A few days ago, my wife logged in to World Of Warcraft only to find that all of her characters had been pretty much stripped of everything. Her username isn't related to any of her mail or social media accounts, and her passwords are unique between all her various accounts. Her WoW password wasn't easy to guess by a long shot, and complex enough that I doubt it was brute forced.
Her system is up to date and protected with MSE, so I weeded through the various places that services can be stealthily launched from and found nothing suspicious. We then tried scanning with several other free tools such as MalwareBytes, Sophos Anti-Rootkit and others.
No sooner does she complain on the forums, she begins getting a massive influx of scam phishing. Most of these have forged mail headers, but originate from china or the UK and link to sites hosted in all the usual (shady) places. The email address she uses isn't published anywhere, at least in relation to World of Warcraft. Blizzard and Battle.Net are the only places that know that email address.
Blizzard's "official" way to help you secure your WoW account? Selling you a one-time-password keyfob along the lines of a SecurID, shown above. Given the fact that WoW is one of the least-sensitive accounts she logs into and that no other breaches have occurred, I'm kind of doubting that she was hit with something as sinister as a keystroke logger. What's more, is that looking at forum activity, it really does appear that there are a lot of these compromises taking place, and it really seems that WoW is often the only thing being compromised in these attacks.
I'm not one for elaborate conspiracy theories, but this whole thing stinks like a shill to sell keyfobs.
Posts
