Blizzard suspends mobile app access following account hijacks
Posted on 26 June 2013.
A number of World of Warcraft players have been unpleasantly surprised this last week to find that someone has apparently broken into their accounts and bought low-level items for comparatively huge sums, leaving them with almost no digital gold.


The problem was first shared by a user some four days ago on the Blizzard forums, who claimed that he was robbed despite using a Blizzard Authenticator and a relatively difficult password.

After his post, other players have spoken out, claiming same and / or very similar circumstances were present when their accounts were breached, too.

It took Blizzard a couple of days to react, but they finally confirmed an increase in unauthorized WoW account logins via their website and the WoW Mobile Armory app.

"We’re in the process of notifying any account holders who were not using an authenticator and whose account showed signs of unauthorized access (e.g., logging in from an unusual IP address). If you are among this group, you will receive an email describing how to reset your account," they said, adding that they have temporarily blocked access to the WoW auction house via the mobile app.

They also reassured owners of impacted accounts that upon request, the WoW customer support team will restore the stolen in-game items and gold.

"While no means of account security is guaranteed, every precaution you take to secure your computer and your account—including changing your password periodically—adds another defensive barrier. We strongly encourage everyone to take a few moments to read through the security tips available on our support website and follow the suggestions posted there," they concluded.

Still, there has been no definite word on how the hackers were able to compromise the accounts. Given that the company has blocked access via the Mobile Armory app, could it be that it has some unknown exploit bug?









Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //