“He either got unlucky enough to get snagged by a zero-day exploit, or accounts can somehow be compromised regardless of precautions taken by the user.”

Please keep us informed if there is any insight as to how this was done.

No offense, but as things pertain to this situation, you have no idea what you’re talking about.

He cleaned the computers that he use. I walked him through it. And no offense, I do this for a living. I know how to make sure something isn’t infected, at least if it’s hit the radar on any of the major sites yet.

Symantec, AVG (Grisoft), TrendMicro, all came up negative. Spybot, Windows Defender, negative. The one odd thing was that his hosts file was missing – but if it was missing, that means it can’t have been used to send him to a spoofed website. Unless a virus magically removed itself after the second hack attempt, after somehow avoiding the existing (and maintained) AV software on the computer.

He doesn’t use wireless to game. The computer he plays wow on 99% of the time, he ONLY uses to play WoW. He does not use .exe installers for mods, and gets the base files from curse.com or wowace.com. He has a second account that he has used on the same computer, with the same password, that was not hacked.

So, where does this leave us for possibilities?

1) It is a new keylogger of some sort that infected his machine, therefore none of the above mentioned programs picked up on it. Also, for whatever reason, the jackass who stole the stuff decided only to access one account – if it was a keylogger, he had the username and password to both accounts.

2) The UN/PW was obtained by some means other than a virus/wireless sniffing. What that may be, I don’t know. Social engineering is unlikely given that only one person knew the UN/PW and he didn’t give it to anyone, period.

So, I don’t know how this happened, honestly. Tweeden did all the right things, kept his computer safe, etc. He either got unlucky enough to get snagged by a zero-day exploit, or accounts can somehow be compromised regardless of precautions taken by the user.

If he goes on without ABSOLUTELY making sure his computer is clean, then *HE* is a liability for your guild.

If nothing else, he has proved he doesn’t deserve to have such a position in the guild: he doesn’t look to be responsible enough to treat his computer with the proper care and it will be a question of TIME until he compromises you guys again…

I wouldn’t be surprised if Blizzard refused to return the items this time: I surely wouldn’t blame them…

And, great site BRK. This is my first post but I’ve been coming here almost daily for a few months now. Keep up the excellent job and very sorry to hear about hacked account

Perkins & Mandu