Sunday, December 2, 2007

World of Warcraft - Keyloggers Hack Accounts




Keyloggers have become a known threat to World of Warcraft players. Recently I had a fellow guild-mate that kept logging on and off. We thought he was having connectivity issues. The fact is that someone else was playing his account...they kept getting booted every time the other guy logged on, and vice-versa.

Another guild-mate was on his honeymoon when he logged on. He was unresponsive to whispers, and left the guild...which was totally NOT like this guy. Through our guild message forums we learned that his account had been hijacked as well.

Keyloggers are software programs that record your keystrokes, and make it available for a third-party (with malicious intent) to view. That means they can capture your password, and eventually hack into your account.

Both my guildmates were lucky...they got their characters back (although it took a while for the warrior to get his Blacksmithing profession back).

If you play World of Warcraft, and ever browse the internet on the same machine as your game, be aware of the fact that you may have a Keylogger program on your computer.

One of the tactics that hackers use is to post links on popular WoW message forums. If you have certain security features disabled in your browser (or if you use Internet Explorer which is full of security holes), when you click on the link they are able to upload the malware onto your computer. It does it's thing and later transmits the data to them.

What can you do about it?

1. Use Mozilla Firefox browser instead of Internet Explorer. It has less security holes for hackers to punch through and put unwanted software on your computer. It's not 100% guarantee, but it helps.

2. Scan your computer for spyware. Use something like XoftSpySE, which has a free scan program to detect Keyloggers, or AntiSpyware if you have Vista.

3. Use good password-behaviors. These include tips like changing your password from time to time, avoid sequencing passwords (like password01, password02, etc.). And of course, NEVER give out your password.

One last story: I was in a group with one of my guildmates when one of his ALT characters logged on! I asked him if he was two-boxing and he panicked, since he was NOT the one controlling the other character. By the time he logged off and managed to regain control of his toon, the hacker had managed to sell off all of his epics and items and mail all his gold to another account.

Don't let that happen to you! Be safe, check your computer and secure that password from keyloggers that would love to hack your World of Warcraft account.

EDIT: I've gotten a lot of requests to mention spyware that I recommend. I only really recommend using it with your kids to protect them from online predators (explicit chat conversations, emails, etc.). But if you have access to someone's PC, you could install something like IamBigBrother. You need to have access to their computer directly (ie: roommate or something like that), so it's not very practical for malicious hackers. And personally, I don't think you should be stealing your roommate's login, either...that's a good way to end up homeless. :)


1 comment:

Unknown said...

Useful recommendations. But I would like to make a few notes. The most important thing in fighting spyware in general and keyloggers particularly is so called 'active protection'. Many programs offer it but in fact there is only 1 program I know that does it very well - PrivacyKeyboard. As for SpySweeper, Spyware Doctor - they are good for scan but not for active protection. As for XoftSpySE... It is a very poor tool because it cannot deal with simpliest types of spyware that's why for scan you need something like SpySweeper.