When a player creates a World of Warcraft account, they are asked to choose a username and password. Whenever the user then plays World of Warcraft, he is asked to supply the same username and password in full. This is also the case when using account management facilities online. This type of authentication is vulnerable to keystroke logging. While this is not unique to World of Warcraft and is common to many MMORPGs, the game has been directly targeted with trojans being specifically crafted to capture account login details. Attacks have been reported as early as May 2006, although they may extend as far back as July 30, 2005.
In September 2006, reports emerged of spoof World of Warcraft gaming advice websites that contained malware. Vulnerable computers would be infected through their web browser, downloading a program that would then relay back account information. Blizzard's account support teams experienced high demand during this episode, stating that many users had been affected. Claims were also made that telephone support was closed for isolated periods due to the volume of calls and resulting queues. In April 2007, attacks evolved to take advantage of further exploits involving animated cursors, with multiple wow gold websites being used. Security researcher group Symantec released a report stating that a compromised World of Warcraft account was worth US$10 on the black market, compared to US$6 to US$12 for a compromised computer (correct as of March 2007). In February 2008, phishing emails were distributed requesting that users validate their account information using a fake version of the World of Warcraft account management pages. In June 2008, Blizzard announced the Blizzard Authenticator, a hardware security token that provides two factor security. The token generates an one-time password based code that the player supplies when logging on. The password is only valid for a limited time, thus providing extra security against keylogging malware.
In the United Kingdom in February 2008, the Halifax Bank claimed that stolen credit card details were regularly being used to fraudulently pay for World of Warcraft accounts. A statement from the bank read that a "significant number of fraudulent transactions through Blizzard's gaming sites" had been observed. As a result, the Bank has stated that transactions with Blizzard will be blocked by default, requesting that customers contact them directly to authorise payments.
Blizzard makes use of a system known as Warden on the Windows version of the game in order to detect third-party programs, such as botting software, allowing World of Warcraft to be played unattended. There has been some controversy as to the legality of Warden. Warden uses techniques similar to anti-virus software in order to analyse other running software on the players' PCs, as well as the file system. However, unlike most anti-virus software, it sends a portion of this information back to Blizzard, which caused privacy advocates to accuse it of being spyware. One example of the information Warden collects is the title of every window open on the system while WoW is running. Blizzard has not stated what information is passed by Warden over the Internet, or if that information is encrypted, so it is entirely possible this information is passed over the Internet back to Blizzard. On balance, many gamers responded positively about the development, stating that they supported the technology if it resulted in fewer cases of cheating. Blizzard's use of Warden was stated in the Terms of Agreement (TOA).
The Warden's existence was acknowledged in March 2008, during the opening legal proceedings against MDY Industries. The lawsuit was filed in federal court in Arizona, and also listed Michael Donnelly as a defendant. Donnelly was included buy wow gold in the suit as the creator of MMO Glider, software that can automatically play many tasks in the game. Blizzard claimed the software is an infringement of its copyright and software license agreement, stating that "Glider use severely harms the WoW gaming experience for other players by altering the balance of play, disrupting the social and immersive aspects of the game, and undermining the in-game economy". Donnelly claims to have sold 100,000 copies of the $25 software.
gamegirl
gamegirl wow
