So it finally happened. After five years, my account was compromised. I know quite a few people want to know the specifics, so here is the story:

Thursday morning, at 6:00 AM server, Standswafist called me. When I answered, she informed me that someone was logging in and out of my account on both Radd and Zely.

I rushed down to the ManCave® and logged in. Sure enough, Radd was half naked and carrying a whopping 23 silver. Almost immediately after, I was booted off. The thief took the time to change my password, effectively locking me out while he ransacked both my 80s, as well as the gbank.

The good news is – due to the diligence of Standswafist, Vhoki and Perfectkill – the hijacker was stopped mid-stride by GMs before the deal was completely done.

The bad news is Radd and Zely are both out of instancing and raiding until their gear and bank contents can be restored.

I have spoken at great length with the GM Zarrgol in regards to restoration. I have been assured that, in addition to my gear, all the gbank items will be restored.

So how did this happen? More after the break.

I’ve never bought gold. I’ve never opened an untrusted website with WoW running. That left everyone’s first guess (including mine) of a keylogger. Even though there are exactly zero reported instances of weaponized Macintosh keyloggers in the wild, I still ran a thorough check on my computer and it came back clean.

Next, I asked Edscssorhnds to check his machine, since he had logged in one time as me in an attempt to score the Skyshattered achievement. He machine came back spotless, as well.

Considering I run on a ridiculously secure network, that only leaves one option: battle.net isn’t nearly as secure as Blizzard would like us to think. To this end, I have purchased myself a Blizzard Authenticator and recommend everyone else does, as well.

Am I happy about being forced to spend $6.50? No. But I know I would be a lot unhappier if my account was jacked again.

Join the forum discussion on this post - (5) Posts