Key-loggers which steal account names and passwords continue to circulate. We remind players to be especially vigilant when being directed to external websites and to update the security on their computers. The following has a bit of information that we have compiled to help ensure your computer is up to date, and secure. We have recently decided to break this long read up into a few smaller posts; making it easier to take in. This also allows us to link to specific portions for a player that may only need to see one segment, and not the whole post.
Table of Contents:
- Introduction to Keylogger Hacks
- Download Security Update
- How to Identify Keylogger Hacks on Your Computer
- Removing Hacks
- Download Free Protection Tool
Introduction
We'd like to make the community aware of scams that involve fake URLs or hyperlinks which, once clicked, will install harmful "key-logging" software, designed to attempt to steal your World of Warcraft account name and password. To aid with this ongoing threat we have put in a new forum link Interceptor system in place on the forums which you will see when trying visit a page that is not part of a Blizzard website or when the site is known to be of a high risk.
These hyperlink scams come in many disguises, including URLs advertised as links to class guides, gameplay videos, and, in many cases, user-interface (UI) modifications. For these reasons, it is very important that players take caution when being directed to external websites and update the security on their computers accordingly.
Key-loggers and trojans are also being circulated via email, UI addons that contain an executable, at websites linked via in-game chat, and other mediums.
To help players with combating this threat the following guide has been created to cover the topic of what to do next if you feel you now have such malicious software on your computer. A lot of this information can be found on the World of Warcraft website at:
http://www.blizzard.com/support/wowbilling/?id=asi0462p
For extra clarity I have quoted relevant sections on the website. Disclaimer: Although we recommend Internet security software, we cannot directly support it. Please contact the distributor of the software for information and product support.
Security Update
We strongly recommend that players continue to update their operating systems for the best security possible. Microsoft regularly releases security updates which helps to combat the dangerous links to key-loggers that are being encountered. Following each release I would certainly recommend that players ensure that all critical Windows Updates have been installed on their computers. Updates can be downloaded from:
http://update.microsoft.com/microsoftupdate
Further details regarding such updates will be posted below and can be read at:
http://www.microsoft.com/technet/security/default.mspx
Enabling Automatic Updates is also recommended.
Microsoft Security Bulletin MS06-055
Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486)
- Impact of Vulnerability: Remote Code Execution
- Maximum Severity Rating: Critical
This update resolves a public vulnerability as well as additional issues discovered through internal investigations. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Microsoft recommends that customers apply the update immediately.
Identification
The first step is to recognize you have a key-logger or trojan on your computer system. A useful way to do this is by looking at what processes are running in your computer's Task Manager. You can access this by clicking Start, Run and typing taskmgr. It is best to take a look at this after starting World of Warcraft but prior to putting in your account information. While you can manually go down the list of processes running on your computer, and look up on the web what each does, another alternative is available.
Process Library:
ProcessLibrary.com is a free tool that provides the latest information about spyware, adware, viruses, trojans, system processes and other common applications. We highly suggest you use this program to have a better understanding of what is currently running on your machine. You can download it for free here. http://www.processlibrary.com/
Removal
Once you feel you do (or might have) a trojan on your computer the next step is to remove it. It is best to run both antivirus software and anti-spyware on your machine.
Antivirus Software:
A program that scans a computer's memory and storage space to identify and eliminate viruses. Please note that you can have more than one antivirus program running on your system. Some programs may not detect what another can.
Anti-Spyware Software:
A program that scans a computer's storage space and services to identify and eliminate programs designed to monitor computer usage beyond the user's acceptance. Among many technical issues spyware can also cause crashing, minimizing of the game window, and connection issues. Please note that you can have more than one anti-spyware program running on your system. Some programs may not detect what another can.
Protection
This next section is on how best to prevent the information a keylogger is gathering from being transmitted "home". To combat this you will need a firewall.
Firewall Software:
A security system intended to protect a computer or network of computers against external threats, such as hackers, from another network, such as the Internet. A firewall can prevent your computer from communicating directly with computers outside your network and vice versa. While this does provide added system security it can affect connections made with our game servers. Please view our Advanced Networking Information for suggested firewall settings. Please note that you can have more than one firewall/security program running on your system.
You will also need to make sure your computer's operating system is up-to-date and secure.
Computer Updates:
If you are using Windows, ensure that you have the most recent security and service packs installed. These can help greatly by fixing security risks and updating built in security software such as the Windows XP Firewall to decrease possible threats to your machine. You can find these easily by visiting the Microsoft Windows Update page. We also recommend visiting the Microsoft Security Home Page for a wealth of information concerning current risks, as well as how to properly protect yourself.
It is important to do the above steps and remove any malicious software before changing your password. Once you have covered the areas above then you will need to immediately change your password.
If you find that, regardless of the cause, you are unable to get back into your account, your first step should be to attempt automated password recovery. This can be done via the following link:
http://www.worldofwarcraft.com/loginsupport/
If you are having trouble accomplishing the recovery for your password, be sure to try the suggestions that pop up after the unsuccessful attempt, and if necessary, follow the instructions provided to contact Billing and Account Services for further assistance. Billing and Account Services can be reached at:
Email Support
Phone Support
- 1 (800) 592 5499 (1-800-59-BLIZZARD)
Automated 24 hours
Live Representative Mon-Fri, 8AM-8PM (PST)
|
