Symantec Uncovers 44 Million Stolen Game Accounts

[KeyMaster45]

Haha I ope the flaming ban hammer will own them! I hate people that steal !

Question: What game is that image from? Big dude looks like he's wielding The Ultimate Ban-Hammar of Ultimate Destiny, and I must have it.

Its from World Of Warcraft. Some elemental god dude.

It's Ragnaros, the last boss in the vanilla WoW 40 man raid dungeon Molten Core, and yes that ultimate ban hammer is available to players.

 

[Alar]

Nice work, Symantec. Hopefully they can track these guys down and shut them down quickly, or at least have some police or government agency take the server for evidence.

 

[Brainst0rm]

I don't really understand how this works, do you have to download something to get the virus or can it access stuff off the website?

And what is Wayi Entertainment?

You have to download something, but that's not as hard as it sounds, without the proper security (sometimes WITH the proper security) simply clicking "no thanks" on a pop up ad could do it.

Just a reminder people, NEVER click ANYTHING on a popup, even a "no thanks" or "no". Just by clicking the popup you can cause damage, better to close the open browser from Windows, or hit the back button.

This or use opera/firefox. No popups, ever. Fixed.

I don't know of any browser that can block 100% of pop-ups, but I've never used Opera. Maybe it's just freaking brilliant and I had no idea.

But this is an epic find by Symantec. I'm still not clear on exactly how they stumbled upon this from code someone else submitted, but, props to them.

 

[Lord_Panzer]

Haha I ope the flaming ban hammer will own them! I hate people that steal !

Question: What game is that image from? Big dude looks like he's wielding The Ultimate Ban-Hammar of Ultimate Destiny, and I must have it.

Its from World Of Warcraft. Some elemental god dude.

It's Ragnaros, the last boss in the vanilla WoW 40 man raid dungeon Molten Core, and yes that ultimate ban hammer is available to players.

Is it one of those things where, when you see it up close ('it' being the one you can use) the first thing that springs to mind is "It's only a model"?

 

[Flying Dagger]

So they just try tons of obvious passwords?
:S

 

[DividedUnity]

Wow. Now thats a virus. Did it ever say how symantec came across this database and how they managed to figure out what was in it? That would be quite interesting. Those figures ae quite impressive as well. Though I do not understand the drastic figure differences between different MMOs perhaps different areas have a preference to different games.

 

[tkioz]

Scary thought. I never expected a dedicated Trojan group to do something like this.

There's a great deal of money to made selling virtual currency, people view gold sellers and farmers as poor suckers slaving away in a sweat shop in some Asian country which I'm sure happens, but stealing is a lot less time consuming with a higher profit margin, and a lot of these groups have ties with various criminal organisations.

The days of hackers being geeks in the basement doing it just to see if they can are long gone for the most part, now it's about cold hard (virtual) cash.

 

[Asehujiko]

Haha I ope the flaming ban hammer will own them! I hate people that steal !

Question: What game is that image from? Big dude looks like he's wielding The Ultimate Ban-Hammar of Ultimate Destiny, and I must have it.

Its from World Of Warcraft. Some elemental god dude.

It's Ragnaros, the last boss in the vanilla WoW 40 man raid dungeon Molten Core, and yes that ultimate ban hammer is available to players.

Is it one of those things where, when you see it up close ('it' being the one you can use) the first thing that springs to mind is "It's only a model"?

Linky about the guy itself: http://www.wowwiki.com/Ragnaros
Linky about the hammer: http://www.wowwiki.com/Sulfuras,_Hand_of_Ragnaros
Raggy, as he's generally known to wow players is the final boss of the first 40 man raid(co op) dungeon. Lorewise he's an Elemental Lieutenant, leader of all fire elementals and a servant of the Old Gods. By today's standards, his 1000k hp and 500 or so dps are pathetically low(about 1% of the power of the current top dog) but he's scheduled for making a repeat appearance in the new expansion...

And yes, he looks badass. Meeting him for the first time in the game without having seen him before is one of the coolest moments in gaming.

 

[Rayansaki]

I don't really understand how this works, do you have to download something to get the virus or can it access stuff off the website?

And what is Wayi Entertainment?

You have to download something, but that's not as hard as it sounds, without the proper security (sometimes WITH the proper security) simply clicking "no thanks" on a pop up ad could do it.

Just a reminder people, NEVER click ANYTHING on a popup, even a "no thanks" or "no". Just by clicking the popup you can cause damage, better to close the open browser from Windows, or hit the back button.

This or use opera/firefox. No popups, ever. Fixed.

I don't know of any browser that can block 100% of pop-ups, but I've never used Opera. Maybe it's just freaking brilliant and I had no idea.

But this is an epic find by Symantec. I'm still not clear on exactly how they stumbled upon this from code someone else submitted, but, props to them.

Opera blocks 100% of them. Firefox doesn't by default, but with 2 addons it does.

 

[Ohlookit'sMatty]

Now that is a lot of people hard earn time and effort gettin hacked there! See this is why I copy and paste my password so that there is no way it can be read, the only thing they will get out of me is 'Ctrl V' Mwahaha!

-M

 

[MurderousToaster]

That's sort of scary.

Just as well my WoW account's been inactive for a long time. But could these have some connection to the mysterious emails from people pretending to be Blizzard (that Chrome rather handily told me about them being phishers)?

 

[FBPH]

Opera blocks 100% of them. Firefox doesn't by default, but with 2 addons it does.

What are the names of those two plug-ins? I'd really like to know, and I'm sure others would appreciate the info too.

 

[Twilight_guy]

This server can only be destroyed by the mythical (ban) hammer of Thor himself! Or you know, deleting the information and destroying the program.

It's cool that they shut this down but its weird that these apparently professional hackers got caught by the Norton guys.

 

[Rayansaki]

Opera blocks 100% of them. Firefox doesn't by default, but with 2 addons it does.

What are the names of those two plug-ins? I'd really like to know, and I'm sure others would appreciate the info too.

ABP (AdBlock Plus) and Ad Blocker take care of every popup and allow you to block ads or specific frames (in cases of websites which have a side frame with different publicity every time, you can block the frame all together)

https://addons.mozilla.org/en-US/firefox/addon/1865/
https://addons.mozilla.org/en-US/firefox/addon/6826/

(Ad Blocker also blocks publicity in youtube videos)

Its also recommended to have Noscript, it blocks all scripting on every site, and you can just add sites to the white list with a click, but is more bothersome because every time you open a site for the first time you need to add it partially/totally to the while list to see flash/javascript/forms.

 

[samsonguy920]

Now that is a lot of people hard earn time and effort gettin hacked there! See this is why I copy and paste my password so that there is no way it can be read, the only thing they will get out of me is 'Ctrl V' Mwahaha!

-M

Except for worms and such that read your clipboard. Copy/pasting passwords is an extra, worthwhile step but it isn't a complete win over anybody peeking in your system.

 

[Eric the Orange]

snip

Dude just a heads up you might want to get rid of this post. The mod do not like it when people try and block the adds on this site because it means that they don't get any money. They have been know to ban people who tell others how to do so.

 

[Danpascooch]

Do you guys need the distributed computing aspect of this explained or are we good? Because that part is fucking badass.

If you want to explain it by all means, I already praised it, but it would be nice to get some details.

What they did was wrong here, but damn if it isn't clever as hell.

Essentially they use your machine to just sit there all day authenticating WoW(etc) accounts. So once they have all these 44 million accounts they don't have to waste server resources confirming all these accounts work before they sell them and they certainly do. I got into a forum for trading CD-keys and accounts trying to get cheap copies of some game I wanted at the time. It seemed reasonably legit until I noticed people would come in with hundreds of accounts, dump them and disappear so I took off before anything I bought came back to bite me.

So the summary is in true distributed computing fashion via virus they aren't even interested in hacking your online accounts, they just want to run a program in the background logging into WoW over and over with whatever accounts are allotted to your PC.

You got it! They aren't hacking anything, they are just fact checking (although I'm sure they were hacked at some point, so it's still bad and illegal)

It's not really about server resources though, it's about not hitting that "too many failed logins from this IP, wait a while and try again" message that would make doing it all from one server take an eternity.

 

[Wolfram23]

It would be great if a lawsuit was dropped on the operator of the server.

Also, glad I have Norton