As I mentioned previously, my World of Warcraft account got hacked back in February 2010. One of the things I did after wiping my computer and recovering my account was to add a Battle.net authenticator to my account to add Two Factor authentication. But, of course, even two factor authentication won’t stop a man in the middle attack, and apparently just such an exploit appeared in the wild targeted at World of Warcraft accounts.
To explain in the simplest way possible, instead of data being broadcast directly to Blizzard when trying to log in to your account, that data is being broadcast to a third party via this malware. This includes your authenticator code. Rather than you logging into your account, the hacker on the other end does so. They log into your account, clear out your characters, and move around virtual funds to fulfill orders from players buying gold. This method of circumvention has been theorized since the release of the key fobs, but it has only now started to actually happen.
Man in the middle attacks aren’t anything new, but what I do find fascinating is that World of Warcraft has become so popular that there are attacks that target just it. There are apparently, for example, viruses that lurk in your system and are extremely difficult to detect except when the World of Warcraft client is launched.
In my case, someone who managed to compromise my computer could have accessed any number of accounts that could have cost me a lot more than just the small amount of gold I lost from my WoW account. That a major focus of some folks is virtual heists from a game is yet more proof that we’re all living in a science fiction novel.