been getting the auto emails from Blizzard saying that password retrieval has been requested. It means someone's been *trying*. Add to this that yesterday am I logged in to check my bank toon okay, but a couple hours later my password wouldn't work. At all. How I handled this was *extremely* stupid--I rechanged my password...on my own computer. Meaning that if it is a keylogger, they had the new one just as easily as the old. Then after, I didn't start scouring for malware or anything WHY NOT OMG. I don't know. What was I thinking? So naturally it happened again.
I should have had a scanning regimen all along. The "I have a Mac" defense really doesn't fly anymore--especially when hackers focused on WoW know it's both Mac and PC. I should have changed the pw on James' computer if I thought mine was compromised. The moment I suspected something I should have started scanning and whatnot then. I should have changed my pw, which I'd been using forever, long before this. I should have bought the special authenticator gadget they've been offering since hax have started becoming so frequent.
I'm just lucky Aaron and other guild people were online, and that he had my phone number. I'm lucky that he and another guild buddy just dropped *everything* that they were doing in game to find my toon and keep sending the person invites and trade requests (which cause ingame pop up windows) to harass them and slow them down. Lot of hacking cases end with people logging in to totally empty banks and naked toons. I've got my gear, and should be able to have things restored or rolled back to before-hack. And I'm lucky there're multiple computers in the house so I could try to fix things quick from an uncompromised one.
The weird bit though, that concerns us since even clearing out malware and keyloggers won't help--I'd received alerts that someone was trying to access my password recently. When *I* changed my password both times, I got email saying that the password had been changed. The two times the hacker somehow changed my password...no email either time. No alert. They changed it, my email address never was altered, but I didn't get any notification. But I did when *I* then rechanged it. What the hell. I've made sure that was part of my report to Blizz, but still, what the hell.
Anyway, long story short: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF. And that's at myself just as much as at the hacker.
