Monday night, a good friend and guild officer, Shiatra/Nya, had his account hijacked by a person using a keylogger virus that had been piggybacked to a mod he downloaded. He did not notice because it used a DLL file instead of a .exe.

He noticed his account had been compromised when he tried to get on the game and could not, then he received a message stating his password had been changed. This happened around 10:00pm EST and when he tried to call all the numbers listed on the WoW website and the email, all said, “Please call during business hours from 8 to 5 Pacific Standard time, Monday through Friday.”

He got on vent and told us what was happening. 5 guild members opened complaint tickets begging a GM to respond as soon as possible. We could all see the thief wandering around Stormwind on our friend's character.

Then an officer asked, “What about the Guild bank?”

I had horrible sinking feeling. Shia is an officer in our guild, with corresponding guild bank rights. Three of us rushed to the bank and saw that most of our items from our first tab had been removed. Denials flooded vent, we checked the log and sure enough the bastard had removed over a hundred items an hour before. I rushed to demote his characters and to edit my open ticket.

All of us watched, impotent, frozen in horror as he tried on Nya to take more from the bank. We all sent, nasty, unanswered tells to him. Watching as he laughed openly and logged in on Shiatra.

This time he stripped her down.

We assume the gear was vendered.

An hour passed. Nothing. No GM. Shia had 10,000k gold on that account. It is all gone now, we say. Quiet. Hurt. Enraged. Two hours passed. We tracked him down in Stormwind again. This time he spend time running from the bank to the AH, placing primals, meta gems, imbued netherweave for sale.

Two and ½ hours later GMs finally responded to three of us that were still awake, I will summarize my conversation, but all three where in the same vein:

/Hello, my name is Elm. How may I assist you today.

/Thank god! Listen my friend’s account has just been stolen. The person also stole a great deal from our guild bank

/Oh I am sorry to hear that.

/Freeze his account. He is begging us to tell you that. He is going to call billing tomorrow, but please freeze it before this person can do more damage.

/Oh I am sorry I can’t do that. Please have him call during business hours or email us at wowgm@somethingsomething.com

/So you are saying if someone’s account is “compromised” on Friday night, they can’t stop the thief until Monday morning?

/If there isn’t anything else I can help you with, please have a nice day.

/…

What I don't understand is how a person can be kicked out of the game for hours for a racial slur, but not when you have multiple reports from a guild’s Guild Master and the majority of the Officers, saying the same account as been, as they coin it, “compromised.”

Ridiculous.

Regardless of the fact that our toons and their objects are made of pixels, they are still worth hard printed cash. You has done a commendable job trying to derail gold farmers from exploiting the game and selling these pixels to other people, and I thank you for that. However, while the farmers have been dissuaded to farm the environment, the new restrictions have made them shift their focus from exploiting the environment to exploiting players and hijacking their accounts.

The feeling of violation is real. The sense of betrayal and vulnerability is real. The money they make off stealing your account is real.

When you credit card gets lost or stolen, you call a number and are able to instantly freeze the account from being used. So why isn't have a real emergency solution in place?

Sorry, but sending emails that won’t be answered until the next business day, or calling the next morning, just doesn’t cut it.

This is what I propose. A kill switch. Blizzard must create a 24/7 hotline for emergencies such as these. A number where only owners of “compromised” accounts may call and have their accounts instantly frozen until the situation can be resolved. Or if not a number, then a secret “kill switch” site, where owners can freeze their accounts themselves. But something must be done.

This event has effect more than just Shiatra, it has affected the whole guild. Having our vitiual property so vulnable to attack is one thing, but not having any way to combat it , [while is it is happening ]beyond inexcusable.

I don't want to quit the game, but the customer service provided to this horrible experience has made me really rethink. Is this really how legitimate players should be treated? I think not.

Please do something now.
Fix it!

Thank you,
Breana
GM of Aculeus Upon Ordeum (Bleeding Hollow)

Your suggestion for a "kill switch" should be posted in the Suggestions Forum. As for the actual post, the GM was simply saying that he couldn't do anything for you. Your friend needs to recover their account here: http://www.worldofwarcraft.com/loginsupport/password.html If he has forgotten the answer to his secret question he should go here: http://us.blizzard.com/support/article.xml?articleId=21470
If it still doesn't work, it's likely his e-mail was changed and needs to call the Billing department (as suggested):

Phone Support

• 1 (800) 592 5499 (1-800-59-BLIZZARD)
  Automated 24 hours
  Live Representative Mon-Fri, 8AM-8PM (PST)

Users located in Australia should please use 1-800-041-378 if they cannot get through with the number above.

It doesn't matter if your friend was hacked Friday or not. Everything can be restored if they are able to investigate the compromise. Good luck.

<me>Hello there nice GM person, my very best friend Breana is having her account stolen right this moment. She is asking to have it frozen right away so no one can steal more of her stuff.
<GM> Gee, thats horrible. let me freeze that right away!
<me> Oh thanks she will be very happy.


Ok, thats what you want right? Now the part no one heard:

<me>mawahahaha... I cant believe he fell for that and froze that account just because I asked...I dont even know Breana.. hahaahaha

GM's will only ever take action at the request of the legitimate account holder.

---

Q u o t e:
<me>Hello there nice GM person, my very best friend Breana is having her account stolen right this moment. She is asking to have it frozen right away so no one can steal more of her stuff.
<GM> Gee, thats horrible. let me freeze that right away!
<me> Oh thanks she will be very happy.


Ok, thats what you want right? Now the part no one heard:

<me>mawahahaha... I cant believe he fell for that and froze that account just because I asked...I dont even know Breana.. hahaahaha

GM's will only ever take action at the request of the legitimate account holder.

---

For the same reason my husband can't call the credit card company and have my non-joint card suspended/cancelled even though he knows all the "secret" info about me.

Yes, i understand what you are saying the online GM. Which is why there should be a hotline you can call when something like this happens. He couldn't get on the game to say, /Hey, you know the account I am taking to you from. Please freeze it. Not having a 24/7 number for something like this is unacceptable.

I will post in the suggestions forum later, thank for the tip.

However there is a 24/7 email address where he can report his hack. I don't even want to imagine the wait times if there actually was a phone number for AA.

The issue here is that what is happened is outright theft (and stolen identity) but Blizzard is not treating this like an ongoing crime. If this happened to things in the real world, you would be able to call the police and file charges, and pursue the case to see the criminals put on trial and imprisoned. Unfortunately this is a relatively newer phenomenon (with the introduction of guild banks wreaking way more havoc than before), and I don't know if Blizzard was prepared to deal with this level of criminal activity within the game.

I realize it's just pixels, but here is where real criminal actviity comes into play: The keyloggers/hackers who takes over an account and steals its assets are most likely organized and doing this "professionally"--and they are probably selling the gold they obtain through gold farming Web sites, in exchange for hard currency. So this IS in the end, all criminal activity.

I praise Blizzard for introducing things like daily quests to help reduce the need for buying gold with real currency, but it appears that this has caused much more nefarious behavior on the part of the gold sellers.

The thing is, I wouldn't be surprised if a lot of this is happening from overseas... I can't even imagine all the various international laws and whatnot that are involved. If these organized campaigns were to steal real goods this would probably go well beyond the FBI's level, if you ask me.

Bottom line, this is probably more rampant than most people imagine, and this has devastating impact not only on the person whose account is hacked, but also on their entire guild since these thieves seem to have figured out how to tap the guild banks.

Honestly, these guys are basically holding up all the banks around town and getting away with it.

---

Q u o t e:
The issue here is that what is happened is outright theft (and stolen identity) but Blizzard is not treating this like an ongoing crime. If this happened to things in the real world, you would be able to call the police and file charges, and pursue the case to see the criminals put on trial and imprisoned. Unfortunately this is a relatively newer phenomenon (with the introduction of guild banks wreaking way more havoc than before), and I don't know if Blizzard was prepared to deal with this level of criminal activity within the game.

I realize it's just pixels, but here is where real criminal actviity comes into play: The keyloggers/hackers who takes over an account and steals its assets are most likely organized and doing this "professionally"--and they are probably selling the gold they obtain through gold farming Web sites, in exchange for hard currency. So this IS in the end, all criminal activity.

I praise Blizzard for introducing things like daily quests to help reduce the need for buying gold with real currency, but it appears that this has caused much more nefarious behavior on the part of the gold sellers.

The thing is, I wouldn't be surprised if a lot of this is happening from overseas... I can't even imagine all the various international laws and whatnot that are involved. If these organized campaigns were to steal real goods this would probably go well beyond the FBI's level, if you ask me.

Bottom line, this is probably more rampant than most people imagine, and this has devastating impact not only on the person whose account is hacked, but also on their entire guild since these thieves seem to have figured out how to tap the guild banks.

Honestly, these guys are basically holding up all the banks around town and getting away with it.

---

It is theft, but since Blizzard owns everything in the game, it is up to them to decide how they want to deal with it. Apparently, this is how they decided. It is their property.

A login name and password does not constitute identity theft. Nothing personally idenitfying is contained in your account that a hacker can access. They can change the existing masked information, but they cant take anything from your account.

The only thing indidivual players have any say in, is the act of keylogging, and any player can report that to the local Computer Crimes division of their local police department.

---

Q u o t e:


This event has effect more than just Shiatra, it has affected the whole guild. Having our vitiual property so vulnable to attack is one thing, but not having any way to combat it , [while is it is happening ]beyond inexcusable.

---

Perhaps you should take some of your anger and frustration and point it toward Shiatra/Nya, who through his own failure to keep his computer secure, set this entire event in motion.

The excuse, "he didn't notice" is what is inexcusable, not Blizzard's failure to freeze account based upon third-party reports that for all they know, could or could not be true.

I think several people are missing the point (especially the insensitive lout who once again wants to blame the victim--how sad is that?): Currently, this can happen, and the account-holder has no immediate recourse to stop it--even though, as in this case, the actions were observed over a rather lengthy period of time.

In the responses here, I'm reading a lot of people throwing up roadblocks and reasons why suggested remedies won't work. In my eyes, you are not part of the solution, you are part of the problem.

Instead, let's work together and bring our collective voices together to tell Blizzard that their current processes are not only not working, they are UNACCEPTABLE.

As a WoW community blogger (http://kestrelsaerie.us) I will be joining fellow bloggers, and calling out to many, many others, in banding together to raise awareness of this issue.

And before anyone starts hollering "mob mentality" this is nothing of the sort: We are more than willing to put faces and names behind our plea for Blizzard to fix this untenable situation.

I also believe, very strongly, Blizzard has a responsibility to actively advise its customer base regarding the potential harm that keyloggers pose (and NOT by telling us "Don't download any add-ons"--that is also irresponsible).

Once again, let's not find reasons to not fix this problem. Let's work together to resolve it.

---

Q u o t e:
I also believe, very strongly, Blizzard has a responsibility to actively advise its customer base regarding the potential harm that keyloggers pose (and NOT by telling us "Don't download any add-ons"--that is also irresponsible).

---

Oh, gosh, yes!

Y'know what would be super? If they'd put sticky posts in the forums about computer security. Or offered restorations for people who were hacked - something that other MMORPGs don't do. Or maybe sending you in-game mail about account security whenever you submit a ticket.

By all means, let's hold Blizzard responsible for something that used to be the player's responsibility! Blizzard = the new INTERNET POLICE!!!1

[quote]I think several people are missing the point (especially the insensitive lout who once again wants to blame the victim--how sad is that?): Currently, this can happen, and the account-holder has no immediate recourse to stop it--even though, as in this case, the actions were observed over a rather lengthy period of time.

I thank you for your understanding. And yes I take full responsibility to what happened. I am not asking for sympathy, just a solution to a large problem that I am not only person this has happened to. The issue is There is no 24 hour LIVE customer support. This is a multi-million dollar company that charges 9 million people 15 dollars a month for a service, is 24/7 LIVE support too much to ask. Again, I do not want sympathy, I would like to point out how unacceptable this is. It seems that most people would rather flame than look at the bigger picture...this can happen to you.

I am very careful as to what I download and from who. And yes this was a .dll file than piggy backed off the wow.exe.

Quote
"Perhaps you should take some of your anger and frustration and point it toward Shiatra/Nya, who through his own failure to keep his computer secure, set this entire event in motion"

I have to giggle when I read this, as hes probably the same person that would say blame the guy that got shot for going to the store.

Anyway, thank you to everyone that sees the bigger picture. I am now waiting for the "investigation" to be finished and hopefully have my chars restored to their pre-hijacked state.

---

Q u o t e:

Oh, gosh, yes!

Y'know what would be super? If they'd put sticky posts in the forums about computer security. Or offered restorations for people who were hacked - something that other MMORPGs don't do. Or maybe sending you in-game mail about account security whenever you submit a ticket.

By all means, let's hold Blizzard responsible for something that used to be the player's responsibility! Blizzard = the new INTERNET POLICE!!!1

---

How are you today Iffy?

---

Q u o t e:
How are you today Iffy?

---

Sarcastic, thanks. :)

I hate it when "we", the CSF regulars, tell a perfectly nice person that it's their fault for not securing their computer. I mean, to some degree, they're obviously somewhat complicit, but do they need it thrown in their face? "It's your fault you were hacked" is like saying "I expect you to be a perfect Internet user at all times, and to know every possible repercussion of every possible action you take", which is really far too high of an expectation for most people.

But just as much as I hate that, I hate the people who insist that it's Blizzard's fault, that Blizzard should do more. People are going to get hacked. People got hacked before Blizzard, people will get hacked after Blizzard. Blaming Blizzard for someone getting hacked is simply idiotic, as is expecting Blizzard to prevent all hacks. Remember those guild sites that got hacked with PHP injections? How is Blizzard responsible for that?

Anyway. Rant off. Good luck, Nya.

Why not just require an e-mail confirmation on a password change? Still wouldn't stop keyloggers from gaining access, but at least they wouldn't be able to lock you out of your account like that.

---

Q u o t e:

Sarcastic, thanks. :)

I hate it when "we", the CSF regulars, tell a perfectly nice person that it's their fault for not securing their computer. I mean, to some degree, they're obviously somewhat complicit, but do they need it thrown in their face? "It's your fault you were hacked" is like saying "I expect you to be a perfect Internet user at all times, and to know every possible repercussion of every possible action you take", which is really far too high of an expectation for most people.

But just as much as I hate that, I hate the people who insist that it's Blizzard's fault, that Blizzard should do more. People are going to get hacked. People got hacked before Blizzard, people will get hacked after Blizzard. Blaming Blizzard for someone getting hacked is simply idiotic, as is expecting Blizzard to prevent all hacks. Remember those guild sites that got hacked with PHP injections? How is Blizzard responsible for that?

Anyway. Rant off. Good luck, Nya.

---

Yeah I agree, which is why I tend to stay out of these unless its just giving the information to help someone get their account back to its good state.

But yes, Good luck Nya. Hope that everything works out well. I had a guild mate who was hacked once. While she didn't get everything back, she got most of it. And all the stories I've seen here about the aftermath have been much the same.

---

Q u o t e:
Why not just require an e-mail confirmation on a password change? Still wouldn't stop keyloggers from gaining access, but at least they wouldn't be able to lock you out of your account like that.

---

Um...they do require an email confirmation. That's why when you have lost access to your old email, you need to call Billing to get it changed.

---

Q u o t e:
Um...they do require an email confirmation. That's why when you have lost access to your old email, you need to call Billing to get it changed.

---

No. :)

---

Q u o t e:
Your password has recently been modified through the Account Management website.

*** If you made this password change, please disregard this notification.

However, if you did NOT make any changes to your password, we recommend you contact Blizzard Billing & Account Services for assistance keeping your account as secure as possible.

Billing & Account Services can be reached at 1-800-59-BLIZZARD (1-800-592-5499 Mon-Fri, 8Am-8PM Pacific Time) or at billing@blizzard.com.

Account security is solely the responsibility of the accountholder. Please be advised that in the event of a compromised account, Blizzard representatives typically must lock the account. In these cases the Account Administration team will require faxed receipt of ID materials before releasing the account for play.

Regards,

The World of Warcraft Support Team
Blizzard Entertainment
http://www.blizzard.com/support/wowindex/

---

There is no confirmation for a password change. There is confirmation for an email change.

---

Q u o t e:

No. :)



There is no confirmation for a password change. There is confirmation for an email change.

---

Blah, sorry got things confused. Too much going on here today :(