As I sit at my desk Monday afternoon, preparing to pack up and go home, I see a Gmail notification pop in. It is from Blizzard Support and it states that my password change has been successful. That’s great….wait……WHAT???
Password change….I hadn’t changed my password! Hell, I hadn’t even been in the Account Management page for over a month!
I immediately goto the Account Management page and what do you know, I cannot login. Panic immediately struck me….my World of Warcraft account had been hacked! Right at that moment some unscrupulous ass-hamster was probably sharding all my epics, stealing all my gold and deleting all my characters. Over three years of work probably down the drain in no time flat. Plus the possibility of this tool bag using my characters to gain access to the Guild Bank and run off with items that were contributed by other people. Son of A…..!
I reply to the email and tell the Blizzard Support people that I DID NOT change my password. All I get is an automated ‘Thank You’ response. I call the 800 number and after my second attempt to get through one of the most aggravating menu systems on Earth, I am told the directions on how to reset my password using a Secret Question I had created upon initial setup of the account.
A few clicks later and I have regained access to my account. There was nothing more that I could do being at work, and I was cutting it close to missing my train if I did not leave soon. Just to be safe, as I still did not know how it happened, I logged into my bank account (successfully) and reset the password there. I also left a message on my guild forum explaining the situation and telling them to revoke any access my characters might have to prevent possible theft. If my home laptop had been hacked and had a keylogger installed on it, I was in for a world of hurt.
Once home I was able to quickly log into the actual game from a completely different machine and found that nothing appeared to be missing. I fell that I dodged a really big bullet this time. I know folks who have gotten hacked and it’s a pain to try and get everything restore successfully. Usually takes a few weeks as well.
At that point, I decided it was time to secure my laptop and then the rest of my network. I immediately unplugged my laptop from the network and powered it on without any network connection. I logged into my router and changed the password, downloaded the latest firmware, updated it and changed the wireless encryption form WEP to the more secure WPA2 – Personal. If some jackass living nearby thought it would be funny to hack into my network, I wasn’t having any of it.
I dug out the restore disks for my laptop. At first I tried to reconnect my laptop via wireless and try downloading a spyware removal tool to see if it worked, but Vista was too fucking stupid to realize the encryption had changed and to make the connection correctly. So i proceeded to wipe the machine clean (after several failed starts because Dell is just as fucking stupid as Microsoft).
Last night I finally finished updating the laptop (55 Windows updates FTL!!) and begin the re-installation of programs. First was World of Warcraft (which I am still not done with…1 DVD, 4CDs, 800mb+ in patches equals SUCK!) and Firefox. I rebuilt my bookmarks from a backup file I had created in April. I still need a bunch more programs, but at least I am getting there.
You’re probably wondering how this happened. If so, join the club! Because I have no idea at all. I stay away from sketchy sites (for the most part) and the one thing about Vista/IE7 that I do like is that you are ALWAYS notified when something tries to get installed. And I hadn’t noticed anything like that poking it’s nose around.
The only thing that I can think of is actually related to WoW. I had recently downloaded and installed two add-ons to the game. One was a threat monitor that I had used in the past and the other was a Quest Helper that has been raved about by a lot of people. I have a feeling that one of those had a key logger embedded in them. But that still does not sound right, as both are well regarded add-ons. Perhaps it was a goof on the part of Blizzard and one of their DBs had a mental moment.
All I know is that after too many hours of chaos, I seem to be back online for the most part. I guess I ma going to have to go back to being a WoW purest….running with no add-ons at all.
We’ll see how it all goes. I’m just really happy that no one ran off with my imaginary OR my real money. God forbid they got a hold of bank account or Credit Card info….I don’t think I could spend years trying to recover from Identity Theft!