I guess you don't want to admit, your virtual items were worth more than your physical items

 

-----signature-----

this has happened to me twice, both after breaks of over 3 months.
very strong passwords and the second time there was an authenticator on the account.

second time was ridiculously easy to get back...no where near as difficult as the first.

 

-----signature-----

Only a complete moron would not think it is an inside job at blizzard.


Just sayin'

 

-----signature-----

Mongo only pawn in game of life.

 

-----signature-----

If I were to run a full-scale WoW account hack operation with keyloggers, I would focus on gaining a steady stream of account information. After reaching a comfortable base level of available account information, I'd use the armory to scan which accounts are active (say, through achievements) and focus the hacks on dormant accounts. All this would be automated so that my employees would have a fresh list of good to go accounts to work on at the start of the shift. Active accounts would only be touched if safe accounts ran out.

And that keylogger? It'd clean itself off the computer after the account was reported as processed.

Hypothetically.

My nephew started an account on one of my computers. This computer had the same protection my main has. It was connected to my net with a wire and my wireless is secure. He went to college and came back to play six months later. The computer he used had been sitting, as in shut down completely, from the day he left. He found the account hacked.

It is easy to blame the user. I'll admit that I blamed the user as well because I've found so many computer users will fall for just about any trick there is. This was not the case with my nephew. He is a sharp young man who knows bad actions can get him removed from my house.

With so many people losing accounts with no apparent reason we can only assume that there is a hole in Blizzard's security. There is no proof of course; it is just where the logic leads us.

One thing I know for sure. No one is "hacking" the passwords. There is too long a delay with log in check for this to work. A computer would have to be checking millions of names and numbers to use a brut force attack. I just don't see how that as possible. Now if there is a way around the slow password acceptance/rejection I'll change my mind. Brut force takes hundreds if not thousands of attack per minute if not seconds to worth the effort.

 

-----signature-----

Using a GPU in place of a CPU makes brute forcing a million times faster/easier. It's been described as "A CPU reads a book page by page, a GPU tears the book into millions of pieces and reads them all at once".

Just throwing that out there.

 

-----signature-----

That said, I still believe it's a person or persons at Blizzard supplementing their salary.

 

-----signature-----

IT IS NOT AN INSIDE JOB AT BLIZZARD!!


Oh wait....

 

-----signature-----

Could the passwords be getting highjacked outside the users computer while being transmitted to Blizzard? This is at bit a tin foil hat idea but would explain many of the idle accounts being hacked.


Edit: Meant to imply that the passwords are getting intercepted on the net.

 

-----signature-----