Logged Out
Create an Account
Login:
Password:

Forgot your password?
Security


Back to the Tickets List

Security
Creator kinian
Public or Private Public
Private tickets are only accessible to you and to DKPSystem.com staff
Public Tickets are visible to everyone)
Status Closed
Type Support
Section of the Site Accounts
Urgency (2 votes)
Rating (1 votes)
Description:
We recently had two accounts in our world of warcraft guild get hacked. They did live in the same household so that is prolly why it was them two. What we were wondering is did the hacker get his info or go through this website. i checked and all members that are on the roster should be approved and i know all of them. Want to make sure it doesnt happen again so if there is anything you could help with or tell me i would appreciate it. thanks.
Official DKPSystem.com Comments
No official comments yet

User-Submitted Comments
These posts are also available on the forum with more features. This page is intentional simplified

View this info on the forum
[You must be logged in to post comments]
6196 days ago
Nevir Said:
In general, most hacked WoW accounts occur through trojans (keyloggers) installed from the official WoW forums (typically if you're using Internet Explorer, you're vulerable) - there's a ton of malicious posts on those forums.

If there's a breach in DKPSystem, and depending on how Chops has implemented password hashing/encryption, there's a very slim chance that someone could hijack a WoW account from the account info here.

You should urge your members to use a different password for their WoW account than anything else (including DKPSystem)
[You must be logged in to reply]
6196 days ago
Saudorun Said:
Wow. I highly doubt that they were hacked via DKPSystem. For one if you have uses posting their account information for World of Warcraft anywhere on the site that is just not safe. Also and I am guilty of not doing this in every case of things I use but you should never use the same user name and password on multiple systems. My DKPSystem account uses a different user name for every site and none are the same as my Wow account name.

The main reason show over and over is a trojan virus delivering a keylogger to their system. This would also account for it being 2 people in the same house even if they are on different computers due to the exploits in file sharing between pc's.

You should have your users scan their PC's for Viruses. Further everyone who plays an Online game such as WoW should run a top notch anti-virus program and Personal Firewall. Personally I don't consider free-ware as top notch.

Of all the people that I have known who have been hacked (one of which was a nephew) they all got it via virus from a download that pertained to WoW. WoW Movies from youtube and various site. One who thwarted the virus before is dropped the keylogger was pickup by accidentally clicking an add for a Gold Seller on one of the many mod sites. Then of course there is that. Mods. Users need to pay attention to the sites they download from and the contents of the mods. The most common mods containing viruses are those that have TGA (game image files) that present something not included in the standard interface for an icon on a bar or button.
[You must be logged in to reply]
6196 days ago
Chops Said:
I didn't know that users were capable of posting viruses and other malware on the WoW forums. Are you just referring to links that are posted, or are users somehow capable of embedding malicious HTML into their posts?

As for your concern, Saud covered it pretty well.

Generally speaking, unless your users have their WoW info on the site in some public area, there's not much an attacker can do through us.

Saud covered the important rules, particularly, no matter how trusting you are of a particular site or service, it's never a great idea to have the same password in all places.
[You must be logged in to reply]
6196 days ago
Nevir Said:
Quote by Chops
I didn't know that users were capable of posting viruses and other malware on the WoW forums. Are you just referring to links that are posted, or are users somehow capable of embedding malicious HTML into their posts?


Malicious URLs to sites that'll hijack your browser/install what they want. The trouble is that the trojans go a step further and actually post on the official forums using your account - turns into a vicious cycle.
[You must be logged in to reply]
6122 days ago
Chops Said:
An interesting read about some recent MMO-password-stealing trojans that were being shipped via digital picture frames.
[You must be logged in to reply]