WoWeekly: Trojan Hacks Authenticator Protected WoW Accounts

Just the other day, I heard people talking in trade chat about how the Blizzard Authenticator was only good for getting the Core Hound mount. I was intrigued, since in my opinion, I think the Blizzard Authenticator was a good way of keeping your account secure. I thought they were just the usual whiney Azerothians who had nothing else to do but whine about how Blizzard is messing up the game in one way or another.

But apparently, someone created a trojan that could actually intercept the authenticator codes and enable the hacker to change your password, empty your account and sell your stuff! How interesting! The trojan works the same way key loggers work.

When you’re infected with the trojan, the following happens:
When you log in your WoW account and you’ve entered your authenticator code, the trojan will intercept the code, send it to the hacker and send a wrong code to Blizzard. When that happens, you’ll get an error and the hacker will get the correct code and use that code to access your account.

Tsk, tsk, and just when we thought our beloved WoW accounts (which we’ve probably spent a good chunk of our life on) are safe!

To know whether you have the trojan, be sure to check if you have the file name “emcor.dll” on your computer. It will probably be at “C:\Users\(Your user name)\AppData\Temp”, but if you don’t find it there, try to do a whole scan of your PC using your virus scan just to be sure. Better safe than sorry!

While this might discourage you from spending $6 on an authenticator, I would still suggest you get one. While an authenticator might still get hacked, it still gives added protection to your accounts. Also get/invest on a good virus scanner. Or atleast regularly scan your computer and update your virus scanner religiously so that your computer will be protected.