World of Warcraft players warned of "dangerous Trojan" that steals account info [UPDATE]

Blizzard says account-stealing malware stems from a fake version of the Curse Client.

[UPDATE] Blizzard has provided a new update regarding the malware. Writing on its forums today, the developer said the trojan stems from a fake version of the Curse Client. A summary of Blizzard's latest findings is below.

"The trojan is built into a fake (but working) version of the Curse Client that is downloaded from a fake version of the Curse Website. This site was popping up in searches for "curse client" on major search engines, which is how people were lured into going there.

At this point, it seems the easiest method to remove the trojan is to delete the fake Curse Client and run scans from an updated Malwarebytes. Should you still have issues, there is a more manual method that Ressie posted earlier in the thread.

Thanks to Ressie's efforts, most security programs should be able to identify this threat shortly, if not by the time I type this.

If you were compromised, follow the instructions here and we'll do our best to set everything right (as we always do).

For those of you interested in these MitM style attacks, this is the only confirmed case we've seen in several years outside of the "Configuring/HIMYM" trojan in early 2012 that hit a handful of accounts. These sort of outbreaks are annoying, but an Authenticator still protects your account 99% of the time. Stay safe!"

The original story is below.

Blizzard Entertainment has warned World of Warcraft players to be on the lookout for a "dangerous Trojan" that can steal account information even if you're using an authenticator for protection, the company said on its forums last night.

According to Blizzard, the malware acts in real time by stealing your World of Warcraft account information as well as the authenticator password at the time you enter both. Blizzard recommends that users with compromised accounts seek out the Trojan by following the steps laid out below.

"It can be identified by creating an MSInfo file and then looking in the Startup Program section of that file for either 'Disker' or 'Disker64.' It will usually appear like this:

Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup

Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup

Blizzard said it is currently investigating the newly discovered malware, but so far has been unable to find any anti-virus programs that will remove it outside of reformatting your system. To help Blizzard find a solution, you can reply to the ongoing support thread with the following:

"Your MSInfo. A list of any add-ons you recently installed along with where you got them. A list of any programs you recently installed along with where you got them. Any security programs you have run and their results."

World of Warcraft had 7.6 million subscribers as of September 30, 2013, making it the top subscription-based MMO on the market. Blizzard announced Warlords of Draenor, the game's fifth expansion, during BlizzCon in November. According to a recent survey, Blizzard is potentially considering allowing players to pay for a standalone level 90 character.

Got a news tip or want to contact us directly? Email news@gamespot.com

Did you enjoy this article?

Sign In to Upvote

eddienoteddy

Eddie Makuch

Eddie Makuch is a news editor at GameSpot, and would like to see the Whalers return to Hartford.
World of Warcraft

World of Warcraft

Follow
139 comments
abelwike
abelwike

World of Warcraft has become the target of hackers earlier, as well as have a user base of online experts in large and exciting technology, and even been hit with demands for security. This is the first major problem because the hacker is able to carry out the mass killing in the game last year.

fabs1
fabs1

And this just in World of Warcraft players warned of "dangerous program" that steals player lives and sucks up large amounts of time, it's...... the game.

dr_jashugan
dr_jashugan

Hmm, the NSA stealling accounts? Need more accounts to search for terrorists? :-P

Vexov
Vexov

Shit happens, and i never trusted that Curse client. Guess not being lazy paid off this time, plus i haven't played WoW for nearly 2 months so i avoided what would have been avoided, which probably never would have done anything cause I have a authenticator.


I finally got Skyrim and got all those appealing mods that make it look like next-gen... perhaps even better then the mmo coming out.

nayce54
nayce54

Guys, if you just wanna chat, party chat, do missions whatever, just add me on PSN: "NateIsGod4"

megakick
megakick

How about learning how to play the game without addons and if you do use addons make sure it is legit.

Adenosine
Adenosine

World of Warcraft players warned of "NSA" that steals account and personal info.

Oldgun
Oldgun

"It can be identified by creating an MSInfo file and then looking in the Startup Program section of that file for either 'Disker' or 'Disker64.' It will usually appear like this:

Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup

Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup

Oh boy, do this, do that.....PC gaming at its finest, well at least you don't get to suffer on console gaming

Alex4789123
Alex4789123

I'm glad I got hacked. It actually turned out to be a pretty sweet deal. Had to wait a week to get my stuff back, but I made thousands of gold from all the epic gems the dumba** left in my bag.

HonorOfGod
HonorOfGod

This after the NSA admits they have been snooping. 

Dasim64
Dasim64

Why make fun of people that enjoy playing WoW? I played it for the first three years and then quit because I didn't like where it was headed. But that doesn't mean I'm going to pick on others who still play. It definitely has it's good qualities and for some people it's still extremely enjoyable, probably mostly from a social perspective especially if they belong to a good guild. The people I was involved with were the thing that kept me in it so long, much more than the game itself, and it was difficult to say good bye to them but in the end it was for the best.

Riddick123
Riddick123

@perceptive_yoda Should be a raid boss in WoW that every raiding guild wipes out on so many times on it causes a guild to break apart.

Lord_Vader
Lord_Vader

People still play this? I don't understand how one can't get tired of it especially since it's been almost a decade since the game's release and the graphics are ugly by today's standards. I tried the free trial and I just couldn't get into it. The funny and sad thing is that Guild Wars 2 is much better than this game and it doesn't try to rip you off with a subscription.

spectral
spectral

@Oldgunyes it's not like 70 Million users personal info was stolen and the network down for 2 months on a console. Oh wait...

Auriken
Auriken

@OldgunYes, I can see how the ten seconds required to verify the trojan exists is far beyond the attention span of console gamers.


By the way, you suffer for BEING a console gamer.

Xenro4
Xenro4

@deadpenCouldn't you argue that any game "wastes" your life?

timthegem
timthegem

@deadpenExactly. They could be trolling Gamespot forums or something equally constructive.

Hiraishin
Hiraishin

@Lord_Vader playing a game for graphics is like getting into a relationship with a chick just cause you think shes hot. most likely you'll be disappointed after a while

Sevenizz
Sevenizz

Having played both - I can assure you the subscription is worth it.

And the graphics are fine. The gameplay is so good that the graphics, while playable, take a backseat. If you only play games for graphics, you miss out on alot.

CrouchingWeasel
CrouchingWeasel

@Lord_Vader  

No, on GW2 you don't have a sub fee. You just have to buy gems instead to unlock things like bank & inventory slots, and don't say you don't have to buy them, they designed the inventory system specifically so that it wouldn't provide enough free space later in the game unless you paid to open more. I get that ArenaNet has to monetise the game somehow beyond purchasing the game, just as I understand that Blizzard can't keep designing new content & giving it away for free. Maybe you should learn what the definition of a "business" is & I'll give you a hint to get you started, it doesn't mean giving away their product for free to whiny, cheap, self-entitled gamers.

Nepti
Nepti

@Lord_Vader It's hard for younger gamers to fathom, but graphics aren't everything. I quit wow 4 years ago when the graphics were 'less' dated though a solid argument can be made that wow's graphics were dated since day 1. Then there are those out there still playing EQ1 and UO with ever increasingly dated visuals.


I personally have run the MMO treadmill as long as I think I can stand for the next 10 lifetimes. But some people never tire of a game where they have invested hundreds if not thousands of hours of their lives into not to mention all the online 'friends' they chat with.

perceptive_yoda
perceptive_yoda

@Lord_Vader Well, that is your illogical opinion, i still play some oldies, and maybe people are very invested in a character they spent thousands of hours, and graphics are not always everything.

Xenro4
Xenro4

@DiegoctbaReplace the words "Mmorpgs are" with "Trolling is" and be enlightened.

Dasim64
Dasim64

@Diegoctba When I was playing WoW I had a full time job, a wife, and two kids. My daughter also played. I was also active and enjoyed riding my bike, paying golf, and spending time with other friends. You can't make the assumption that just because someone plays an MMO they are a total loser in life. 

Oldgun
Oldgun

@Auriken Your statement can't change the fact that PC is the most vulnerable and the most unstable platform for gaming, the article is self explanatory. It may take you ten seconds to VERIFY but not eliminate the problem. Go update/patch your PC if I care.

And that is coming from a long time PC and console gamer, if you're ignorant of the fact....

pyro1245
pyro1245

@Nepti there's nothing wrong with dated graphics. It's really the gameplay that's dated.

Sevenizz
Sevenizz

Having played wow for over 9 years - I've yet to meet these delinquents you speak of. But then again, I chose my acquaintances more wisely.

Oldgun
Oldgun

@Vexov @Oldgun Well well someone's pissed off here for no good reason, good for you. Yes I agree both PC and Consoles are evolving and have their pros and cons. It's just that people who have engineering jobs and don't have all the time in the world, like you, to keep their PCs tweaking all the time, Consoles become much attractive since its a simple plug & play device to play and enjoy some of the best games.


No doubt PC cannot be compared to Consoles in terms of raw power, but honestly, it is becoming too much of a hassle to maintain a high performance rig.

Auriken
Auriken

@Oldgun@AurikenLet me put this in simpler terms. I haven't had a virus of any kind in over three years. Why? Because I'm not an idiot. I only download stuff from official websites, I only download mods from well known websites like Nexus and I don't visit completely random websites. That's a VERY good way to keep yourself completely safe.


Also, I have this free little program called Sandboxie. I run my browser inside of it and it keeps everything in a contained space, so if I get a virus it doesn't infect my computer and I can delete it with the click of a button. It takes no time at all. These days, if you manage to get a virus on your computer it's because you did something stupid.


The people who got infected with this virus did something stupid. Besides, a lot of online games today come with a PC identification system. If an unregistered PC tries to login, then it asks for a verification number that it will send through email. If it fails then you're contacted so you can change your password. If they happen to get your email account as well then you did something REALLY stupid and probably deserve to have your account stolen.


And all of this is absolutely effortless. Or at least it is for people who have an attention span longer than your typical COD player. Why is why I see you have such difficulty understanding the concept. Any real PC gamer knows how to avoid this shit.

Vexov
Vexov

@Oldgun @Auriken Didn't Sony's PSN go offline for like 2 weeks?. Your ignorant console ass is just mad that you can't do the stuff that PC can do. WoW has been out for 8 years and finally some assholes pull some decent shit, shit happens.


Unstable and most vulnerable?, 

Well, i guess its true that it is the most vulnerable, its got unmeasured freedom compared to console. Games put to the side, console is nothing but a box made for idiots so they don't have to think, and PC could play anything coming that consoles play and will be coming out on the next 2 new-gen consoles("COULD PLAY").

Unstable?, what ignorance.. and do consoles go without their own problems?.... a simple box that never changes and at release they can be plagued with problems.


Console also gets updates, incase your trying to use that as some sort of ammo aginst PC. Also, PC gets updates but its constantly evolving.


Nobody would know if your a PC+Console gamer, I ate a peanut butter banana toasted sammywhich... incase your ignorant of the fact.


I been console gaming since... i guess i will say Nintendo to even todays new-gen. I have PC gamed since.. fk .. a long time. I can tell you, your a fking moron if your think console's got anything on PC. 


Your obviously not good with computers so you talk your shit.

pyro1245
pyro1245

@DrowNoble @Oldgun @Auriken you don't need to pay for a security suite in order to have a healthy pc. There are free ones that arguably work better.

DrowNoble
DrowNoble

@Oldgun@AurikenOnly vulnerable if someone is lazy or stupid, doesn't have a PAID security suite and lacks common sense.  If you download a 3rd party mod to make WoW "easier" then there is always an inherent risk.  

Of course, WoW isn't that hard to begin with so I never understood how people "need" a mod/addon to play....


Aeondeity
Aeondeity

@Xenro4 @deadpen If anything, at least it's provided a distraction, kept my mind active and given me some insights into art and gaming.

Though it is a complete waste of time, I should be outside.

VagrantChrisX
VagrantChrisX

@pyro1245@Neptigameplay is still great, I've been off wow for over a year now and still use it to compare other games in the same genre. It's still a great experience. I have my hunter and shaman waiting for the next expansion. :)

Nepti
Nepti

@pyro1245@Nepti


pyro1245 That's a valid argument but one that wasn't posed by the OP.


perceptive_yoda Friends as in online people you regularly play with and however else you feel like defining online acquaintances.

Dasim64
Dasim64

@perceptive_yoda @Nepti Friends as in people you get to know and enjoy talking with and being around. We had a couple in our guild that got married and when they met playing the game one lived in Canada and the other in Colorado. If you spend enough time in a guild it's pretty easy to start having discussions about real life which is no different from how you get to know people any other way. The only difference is you aren't standing in front of each other. And of course some people in our guild were also friends in real life. But we had an active web site and posted personal pics and everyone was very involved in guild activities and raids were full of talk about all sorts of things besides the game. Most friendships start centered around something the people involved have in common. WoW is as good a place as any.

hardcore69er
hardcore69er

@pyro1245 @perceptive_yoda @Diegoctba  I am more into the massive multiplayer orgasm ripping p***y genitalia