Within the past week, two people in my guild have had their accounts hijacked (passwords changed, inventory stolen). Others have posted on our server forums that they were 'hacked' as well. I had written it off as account sharing gone bad until I came across this BBC News article:

http://news.bbc.co.uk/2/hi/technology/6526851.stm

There's a patch available from Microsoft as of April 3.

Edit: Here's the Microsoft security bulletin about the vulnerability: http://www.microsoft.com/technet/sec.../MS07-017.mspx

Getting your account hacked sucks--I'm not really sure what there is to discuss though.

Can't these problems be avoided by using Firefox and keeping up to date with the Windows security fixes?

A quick stop at windowsupdate should take care of it?

I realise this is a futile attempt but could we atleast in this topic refer to crackers and script kiddies instead of hackers.

And yes, the usual ways for applying patches for Windows include the patch.

Well, you simply can't patch a stolen copy, at least by normal average user means. MS insists on having your software validated before it will allow you to patch.

Only for certain patches (like IE7); autoupdate is less picky. Also, WGA can be disabled for anyone to varying degrees of success.

From Microsoft's standpoint, why should they protect you if they stole their software? You didn't pay them for the service. It makes sense business wise, but it also allows pirated windows machines to be zombie computers to launch other spam and attacks from.

This vulnerability was open for several days before Microsoft patched. The advisory was posted on March 30th and was actively being exploited before then. Microsoft patched April 3rd (which was unusual, it was an out of cycle patch). Even being up to date with all your patches may not save you if you happened to browse a compromised site before Microsoft released the patch.

Active firewalls that block outgoing connections (such as ZoneAlarm and Microsoft's Windows OneCare Firewall) do help this since the exploit would trigger them and you can deny them access to upload your information somewhere.

The one shaman we had lose his account got nothing but his char with only his healing gear. They basically reset his password and that was it.

It really depends on the severity of the exploit. For example XP Service Pack 2 was really a new release and could have easily been sold as XP Second Edition. But they wanted everyone to have those security enhancements so they gave it away. For less critical patches they started to put on the screws in recent years.

A few months ago before TBC I hired a powerlevel firm (peons4hire, lol!) to power level my wifes toon, she wanted to play TBC with me but didn't want to re-level 1-60. This was on a seperate account with no other chars so I didn't care much, peons charged $120 for 1-60 then, which was worth the cost to me. I'd keep an eye on the farmer playing, they pretty much played 15 hours a day until level 45. Then suddenly they didn't login and had changed the password, and also tried changing the email address (fortunately that requires a validation from the current email holder).

It was easy getting the account back via forgot-password/etc, turns out the peons had stripped the char, sent all the gold somewhere else (I assume), and then deleted the character. I petitioned a GM, said I got hacked, etc, etc. It took nearly 6 weeks to get the character back and it came back naked, level 45, and with 10g - I know it had at least 150g before then, but I didn't really care.

I was pretty safe, I paid with paypal (credit card) and filed a chargeback, got my money refunded and wrote it all off as an interesting experience with China powerleveling services. I talked briefly with a GM who was handling the investigation, he said they get swamped with thousands of these and essentially have a HUGE queue to deal with it, and usually by the time they get to a specific character they can't do much other than restore the name/race/level, as the item history is long since backed up and purged.

So pretty much assume nowadays if you ever get hacked, you might get your char back but it'll be naked or near-naked and some random amount of cash will come back, and it'll take weeks. The old days of getting a full restore with enchants and everything is long since past I think, unless Blizzard decides to tackle dev solutions to address char rollbacks. Times like these are especially bad, I imagine there are at least 100,000 reported hacks right now. It gets even worse if the person who got your account botted/speedhacked/etc, as that can trigger a account ban for hacking which is very difficult to reverse.

(and before some retard thinks about reporting me for hiring a PL, my WoW sub is cancelled and I doubt i'll ever play again. just sharing what I thought was an interesting story)

It's not only incredibly easy to detect PL services (oh look, Character X is being logged on from Chinese and North American IPs, hmmmmm!), but I'm sure some of them use programs like Glider and teleport hacks, that Warden will notice.

Whatever GM dept handles item restorations probably doesn't handle the banhammer, and likely doesn't have access to stuff like IP/connection logs as a result. Unless you're suspected of being naughty, nobody's going to look at that stuff.