World of Warcraft add-on trojan steals account, authenticator info
A Trojan masquerading as a popular add-on for World of Warcraft was responsible for compromising user accounts even with authenticators, Blizzard revealed today.
According to a post on the MMORPG's support forum, a fake version of the Curse Client contained the trojan. The spoofed client appeared on a forged version of Curse's website, which ranked highly on major search engines for the term "curse client."
The hacked Curse Client transmitted account information, passwords, and even authenticator keys to the attackers as part of the login process, but otherwise functioned normally.
Blizzard recommends that users who believe they may have been compromised delete the client and run the latest version of Malwarebytes, then follow the steps listed on its support page.
"For those of you interested in these [man-in-the-middle] style attacks, this is the only confirmed case we've seen in several years outside of the 'Configuring/HIMYM' trojan in early 2012 that hit a handful of accounts," a Blizzard support agent wrote. "These sort of outbreaks are annoying, but an Authenticator still protects your account 99% of the time. Stay safe!"
World of Warcraft had 7.6 million subscribers as of November 2013, making it the most popular subscription based MMO nine years after its launch. Blizzard's Battle.net service was targeted for denial-of-service attacks this week allegedly intended to disrupt a single Twitch streamer.
As a reminder, the only place you should download the Curse Client is from http://www.curse.com/client/ to ensure it is the real client.
Posted:
Related Forum: PC Gaming Forum
Source: http://www.computerandvideogames.com/443860/world-of-warcraft-add-on-trojan-steals-account-authenticator-info/
Related Articles
Comments
DissPosted:
Hopefully those people who downloaded get their accounts back.
I know how dedicated some people are at the game, and it would be a shame for those people to loose their accounts.
I know how dedicated some people are at the game, and it would be a shame for those people to loose their accounts.
codmodshopPosted:
World of Warcraft is a huge online game I hope that no one lost their accounts. I know how frustrating it is. Hope everyone keeps their account.
Latest Downloads
- 01. Goemon's Great Adventure (US / NTSC) - Nintendo 64 Game Save(0)
- 02. The Long Drive: SaveGame (blue VW Beetle)(0)
- 03. Deadly Creatures | Complete Savegame(0)
- 04. Driift Mania | 100% Savegame(0)
- 05. LostWinds: Winter of the Melodias | 100% Savegame(0)
- 06. Lost Winds | 100% Savegame(0)
- 07. Mega Man 10 | Savegame(0)
- 08. Mega Man 9 | Savegame(0)
- 09. LASTFIGHT Secret character unlocked(1)
- 10. PC Horizon Forbidden West Complete Save(12)
- 11. Castlevania: The Adventure ReBirth | 100% Savegame(0)
- 12. ExciteBike World Challenge | Savegame(0)
- 13. World of Goo | 100% Savegame(0)
- 14. La Torre de las Sombras | 100% Savegame(0)
- 15. Beat the Beat: Rhythm Paradise | Savegame(0)
Latest Tutorials
- 01. The Redress Of Mira 100% Walkthrough | Trophy & Achievement(384)
- 02. Russian Pinocchio Quick Trophy Guide(477)
- 03. Venatrix Quick Trophy & Achievement Guide(428)
- 04. Call of the Sea 100% Platinum Walkthrough(596)
- 05. Wire Lips 100% Platinum Walkthrough(532)
- 06. The Expanse 100% Platinum Walkthrough | Trophy & Achievement(504)
- 07. Doctor Who: The Edge of Reality - PS4 Platinum P/Thru(437)
- 08. Doctor Who:The Lonely Assassins - 100% Guide(385)
- 09. DAYMARE 1998 PS4 - Full game 100% TROPHY WALKTHROUGH(364)
- 10. Stray Platinum Walkthrough | Trophy & Achievement Guide(392)
- 11. Raji: An Ancient Epic | Complete Gameplay Walkthrough(496)
- 12. Corpse Killer: 25th Anniversary Edition - Longplay(473)
- 13. Song of Horror: Complete Edition Gameplay Walkthrough(354)
- 14. Remoteness 100% All Trophies Walkthrough(450)
- 15. Detective Inspector Mysterious Clues Platinum Walkthrough(439)
"World of Warcraft add-on trojan steals account, authenticator info" :: Login/Create an Account :: 58 comments