Remember, I told you these guys weren’t messing around. But I didn’t think it would happen to me. Particularly since I haven’t played WoW since September 06. More…

I must say I was rather astonished at every step of revelation in this sordid affair.

One day out of the blue, I got an e-mail telling me I had successfully changed my WoW password. That, naturally made me suspicious because I obviously had done no such thing. It didn’t particularly worry me, seeing as how I’ve been WoW-free for months. But still, the thought of somebody mucking around in my account had a few uncomfortable and noteworthy problems to it… for instance, did this mean they had access to my credit card info?

I run a clean computer, using Trend Micro Internet Security as well as Lavasoft Ad-Aware, Spybot S&D, and Javacoolsoft’s SpywareBlaster. So I was pretty darn sure I didn’t have a trojan or anything that was monitoring my keystrokes. Plus, the fact that the account invasion came so many months after I stopped playing made me think more in line with some kind of exploitation of Blizzard’s web site than anything on my end. As the level of urgency on my part was fairly low, I considered it enough to go to Blizzard’s account management page and reclaim my account by changing the password. In what would turn out to be a key misstep, I changed my password back to what it was originally, because I believed a flaw in blizzard’s account management software had allowed somebody to set a new password for my account without actually knowing or entering the current one.

A week later, I came home to a couple more blizzard auto-generated e-mails. My password had not been changed again, oh no. The first said “your paid character transfer has been scheduled,” the second one said it was completed. The character was my highest level and bestest geared dwarf paladin. I logged back into my account on the website, and found that indeed, my Venture Co. Paladin had been moved… and not only that, a few days after the password shuffle, somebody had ponied up their own visa to reactivate my account. Now, I don’t even have a visa card (only MasterCard). So, I changed my password to something new, started patching 6 months of patches (might as well have a look inside at the damage, since whoever it was was paying), and got on the phone to blizzard billing support.

They were not very helpful. I explained the situation and tendered that while I was not actually subscribing at the moment it was not as if I hadn’t quit and come back before, and such a return would be far less likely if my characters had been scattered, stripped and left picked clean. The guy’s major contribution was to send me an e-mail to various support articles which basically were “computer safety for dummies,” as well as a webform to initiate an inquiry and request a repair of the damage. Not that he could put in that request or anything, being a blizzard employee. That 300 meg patch was still coming, so I went ahead and did that.

By the time the patch was done, “Account Management” had locked my account and scrambled my password, due to “character interaction with another account known to be in use by someone intending to exploit WoW’s systems.” If I wanted my account back, I could fill out yet another form and fax it to them to start the process. By this point, my supply of give-a-shit had run out. I’m content to let it just stay locked forever. It certainly seems blizzard is content as well, and with over 10 million paying junkies, it’s entirely understandable (though not laudable) that they’ve become complacent and apathetic toward each individual subscriber. They don’t need you, they have 9.999 million more just like you.

I had looked around at some other places where people who had experienced account hacking against themselves had posted about it. Word on the street was that the passwords were being harvested by a keylogger imbedded in the advertising and UI mods on Allakhazam and Curse Gaming, two sites which I frequented often (and I got most of my interface mods from Curse).

So, there you go. I’m just glad these guys waited until I had long since cancelled my account. I’m moderately perturbed still, but not the foaming ball of fury I would have been had this happened when I still had an interest in the game.

So… all you WoW addicts out there… might want to scrutinize your system for suspicious looking processes, double check you have the real versions of all of your interface mods, and not be browsing allakhazam, thottbot or curse gaming on the same computer while you play. And change your password from time to time just to be sure, I suppose.