Trojan compromising World of Warcraft accounts, even if you're using the authenticator | PCGamesN

Trojan compromising World of Warcraft accounts, even if you're using the authenticator

World of Warcraft accounts compromised by Trojan

As if the impotent DDoS attacks made by DERP on weren't irritating enough, Blizzard is now warning World of Warcraft players that their accounts might have been compromised by a Trojan that steals player account information and authenticator passwords when they are entered. 

Initially, Blizzard was unable to find a solution for those hit by the virus, and suggested they reformat their systems. Thankfully, they have recently discovered the source of the problem along with a way to remove the offending virus.

On the Blizzard forums, technicians revealed that the culprit was a fake Curse client. "The trojan is built into a fake (but working) version of the Curse Client that is downloaded from a fake version of the Curse Website. This site was popping up in searches for "curse client" on major search engines, which is how people were lured into going there."

If you're a victim of this, remove the client and scan using an updated Malwarebytes. A manual route has also been presented on the forums if that doesn't fix the problem.

It looks like some folk are really trying to fill their yearly asshole quota in record time this year. 

Sign in to Commentlogin to comment
Dog Pants avatar
Dog Pants Avatar
4 Years ago

I'm disappointed but not surprised that people are still downloading executables from unofficial sites. It's hardly like the Curse client is hard to find or costs money. It goes to show that education about internet security is nowhere near as widespread as it should be, even among gamers who tend to be more tech savvy. Let this be (another) warning - understand what you're clicking, and you're not paranoid if there really are millions of cyber criminals out to get you.