Account Security Warning: Addon Websites infected with keyloggers
Numerous threads have been popping up over the last couple of days about keyloggers embeded in Add-ons on Curse-gaming.com and worldofwar.net., lots of players got their account stolen. They have been detected in Addons and other parts of those two websites, according to users's testimony on boards.
Edit 12AM: Curse-gaming just fixed their security issues and will now prevent .html files from being uploaded on their servers. (Source)
For players who dont know, what's a keylogger and how dangerous it is for your WoW account, I will do a quick decription:
- Keyloggers record what you fill in at your account name and password and then send those data to the maker of the script. Therefore you will lose your account, since somebody else know your account and password information.
How to check if you are infected:
- If you have a file named ntldr.exe (EXE, not dll, the dll is used by your OS to boot your computer). That file is the keylogger and you should remove it asap.
How to protect yourself:
- Dont use Internet Explorer (It hasnt been confirmed that IE 7.0 was safe yet), instead download and start using Mozilla Firefox.
- WorldofWar.net: At this time, there is a keylogger embedded into the ui.worldofwar.net homepage. The keylogger itself is in an iframe embedded from hxxp://ui.bcegame.com/pps.exe (do not visit!).
- Curse-gaming.com: The curse-gaming keylogger is on media1.curse-gaming.com. If you go to their beta patch notes page from their site, everything's clean, but if you go to the one listed above, it's got the keylogger on it. (Source)
Source, testimony and more detailed infos:
- WorldofRaids: http://www.worldofraids.com/forum/viewtopic.php?t=2487
- Blizzard forums: http://forums.worldofwarcraft.com/th...58796664&sid=1
- IGN: http://vnboards.ign.com/wow_rogue_cl...0532144/p1/?13