Home Gaming Battle.net falls for Trojan

Battle.net falls for Trojan

1 min read
28

Ethernet condom

Just in time for the first weekend of the year, many people’s last gaming weekend of holiday time, it appeared that Blizzard users  fell victim to a nasty Trojan that could compromise accounts, even if they were using the Battle.net authenticator. Never fear, there is a cure – but just check if you are infected.

Over on the Battle.net forum, the following post reported the initial problem:

We’ve been receiving reports regarding a dangerous Trojan that is being used to compromise player’s accounts even if they are using an authenticator for protection. The Trojan acts in real time to do this by stealing both your account information and the authenticator password at the time you enter them.

Scary stuff. So much for a two-step authentication method being secure. Want to check if you’ve been infected? Here are the instructions:

It can be identified by creating an MSInfo file and then looking in the Startup Program section of that file for either “Disker” or “Disker64”.

Working through the weekend, the admins found the source of the infection, and the cure. The Trojan comes from a fake yet functional version of the Curse Website through which people can get the Curse Client. The malware site was popping up on searches for “curse client”, which is how it lured in so many users. If you have been infected, your best bet is to delete the fake Curse Client and run your security program. Blizzard admins insist that the authenticator protects your account 99% of the time.

I’m still skeptical of all these security measures. My Steam Guard seems to constantly think I’m changing locations, while the Blizzard authenticators can feel like a serious waste of time. Yes, security is really important. I’m just not convinced that authenticators, two-part login systems and other mechanisms are really keeping us any safer.

Last Updated: January 6, 2014

28 Comments

  1. Devourer of Small Bunnies

    January 6, 2014 at 13:05

    So what the holy hell is the point of the extra 200 odd rand authenticator then? Oh Blizzard.

    Reply

    • SaintsRowNigri

      January 6, 2014 at 13:18

      The point is, Blizzard got R200 more out of you…

      Reply

      • Devourer of Small Bunnies

        January 6, 2014 at 13:33

        Not me (ho ho ho) I wouldnt touch WOW with Brenda’s dick 😛

        Reply

        • SaintsRowNigri

          January 6, 2014 at 13:54

          Why are you touching Brenda’s dick??????

          Reply

          • Sir Rants A Lot Llew. Jelly!!!

            January 6, 2014 at 13:56

            Indeed. I was wondering the same thing 0.o

          • VampyricSquirrel Monk

            January 6, 2014 at 14:09

            Very valid question… O.o

          • Devourer of Small Bunnies

            January 6, 2014 at 14:25

            Jealousy makes niggahz nasty 😛 *dances*

          • Wifulated42

            January 6, 2014 at 21:22

            ?? ?????’? ??? ????? $7?/???? ?? ??? ??????. ??? ??? ???? ??? ?? ???? ??? 10 ?????? ??? ???? ????? ??? ???????? ??? $21547 ???? ??????? ?? ??? ?????? ??? ? ??? ?????. ??? ???? ?? ???? ??????? fox200&#46com

        • VampyricSquirrel Monk

          January 6, 2014 at 14:04

          The Authenticators aren’t just for WoW… they’re for Diablo 3 and StarCraft 2 as well.

          Edit: Oh and Hearthstone.

          Reply

          • Devourer of Small Bunnies

            January 6, 2014 at 14:25

            I, sir, was being incredibly facetious 😉

        • Brady miaau

          January 7, 2014 at 14:14

          Um. Did Gavin not say the right was earned to remove the “Brenda” moniker when referring to this individual?

          In the year end summary or whatever

          Reply

          • Devourer of Small Bunnies

            January 8, 2014 at 10:07

            Link 0.o

    • Unavengedavo(aka. MadeYouLook)

      January 6, 2014 at 13:24

      I downloaded the free app when I was still playing

      Reply

      • Devourer of Small Bunnies

        January 6, 2014 at 13:34

        Yeah, but these so called “extra” expenses one has to deal with for security (online authenticators, subscription based anti virus, 2k routers etc etc) All really seem to amount to nothing, yet errbody still goes out and buys them. So so so very confusing.

        Reply

    • VampyricSquirrel Monk

      January 6, 2014 at 13:32

      Much easier to just get the app.

      Reply

    • Jason Ashman

      January 6, 2014 at 13:53

      2 part authentication is definitely worth it. But its based on times, and can be broken given enough information. I am guessing a crapton of infected pcs will give that information

      Reply

    • MichaelMatusowsky

      January 6, 2014 at 14:20

      You don’t have to pay for an authenticator. You can just get the Android/iOS/Blackberry OS app for absolutely FREE on their site.

      Reply

    • Willem Van Wyk

      January 6, 2014 at 16:19

      As a developer. I have come to realize this is the biggest problem with security on any application/server/system, the USER.

      Doesn’t matter how well you build the system, if the user install malware/spyware etc it is useless. The authenticator works as long as you are not a COMPLETE IDIOT THAT INSTALLS MALWARE!

      Reply

      • Devourer of Small Bunnies

        January 8, 2014 at 10:06

        Ill have to agree with you here, big time.

        Reply

    • Johan du Preez

      January 6, 2014 at 23:31

      You can get the authenticator as a free app on your cell phone.

      Reply

    • Johan du Preez

      January 6, 2014 at 23:31

      You can get the authenticator as a free app on your cell phone.

      Reply

  2. Unavengedavo(aka. MadeYouLook)

    January 6, 2014 at 13:39

    So are you saying that Blizzard should use a Trojan to combat the spread of a trojan?

    Reply

    • Alien Emperor Trevor

      January 6, 2014 at 13:45

      Trojanception!

      Reply

  3. Sir Rants A Lot Llew. Jelly!!!

    January 6, 2014 at 13:53

    Blizzfail

    Reply

    • Sir Rants A Lot Llew. Jelly!!!

      January 6, 2014 at 13:55

      Ok, maybe being a bit overly quick to jump on the bandwagon. It’s not really Blizzard’s fault. It’s the people who create the viruses. You can’t create a system that will protect future hacks. It’s simply not how it works.

      In the security industry it’s always about patching up holes as they are presented and exposed by people who go out of their way to.

      That all being said, I still prefer the 2 part authentications because it does make it slightly more tough but alas, as is proven here also very easy to circumvent if you have the mind for hacking

      Reply

  4. VampyricSquirrel Monk

    January 6, 2014 at 14:08

    There are extensive forums on battle.net that cover this if you think you’re affected by this.

    I for one, am not 🙂

    Reply

  5. Josh Strauss

    January 7, 2014 at 08:55

    “I’m still skeptical of all these security measures. My Steam Guard seems to constantly think I’m changing locations, while the Blizzard authenticators can feel like a serious waste of time. Yes, security is really important. I’m just not convinced that authenticators, two-part login systems and other mechanisms are really keeping us any safer.”

    Two Factor Authentication (2FA) prevents someone somewhere brute-force hacking your password. It makes your account much more secure; however, if you install malware that captures the info in real time there is nothing any company can do to protect you any further.

    Security is a game of cat and mouse and we have to use as many tools that help make our online profiles more secure but also don’t be silly and be aware of the sites you visit and the software you download.

    There is no security mechanism that will be effective if one is compromised from the inside. These mechanisms are certainly not a waste of time and I encourage everyone to turn on 2FA for every important account if the account supports it. Please, if you haven’t already, you should turn on 2FA for your email as that is the gateway to everything else.

    Reply

  6. zanmaru

    January 8, 2014 at 18:13

    I hate the way this is all worded. Yes, if you get a KEYLOGGER installed on your system because of your own indiscretions, it can very well log your password and authenticator key. Under normal circumstances, the authenticator is far more effective than just a password.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Crash Bandicoot 4 on PC disappoints everyone with its always-online DRM

Don’t you love being locked out of a game that doesn’t even feature online multiplayer bec…