August 16, 2012 1 Comment-
I’m sure most of us don’t play World or Warcraft. But even though we don’t take part in the internet’s most famous game (which boasted an incredible 12 million active players at its peak), its recent hacking should make us all a bit wary.
Why? Well, last week Blizzard admitted email addresses, answers to security questions and encrypted passwords linked to player accounts were stolen by hackers. This proves a company that created a reputation based on its online presence is fallible. Who next? Microsoft? Google?
It also means that we’re bound to see the following hack-attacks in the coming weeks (maybe we should make a tick-list?):
Lost Email Trojans
All those users’ email addresses are now in the hands of pretty scary people who like to sell Viagra and fake watches. Blizzard members should expect an increase in the amount of spam they receive.
It could be bad for their friends, too, as email is a big carrier of Trojan Horse malware. If the users download files from these unsolicited emails, it could invade their email account and try to spread itself by emailing their contact book. And although we might not know it, someone, somewhere with our email address will probably have been a WoW player.
Lost Security Questions
This is a major problem, as security questions are used across the web to gain access to accounts – in combination with an email address, which the hackers also have.
And because security questions tend to be quite generic: mother’s maiden name, first pet, favourite teacher – we’ve all seen the questions – there’s an increased chance of hackers gaining access to other, non-Blizzard accounts using this data.
If you know anyone that might play World of Warcraft, you should warn them.
Lost Encrypted Passwords
Thankfully, the passwords that were stolen were encrypted. Unfortunately, this doesn’t mean they’re 100% secure. Although hackers won’t be able to see the passwords at the moment, they can run a brute-force dictionary hack, where they compare every password with a word in the dictionary. Once they get a match, they’ll get a password. Scary.
The solution? Go back in time and use more complicated passwords!
Made up of various contributors' opinions and insights - the power of the collective.
Norman Safeground Blogs Archive