Sign in with
Sign up | Sign in

Blizzard: WoW Seeing Unusual Rise in Unauthorized Logins

By - Source: Blizzard | B 24 comments

Blizzard has disabled access to the Auction House via the Mobile Armory app.

Blizzard warned World of Warcraft subscribers on Monday that there has been a recent increase in unauthorized account logins via the website and mobile armory app. The company is currently in the process of notifying any account holders who were not using a Blizzard Authenticator and whose account showed signs of unauthorized access. Affected subscribers should expect an email soon describing how to reset their account.

"As a result of these activities, access to the World of Warcraft auction house via the mobile app has been taken off-line temporarily," the company said. "Upon request, our customer support team will restore in-game items and gold for any accounts impacted."

Blizzard's notice appeared after a number of World of Warcraft subscribers said on June 22 that the Mobile Armory had been used to fraudulently spend large amounts of their gold on extremely overpriced white-quality items on the auction house -- a way to launder gold to the posting player. The reports stemmed from both the United States and Europe, with players losing hundreds of thousands of gold. Many of these players even have Blizzard Authenticators attached to their accounts.

"This just happened to my account tonight, while I was logged in. I felt my phone vibrate so I took it out to see what it was, somehow, magically my Mobile Armory app had been opened and as I tried to swap toons on my wow account, it prevented me from logging in because my mobile armory was logging in," said one player. "In the time it took me to manually log off the mobile armory, someone had purchased Simple Wood from the AH using the mobile armory, taking me for all my gold."

"It's the mobile armory app on your smart phone. Seems they were all targeted in the night. I work graveyard shift and managed to see it happen," admitted another.

Naturally, Blizzard suggests that subscribers change their passwords periodically, and use the two-step authentication process to protect their account (SMS or Authenticator). To better protect themselves, customers are encouraged to read the company's security tips which are outlined here.

Discuss
Ask a Category Expert

Create a new thread in the News comments forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
  • 0 Hide
    dgingeri , June 28, 2013 9:09 AM
    Well, if they do this to me, they'll be quite disappointed about the amount of gold they can get from me. I don't think I have a single character with more than 300g, but I have 9 alts at 85 or higher. I guess I'm just too much of a compulsive spender.
  • 0 Hide
    unoriginal1 , June 28, 2013 9:24 AM
    It's because of WoW's retarded security... If you login from ANY unrecognized network. BAM! Instant Unauthorized this or that and you have to change pw etc. You won't get "hacked" (i hate that term cause it's not hacking) IF you don't share your PW, and aren't stupid about what you open / install on your pc. The best Security is a smart user I have no pity for morons.
  • 0 Hide
    wysir , June 28, 2013 9:36 AM
    I blame Blizzard's lack of security. I was hacked back in the day and I never gave out my PW, nor did I associate my PW with anything else "WoW" related. Either they let add-ons run code to steal account info, or they are straight up getting their DB hacked/leaked and don't have a clue.
  • Display all 24 comments.
  • 0 Hide
    surphninja , June 28, 2013 9:55 AM
    This is an ongoing issue with Blizzard's security. A few years back, I got an email that my account had been disabled for using some hack to do with gold. At the time, I had not logged into or been subscribed to WoW for at least two years. When I called Blizzard's support to get the problem cleared up, they insisted that I had either given my password to someone or that a keylogger had captured it. When I asked to speak to a supervisor, told them that it had to be a security breach on their end, since I hadn't even had WoW installed on my pc for years and I never gave out this password (which was unique) to anyone, they still refused to accept responsibility or look into the matter.
  • 0 Hide
    d_kuhn , June 28, 2013 9:55 AM
    Seems like it'd be easy enough to spank the player receiving the gold and discourage this activity. It's also easy to detect, just scan the ah for items posted, bought, or sold for far greater then their average selling price and you put a stop to this sort of thing.
  • 0 Hide
    unoriginal1 , June 28, 2013 10:03 AM
    I don't mean to be a jerk... But it is highly unlikely that WoW's database was compromised.. and even if it was. They would not single out 1 account and use it to go take all your gold etc.

    The issue most likely remains with the user. Whether it was a nasty add on installed that carried a friend with it, a cheat that carried a nasty friend with it or as described above you "trusted" your best online friend. "Ohhh it couldn't be little Timmy we knew each other for years" If I had a dollar for every time I heard this...

    Ive played games online for over 15 years and never once have I had a security issue or an account hacked. I played KO when it was Hot and had over 10K worth of items... Never once was it compromised. When I quit I sold all my gear and profited quit nicely. I know we are all IT experts and want to put the blame on someone else..... Just my two cents.
  • 0 Hide
    hfitch , June 28, 2013 10:13 AM
    The whole issue is not Blizzrd itself. Hackers have two methods now of getting through your authenticator. A friend of mine who has hacked it himself showed me how it works. A malware that targets iphones and android keylogs your phone. They grab the password. Then they remotely log onto your phone use the password you typed and since you have authenticator on the phone it auto paste the current numbers. Hackers can also use this your apps and have the code from authentication sent to them remotely.
  • 0 Hide
    unoriginal1 , June 28, 2013 10:22 AM
    Quote:
    The whole issue is not Blizzrd itself. Hackers have two methods now of getting through your authenticator. A friend of mine who has hacked it himself showed me how it works. A malware that targets iphones and android keylogs your phone. They grab the password. Then they remotely log onto your phone use the password you typed and since you have authenticator on the phone it auto paste the current numbers. Hackers can also use this your apps and have the code from authentication sent to them remotely.


    +1
  • 0 Hide
    nforce4max , June 28, 2013 10:41 AM
    Yikes even private servers have better security than this, Blizzard really doesn't protect it's customers and they have exposed their systems to hackers with all these apps. Got between 10-15 million gold between my chars and accounts.
  • 0 Hide
    ANevers , June 28, 2013 11:25 AM
    It's up to the users to safeguard their account, not Blizzard. If you are hacked it is YOUR FAULT. I see a lot of ignorant posters here laying the blame (Wrongly) at Blizzards feet for instances where their character was hacked.
  • 0 Hide
    wildkitten , June 28, 2013 11:54 AM
    Quote:
    The whole issue is not Blizzrd itself. Hackers have two methods now of getting through your authenticator. A friend of mine who has hacked it himself showed me how it works. A malware that targets iphones and android keylogs your phone. They grab the password. Then they remotely log onto your phone use the password you typed and since you have authenticator on the phone it auto paste the current numbers. Hackers can also use this your apps and have the code from authentication sent to them remotely.

    This very much so. People think the smartphone authenticators are as effective, and safe, as the dongle and that is simply not true at all.

  • 0 Hide
    wildkitten , June 28, 2013 11:58 AM
    Quote:
    It's up to the users to safeguard their account, not Blizzard. If you are hacked it is YOUR FAULT. I see a lot of ignorant posters here laying the blame (Wrongly) at Blizzards feet for instances where their character was hacked.


    In 99% of situations yes, but for years Blizzard has failed to do anything about those hacking accounts from China who use proxys that can be filtered out of Blizzard did just a bit better with security.

    I also remember when they added ads to their forums (forums btw only paying customers could post to so there was never any legitimate reason to put ads on it), the ad company they used actually put gold selling ads on the official Blizzard forums, and these pushed malware to the end user. Many people had their accounts broken into because of this, and all they did was go to the official blizzard forums. Took days for Blizzard to admit that it happened as well.
  • 0 Hide
    Yuka , June 28, 2013 12:10 PM
    Yeah, they need more subscribers, so it makes perfect sense, lol.

    But no Blizz, I won't go back even if my WoW account is hacked, sorry.

    Cheers!
  • 0 Hide
    kingssman , June 28, 2013 1:14 PM
    Unsubbed from WOW 8 months ago, then just recently 3 months ago some hackers gained my account logins, Used a promotional to re-subb my account for 3 days, and stole all my gold and got my account banned.

    LOL how the heck they gained the login and pass of an unsubbed account is beyond me. I however have the feeling that Blizzard is responsible for the lack of security because hackers are pulling account info off o their servers!
  • 0 Hide
    csbeer , June 28, 2013 1:29 PM
    So it is organized crime perpetrating the hacks/theft? It's not my neighborhood punk ass nerd breaking into my network, but most likely Chinese illegal business entities?
  • 0 Hide
    Grandmastersexsay , June 28, 2013 1:59 PM
    It would be real simple for Blizzard to eliminate the account hacking problem. All they would have to do is restrict all IP addresses originating in China to the Oceanic servers. That would cut down this crap to a mere 1% of what it is now. Having to pay for a proxy server would severely cut into the hackers thin margins.
  • 0 Hide
    maxiim , June 28, 2013 3:09 PM
    A useless ploy to get you to use their stupid account authenticators to get even more of your personal data out of it.
  • 0 Hide
    darknite414 , June 28, 2013 3:55 PM
    Same happened to me i was unsubscribed for a year when I got an email my account was hacked. They used pre-pay cards to re-activate my account. Hard to see how its my fault... The guys on here defending Blizzard must still be playing this outdated game....
  • 0 Hide
    Rahbot , June 28, 2013 4:15 PM
    I think someone in Blizzard is doing this..... I've lost all faith in Blizzard.... I lost an account in which I was a Leader of a guild... what did blizzard do... Give me a new WoW account and not any of my characters, gold, items, guild, nothing but a free WoW account for a now closed account.
  • 0 Hide
    Grandmastersexsay , June 28, 2013 6:16 PM
    Quote:
    Same happened to me i was unsubscribed for a year when I got an email my account was hacked. They used pre-pay cards to re-activate my account. Hard to see how its my fault... The guys on here defending Blizzard must still be playing this outdated game....


    Outdated yes, but 10 years later there still isn't a game that touches it.
Display more comments