dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
21654
share rss forum feed view:
normal


Mike
Premium,Mod
join:2000-09-17
Pittsburgh, PA
kudos:1
Reviews:
·Verizon FiOS

3 edits

2 recommendations

Ok so you got hacked / prevention

Ok so logged in and your character is naked on another server and you have no golds or there is a random authenticator on there. If the guy who stole your crap is a jerk you probably have no hearthstone and you're falling indefinitely. It's not the end of the world.

Here is the official Blizzard too long didn't read version on what to do: »us.blizzard.com/support/article.···Id=30796

--

Anyhow there are two parts.

1. Clean your machine
2. Get your account back.

--

Part 1:

Clean your Windows box.

If you're not feeling up to playing around with things, the site has a security cleanup forum. It's a very systematic process and they tend to rage out if you don't follow the first post procedures list. They're good people.

Or if you want to try it yourself, you could try to download malwarebytes; »www.malwarebytes.org
(directish link: »www.malwarebytes.org/mbam-download.php ), update the defs from the installer.
You can run the installer, then download the definitions manually. (direct link: »mbam.malwarebytes.org/database/m···ules.exe )

If something kills the process or the internal update is hosed, try it from safe mode w/ networking. If that doesn't work, put it on a pen drive from a clean machine or whatnot.

As a rule I generally disable system restore (it's useless really) and check scheduled tasks because things can hide there or are on a schedule to download again. I deal with a lot of windows malware on a daily basis.

If it finds a rootkit called TDSS, run this fellow; »support.kaspersky.com/viruses/so···08280684 - TDSSKiller. MBAM and most AVs can't touch it. Thank Kaspersky for this tool.

If that finds stuff, you reboot, and internets explorer isn't working (white screen) Tools -> Internet Options -> Connections -> LAN Settings -> disable all that non-sense. Sometimes if you're owned good you will get redirects. Also.. why are you using internet explorer? I have lost so much respect for that browser I don't even capitalize it's name anymore. More on that later.

I'd also follow up with in-browser scans. ESET NOD32 online scan: (works with firefox + msie)
»www.eset.com/onlinescan

and for the fun of it let's say bit defender online scan:
»www.bitdefender.com/scanner/online/free.html

There are other ones out there as well.

---

Step 2:
Get your account back.

You'll need to remove that authenticator that was placed on there. Meaning you'll have to wait on hold like an hour for Blizzard Billing. You'll need to have your Vanilla CD key (it's on the game manual. seriously, you'll need this) and know your secret question stuff.

Also - if you have no idea where your key is, you can get it recovered;
»us.blizzard.com/support/article.···Id=24683

Here is Blizzard's statement about everything from their site, tl;dr version;
»us.blizzard.com/support/article.···Id=20606

- Quick version;

Phone Support

Live Billing and Account Services representatives are available to assist you with your questions and concerns.

Hours: 7AM – 8PM Pacific Time, 7-Day Support

Canada 1-800-592-5499
United States 1-800-592-5499

We have also provided the following numbers for our international customers:

Argentina 0800-333-0778
Australia 1-800-041-378
Chile 1230-020-5554
Mexico 001-888-578-7628

-

You should change your password too.

»us.battle.net/account/support/lo···ort.html

Once you get in you'll then have to GM ticket it to get your crap restore which might take an eternity.

----

To minimize your risk of getting owned again... get an authenticator. This generates a very temporary random pin number you have to enter in when you log in. When you use an authenticator and get your password stolen, the worst than can happen is someone uses your account to spam the wow forums. That place is a cess pool of idiocy so who cares. Everything else (blizzard games & account management) need the authenticator key. More or less GET AN AUTHENTICATOR IN SOME FORM. This will save you a TON of trouble.

If you have an iPhone or iPod touch, you can download the Authenticator app for free from the App Store.

---
Prevention:

(This is where I get biased.... this statement can cause some serious nerd rage)

Get a real anti-virus. I'm sure the 840 years of free McAfee and Norton from your ISP is the best thing ever. Unfortunately they suck. Sorry. I don't care.
They suck.

I would recommend NOD32 Anti-Virus (the more expensive security suite whatever is not worth a lot more $ for a firewall) or Avira Premium (not that awful avira free non-sense). You can google a discount code for either one. I randomly found this deal for NOD32;

»www.softwarediscountcodes.com/es···d32.html

--

You are probably using Microsoft Internet Explorer. Stop that.
Try Mozilla Firefox or Google Chrome. I prefer Google Chrome - it's faster. Firefox has more useful addons though.
Install the Adblock plus addon/plugin and you're on your way to win city. They have purples.

The misc update your flash;
»get.adobe.com/flashplayer/?promoid=BUIGP

Update your Java Run Time Enviroment (in windows control panel).

If for whatever god forsaken reason you're using Adobe Reader and not FoxIt Reader, make sure those are up to date to.

That should hopefully get you through it. I'll also probably edit this a hundred thousand times too.


Archivis
Your Daddy
Premium
join:2001-11-26
Earth
kudos:19
Good post, Mike.


Helius

join:2009-03-02
Denver, CO
reply to Mike
Good post. I would have to put more emphasis on the buy an authenticator just for that added layer of protection.


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
said by Helius:

Good post. I would have to put more emphasis on the buy an authenticator just for that added layer of protection.

BUY AN AUTHENTICATOR NOW

every second you go without buying one a hacker does mean things to a cat somewhere


cheesyyellow

join:2009-06-04
Poulsbo, WA
said by DarkLogix:

said by Helius:

Good post. I would have to put more emphasis on the buy an authenticator just for that added layer of protection.

BUY AN AUTHENTICATOR NOW

every second you go without buying one a hacker does mean things to a cat somewhere
QFT

The authenticator is the only reason I'm not going through an account restoration right now.


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
said by cheesyyellow:

said by DarkLogix:

said by Helius:

Good post. I would have to put more emphasis on the buy an authenticator just for that added layer of protection.

BUY AN AUTHENTICATOR NOW

every second you go without buying one a hacker does mean things to a cat somewhere
QFT

The authenticator is the only reason I'm not going through an account restoration right now.
just to add more emphasis
BUY AN AUTHENTICATOR NOW
HELP SAVE THE CATS

I use the ipod touch app and have the android app and just to help a friend I bought 2 keychain authenticators so I've already saved 4


Graytooth13

join:2008-07-28
Tomball, TX
reply to Mike
Don't forget that select Blackberry models also have authenticator apps. Check it out before you buy a new Blackberry.

BG5150

join:2008-08-14
New York, NY
reply to Mike
quote:
You are probably using Microsoft Internet Explorer. Stop that.
Try Mozilla Firefox or Google Chrome. I prefer Google Chrome - it's faster. Firefox has more useful addons though.

Personally, I like Safari. Plenty fast.
--
...because beer is mana in real life. -- LockInABox


Archivis
Your Daddy
Premium
join:2001-11-26
Earth
kudos:19

1 recommendation

Nobody cares about macintosh.

BG5150

join:2008-08-14
New York, NY
said by Archivis:

Nobody cares about macintosh.
Safari works on Windoze, as well.

Specs req'd for Windoze boxes:

quote:
Windows Requirements

* Any PC running Windows XP SP2 or Windows Vista or Windows 7
* 500-MHz Pentium-class processor or better
* 256MB of RAM
* Top Sites and Cover Flow require a compatible DirectX 9.0 video card with 64MB of video RAM.
--
...because beer is mana in real life. -- LockInABox


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
if your using windows and you don't like IE then opera is a much better choice

(as of the last time I checked) its still the fastest browser


Archivis
Your Daddy
Premium
join:2001-11-26
Earth
kudos:19
Chrome is the fastest.


Adalicia
Om Nom Nom

join:2009-10-13
Lincoln, NE
kudos:13
Chrome is indeed faster but there is something magical about running Firefox with No Scripts and every other useful little add-on and plug-in that makes me smile.

Also, no self respecting person on a Windows rig is going to run fucking Safari.
--
Lore Nerd. Role Player. Raid Leader. Discipline Priest. Slightly Annoying. Also Likes Kittens.


Winter

@rr.com
reply to Mike
I got hacked also and I thought it could never happen to me.
I'm still not sure how it happened.

In any case, I found a really good article about preventing getting your wow hacked in the first place.

»www.wowbizspy.com/how-to-avoid-g···t-hacked

Twamsack

join:2010-03-17
Fullerton, CA
I got a question about my old roommate. She called me in a panic saying that her email and password will not work to log into wow. I bought her an authenticator a couple months before Blizzcon '09. So i tell her to call blizzard CS. An hour later, when she finally got through to a rep, they checked her account and told her that all the hacker was able to do was to change her email & password, but because she had the authenticator, nothing was accessed in-game. I'm just curious how they were able to do anything without that authenticator. Don't you have to log-in to battle.net with your authenticator to change your account information?


saillaw
Premium
join:2007-05-08
Dismay
kudos:2
I suppose if the have a key logger, they see the authenticator code she is using, immediately log in using that code and then change the email address? They wouldnt have the next code needed to log back in with the new address, but if they got near instant key logging I guess they could pull this off?


Goggles

@81.144.178.x
reply to Mike
I feel like Blizzard is just making money out of stuff they should give out to us before we bought the game. They are basically saying: Get the game and BUY the aunthenticator otherwise you will lose everything in the game.

So paying for a game, then paying for an additional authenticator seems very cheesy of Blizz to do. (something apple does with their iphone specific chargers, most sony cells, with their specific chargers and headphones)

I think Blizz should give out authenticators with the cata disc, or to anyone new buying the game for the first time.


Snakeoil
Ignore Button. The coward's feature.
Premium
join:2000-08-05
Mentor, OH
kudos:1
reply to Mike
I had my account hacked a few months ago. I was lucky due to the fact the hacker gave my dk a few maxed out trade skills and a fair amount of gold. Nothing was stripped.
Back when I played Ultima Online, the gm's wouldn't restore anything, if your account was hacked. Blizzard is so much better about this. I did clean my pc, found a few things per the clean up link. Now me and my kids have our own authenticators. Sad thing is, my old email account is getting spammed hard by would be wow hackers.

Another thing you should do if wow account is hacked is change email accounts. Then ignore anything from blizzard on the old email account.
--
Care Bear This: If anything I say offends you, then you have a problem. As I am a stranger to you, so my words should have zero emotional impact on you. If they do, please seek help from Dr. Phil.


saillaw
Premium
join:2007-05-08
Dismay
kudos:2
reply to Goggles
The Authenticators for Iphone and Blackberry are free... the phones of course are not free.


pastorbill

@shawcable.net
reply to Mike
as a follow up, i have done and would recommend to all players...
when u get an ingame whisper on free stuff or your account is about to be shut down and it directs you to a website, a simple WHOIS query of that site will probably tell you that its registered to some site/isp in china. but please dont stop there. for an extra 15 - 30 min of your time, you can find out if there is a isp outside of china that they are using as well. send a comment to their abuse dept stating this is a phishing site AND that you will follow up with IC3 ( internet crime complaint center). make sure you do the follow up. i have done this on 2 different occasions to find that the offending site (which in both cases was PAID for 1 years worth of domain name registration) to be shut down/offline within a few hours. The GM's and whatever else blizzard does to combat these people is ineffective/nonexistent, so lets help them out as much as possible.
Pastorbill - burning legioin(us)
Expand your moderator at work


Helius

join:2009-03-02
Denver, CO
reply to Mike

Re: Ok so you got hacked / prevention

I honestly feel that Blizzard should make it so that everybody has to get an authenticator. If you get hacked and you did not have an authenticator attached to your account then they cannot return your items. imho
--
Bite my shiny metal ass!!


Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN
reply to Mike
I have to add, change the password of the e-mail account used for WoW. Preferable to something different than your WoW account. I highly recommend LastPass, it is available in both free and paid versions. It makes it easy to have different complex passwords for all web sites.

While on vacation I accessed my WoW account and it was disabled since I was using it in a very different place. I was informed that an e-mail had been sent to me with instructions to change my password. One would assume that a hacker would come up against the same issue and they would need access to your e-mail account to complete the hack.
--
When will the people realize that with DRM they aren't purchasing anything?
Expand your moderator at work

BG5150

join:2008-08-14
New York, NY
reply to Mike

Re: Ok so you got hacked / prevention

Just got a "smart" phone. Free app! Yay!

Still not gonna use it.


Krisnatharok
Caveat Emptor
Premium
join:2009-02-11
Earth Orbit
kudos:12
said by BG5150:

Just got a "smart" phone. Free app! Yay!

Still not gonna use it.

Not use an authenticator? Lol.

BG5150

join:2008-08-14
New York, NY
said by Krisnatharok:

Not use an authenticator? Lol.

Nope. My motto: don't do stupid shit, don't get hacked. Simple.