Blizzard is taking your computer security into their own hands

Okay, so as a frequent Customer Service Forum regular, I spend a lot of time watching people come to the forum after their account has been hacked, used to spam gold advertisements, and had all their gear & gold stolen from them. After the fact, it can take days or weeks to get the account back running normal again.

When you get hacked, you still need to try and remove whatever malicious program it was that was stealing your password information in the first place. Failing to re-secure the account always leads to repeat compromises and a lot of frustration.

So, it looks like Blizzard recently started putting temporary suspensions on accounts that try to log in from keylogger infested computers. This seems to frustrate some people, since who likes being locked out of their account? However, even if you have the keylogger, you can still log in if you have an authenticator device. Also, if you pay attention to the warning message that pops up, it looks like you can avoid the suspension even if you have a keylogger, according to Syllas (from one of the comments on the wow.com article). If you get a warning message that you have a trojan/keylogger on your computer, then stop trying to log in and get it removed before you try to log into the game. You don’t have to buy the authenticator, you just need to pay attention to the warning message, stop what you are doing, and run scans on your computer to find the bug.

Also, the same people that are frustrated about the suspensions are also probably the same people who asked Blizzard to reduce the amount of gold selling chat spam. Since most of the gold selling chat spam came from hacked accounts, preventing the account hacking from happening in the first place becomes the only way to reduce that spam. So, in this way, stopping people with keyloggers from being able to type in their account information to get stolen in the first place becomes the only way to reduce spam from hacked accounts.

Reducing account hacking also greatly reduces the stress on their game master staff to provide post-hacking restorations and reduces the stress on account administration dealing with accounts that got permanent bans due to compromises. How does that benefit the customer? Well, with fewer hackings, it means that the customer support staff can deal with your other issues a lot faster (ie. stuck under the world? Accidentally vendored an item? Someone scam you in-game? Have a problem getting the NPCs in your raid instance to load right?).

What Blizzard is trying to avoid is something like this: Sodapop of Nazjatar posts in the customer service forum. His account was hacked and now he has no gear. He wants to know how long it will take to get his stuff back. Game Master Aredek informs Sodapop that the current restoration wait time seems to be about 3 to 5 days. And that’s just one example I found skimming the first page of the customer service forum.

Also, 3 to 5 days is a SHORT wait time to get back your stuff. Back before Authenticators came out, the wait time was somewhere between 2 weeks and a month. Right before Burning Crusade came out, they actually had to stop giving restorations, and just sent a “care package” with a couple green quality BOE items and a “sorry” message, because they just got too overwhelmed with the number of people who got hacked and needed gear restorations.

Prevention is always the best solution. Protecting your computer and your account is YOUR responsibility. The fact that Blizzard is trying to make it their responsibility, too, just means that this will be a better playing environment for everyone. They aren’t being greedy, since they make no money off the authenticators directly, and there will always be people whose accounts get hacked that Blizzard’s system won’t be able to detect (things like falling victim to e-mail scams). I got an authenticator shortly after the one time I’ve ever had my account compromised. It was worth the couple dollar investment. They currently have authenticators in stock.

The only frustrating part seems to be where Blizzard’s scanner detects something on your computer that you can’t find. In that case, you may be due for a fresh install of your operating system just to be safe. It would be nice if they gave you the name of the malicious program, but if you think they should implement that, you should be posting in the WoW Suggestions forum about it. ;)

This entry was posted in Uncategorized. Bookmark the permalink. Both comments and trackbacks are currently closed.

3 Comments

  1. MuShU
    Posted September 8, 2009 at 4:31 pm | Permalink

    1. it’s trivial to bypass the WoW “Warden” scanner and I don’t know why trojans/keyloggers/viruses haven’t figured that out yet? I won’t say how just in case :)

    2. the authenticator is a rather poor example of security, as anyone knowledgeable of such things understands that “security by obscurity is no security”. There is no way Blizz can sell satelite fobs at this price that have a receiver inside. Thus (without having taken one apart) I assume it is a RNG with a hash based on some aspect of your account info plus the fob unique serial#. This is why you had to log in to their website and attach that fob to your account. Thus their server would know which hash to use and would come up with the same RNG when you log in to play. This means it is a static algorithm, and being a Turing machine, can be reverse-engineered (or hacked).

    3. it will be a never-ending game of cat-n-mouse for Blizz to attempt to keep updating Warden to detect the latest “Zer0-dAy” exploits and the bad guys will always have the upper hand. Unless they invest tons in implementing a heuristic detection method that ascertains what a particular chunk of software code is actually going to DO, the best direction to go is to “whitelist” the types of known good code and allow the user to block or allow any unknown code. This again puts the onus squarely in the hands of the platyer…which, as we know, is a “lolwut?” moment since “fail n00b is fail.”

  2. Lissanna
    Posted September 8, 2009 at 4:44 pm | Permalink

    The authenticators they use are the same types that get sold to banks and such for security. Blizzard sells the keyring version basically at a loss, since it saves them money in the long run compared to the man hours it takes to recover compromised accounts. Hackers aren’t going to be able to devote the amount of time needed to bypass an authenticator, and those type of people are just more likely to move onto easier pray (ie. an account without one).

    http://www.vasco.com/

  3. Posted March 16, 2010 at 3:08 am | Permalink

    played starcraft for 8 years and no cd key while all those wow players are already playing?!!