Last night I had the unedifying experience of watching a friend’s WoW account be hacked and being powerless to stop it. There were a few of us online, when our most experienced guy logged on. I sent a greeting his way, he replied with a quick “hi”, and we went about our business.

He logged out shortly after, and jumped on another toon. Then another. Then back to the first one. Then yet another. I thought he must be clearing mailboxes, checking auctions, etc. Then he logged on to a toon that hadn’t been online in a long time, so I sent another more questioning message, to be met by stony silence.

The other guild members on at the time caught on that something might be up, and we went and checked the Guild Bank. Sure enough, each toon had withdrew their maximum allowance from the GB. Luckily enough we had pretty severe limitations on the bank, and nothing much of value in there.

I paged an online GM immediately, and another guildee raised a forum post. About 5-10 minutes later the account was locked by Blizzard. Unfortunately probably too late for his characters to not have been stripped of all their gear, personal banks emptied, and gold transferred. 

It was incredibly frustrating seeing the hacker log on again and again, ignoring us and doing whatever nefarious stuff s/he wanted without being able to stop it. We removed Guild access, but all the personal stuff was out of our hands. The account block happened pretty fast once we got onto it, but not fast enough.

Buying gold is a cash money industry and according to Symantec trojans seem to be the default way into an account. Authenticators all round I guess.