World of Warcraft: Disker Trojan Stealing Authenticator Passwords

  • 4 January 2014
  • 5 replies

Userlevel 7
  • Retired Webrooter
  • 1455 replies

The Disker Trojan is stealing player account information and even authenticator passwords when they are entered. Make sure you are visiting the legitimate Curse Website if downloading the Curse Client or Curse Addons for World of Warcraft.
"The trojan is built into a fake (but working) version of the Curse Client that is downloaded from a fake version of the Curse Website. This site was popping up in searches for "curse client" on major search engines, which is how people were lured into going there." - Kaltonis (Blizzard Support)
Protect yourself with Webroot SecureAnywhere Antivirus for PC Gamers

5 replies

Shouldn't a rogue rolling a natural 20 on a decipher script with max out +6 trap sense see that coming?  Or should I get out of the basement more?
Is it your parents basement?
Userlevel 7
I was thinking I need to go TO the basement more often as all of this is Greek to me :)
Not to make light of a serious exploit, but I had to say it.  Malware and hacks are no joke, but at least I can laugh at myself once in a while.
It would be interesting to know what the malware operators are doing with the authenticator codes. These are time-based and refresh every 30 seconds.

I think they'd be hard-pressed to attempt a login so quickly or even attempt to crack the algorithm used to generate the codes.
Oh hell yeah it is my parent's basement!  It's the safest and most epic dungon.
[link removed by moderators]
oh and as for the 2ndary authentificiation, I think they are gunning for those folks who don't bother with it since they think it's too hard and takes too much time out of their game.
Well ok, I have not played WoW for 4 years at that time the 2nd authentication was an option so if they made it mandatory then I have no idea....persistant session hijack?