Wednesday, April 28, 2010

What am I doing in Icecrown?

Well, this has been an interesting morning.

I login to get my early daily runs in around 5 AM, and I find Quint plummeting to his demise in the middle of Icecrown.

That's strange; I parked him in Undercity yesterday after (finally) completing Uldaman.

Hey, why's his gear score so low?

And where's my off spec stuff?

And where's my gold?

Crapola.

Yes, sometime overnight I was hacked.  Years of paying my bills online, and I've never had a problem.  On WoW for less than a year?  Hacked.  What that says about the popularity of WoW and gold miners is left as an exercise for the student.

I put in a call to Blizz to get my stuff recovered, but in the meantime I've been poking around to find the weak point in my laptop, not the desktop that I play on.  Why the laptop?  Two reasons:  I do all of my WoW related surfing on it (not the desktop), and I've a hunch that the default work settings for such things as Cookies are terrible.

(Update:  Yes, they were.  [expletive deleted] employer settings.  Since corrected.)

Oh, well.  Hopefully they didn't hit the guild bank using my account; that would suck.

10 comments:

  1. That's terrible!

    How much did you lose? Are all of your characters stripped?

    Well... looks like it's time to invest in the authenticator. It's $6 and there's no shipping costs. You can purchase these from the battlenet online store.

    I'd be sure to do a thourough sweep of both your systems. Install spybot and do a scan of both systems and figure out what to kill.

    Also, be sure to change your password on the website.

    I've known quite a few people who this has happened to. I'd love to help build quint back up, or maybe there's a chance to start anew?

    Missy and I sent you some money to fund the faction change and transfer of one of your characters, so keep that in mind.

    ReplyDelete
  2. Yeah, strong password notwithstanding, the authenticator may end up being what's needed. I changed my password when I realized I'd been hacked, but given the innate security of an authenticator (thank you, satellites) it makes sense. I'm still surprised that of all the things that could have been hacked, a virtual game with virtual money would not have been on the top of my list.

    I ran a sweep this morning -I had nothing else to do while I waited- and I found nothing amiss other than the cookies on the work laptop. I'm pretty sure one of the sites I went to while I was figuring out the location of the other half of the staff for Uldaman was the culprit, but I don't know which.

    My suspicion is that I caught them in the act of using the account; it was being used to farm for ore in Icecrown, and while I've logged out mid flight before, this was the first time that when I logged back in I was mountless. I guess they didn't think I'd be on at 5 AM....

    The strange thing is that they only sold the trinket (Needle Encrusted Scorpion) and the weapon (the axe you get in PoS) of my current gear, but everything else I had around in my bags for my Holy Spec and my general questing (food, drink, etc.) was wiped out. I checked the other accounts, and my bank alt was cleaned out too.

    I'm first going to see what Blizz says; given that they back stuff up regularly, they ought to be able to restore an account as needed. My main concern is if they hit the GDL bank hunting for stuff to sell for gold. Luckily I'm still at the bottom of the pecking order, so that will hopefully protect most of their stuff.

    ReplyDelete
  3. Any more updates?

    I think you need to come to Ysera server and roll up an alliance something with me so we can level up together.

    ReplyDelete
  4. Nothing yet.

    I logged back in to check a few things:

    -Frost and Triumph were cleaned out; I was probably a week or two away from getting enough Frost badges to get two pieces at once for the 2-piece bonus. (one piece alone wasn't that much of a boost, so I figured I'd wait and see what dropped from HoR in the meantime.)

    -I didn't have any real access to the guild bank, which was good. (One advantage of being on the low end of the totem.) The bank logs showed that my account didn't do anything strange.

    -My own bank, however, was cleaned out of anything of worth.

    ReplyDelete
  5. Aw Redbeard. I'm so sorry, that's terrible. I hope they're able to restore your things to you in a timely manner. :(

    ReplyDelete
  6. I hope so too, Vid. From the information on the official site, it sounds like the bulk of time would be spent doing some forensics to see when and where it was hacked, and from what IP. This might take a while, like upwards of a week, so I might as well get settled in to wait.

    You know, the thing that irks me the most is that WoW is, at heart, a virtual game. This material only becomes valuable when people are willing to pay real money for the stuff I had in-game. No pay, no market.

    Well, there's another thing I'm irked about, and that's personal pride. I work in IT Security, so on a certain level I take this personally. (I'm also pissed that the laptop provided me for work was the culprit, because of all things you'd expect the work laptop of an IT Security person to be more secure than his home PC.)

    ReplyDelete
  7. I'm so sorry to hear that. I've been hacked so I know how horrid it feels. I went in and screen-captured all the new sellers entering the Disenchanting market on the AH, selling pages and pages of stacks of dust and cosmic essence... all conveniently missing from my own bank.

    (At the time I was playing the DE mats market on the AH - that's a lot of raw materials).

    In hindsight I wonder how much the server economy is inflated by hacking, selling hacked materials on the AH, only to have Blizzard "restore" duplicate items back to the original owner. Ah well, a topic for another day.

    You will get it all back. I promise. If you're lucky they will use your toon to create wealth, and then Blizzard will give that to you too.

    ReplyDelete
  8. How long did it take to get anything out of Blizz? I haven't heard anything yet -and I've both checked the Armory and logged in a few times to see if stuff is back yet- and I'm getting tempted to contact them again.

    ReplyDelete
  9. I know I'm late commenting - I'm very sorry to see this happened. And also that you haven't heard anything from Blizz yet on the matter - how frustrating.

    I hope that things get sorted out smoothly and quickly and that you can get back as much as possible.

    ReplyDelete
  10. Oh, given the length of time it's taking Blizz to get me restored, you're not that late. ;-)

    Thanks for the words of support, Anea.

    ReplyDelete