If It's Easy And Attractive, It's Hacked

Posted on Monday, February 1, 2010
Filed under Aion, Gold Sellers, Hackers, Lord of the Rings Online, Mods, Warhammer Online, World of Warcraft

Real Big Kitty talked this weekend about his guild members' accounts getting hacked and he made the point that this seems to be happening more often lately. I too had noticed the trend, specifically with regard to World of Warcraft, as I've seen several members of the blog and Twitter community vent about their woes when their accounts get hacked.

It's should be no surprise then that I went out and snagged the Blizzard Authenticator for my iPhone shortly after reading Don't Fear The Mutant's story. Not that Peter's story was that unusual given how many other people have had their WoW account hacked, but his story was the proverbial straw.

Although I now have the Authenticator, I have to say that I am really rather miffed that I had to grab it. And the worst part about it is that I don't know who to be more upset with: Blizzard or the Hackers.

The Case Against Blizzard

This epidemic in WoW really is partly Blizzard's fault no matter how you approach the issue. Either their protocol for handling add-ons, which has worked excellently for years now mind you, needs to be updated to prevent the hackers from getting access to information or they need to find the real, true source of the problem and fix it. The Authenticator is just a band-aid, and a rather weak one at that, particularly given that the hackers are using Authenticators against the player who actually owns the account.

At the same time, laying full blame on Blizzard for the problem is like blaming a rich person for getting mugged. It's not really their fault, it's just that they make attractive targets.

The hackers are coming after certain games, if you really look into it. Two games in particular have experienced the problem lately: WoW and Aion. Both games that have a medium strength economy, one where players can easily benefit from a quick in-flow of cash, but that same in-flux isn't going to give them a leg up for long. A market that has built-in return customers is, after all, the dream of any marketer.

The Case Against Mods And Money

But both these games rely on something else that adds to the mix: Add-ons, or mods as some call them. Some people have pointed to the Curse Client as the culprit. More specifically, a vulnerability in the curse client (the linked thread has good arguments for an against the theory). With an abundance of add-ons for both games, and with a reliance on those mods (some would argue), Blizzard and NC Soft have given hackers an easy in, or at least a reliable in.

To be clear, there are plenty of other games that rely on mods. Warhammer Online players can use a large array of mods, also serviced through Curse. The big difference? WAR's economy is irrelevant by design. When they created WAR, Mythic made a conscious choice to limit the role of economy in the game, which thereby diminished the interest of gold-spammers, and thus hackers, in WAR. It was a choice I lamented, because I love a good in-game economy, but one that so far seems to have saved WAR from the wrath of the hacker.

On the other side of that coin, we have a game like Lord of the Rings Online which relies heavily on a strong, and often times harsh, economy yet permits practically no add-ons. A game like LOTRO, with a hard core, dedicated player base and a strong economy is surely a big attraction to gold-sellers/hackers, yet LOTRO is not affected by this recent epidemic. Why? The only conclusion I can come to is that they do not permit third-party mods, thus no mod managers like the Curse Client.

Always Use Protection

This leads me to wonder yet again what they real need for mods in games is, but that's for another post. What we really need to understand for the purpose of this post is that it seems more likely than not that if you play a game that incorporates a solid economy and robust add-on support, then you are likely going to have to be much more cautious with your account information. Follow the tips that are out there, including updating your Flash. Remember: criminals go after easy, attractive targets. Ultimately, they are lazy and if you put up even the slightest fight, they will usually move on to the next target.

-Dickie