Blizzard identifies the malware targeting World of Warcraft players
Today Blizzard has identified the malware causing several World of Warcraft players’ accounts to be compromised. It seems that it was built into a fake version of their Curse Client that people were downloading from a fake version of the Curse Website (the site was appearing in searches for “curse client” on several major search engines, thus luring people interested in the real client into downloading it).
They go on to state, “At this point, it seems the easiest method to remove the trojan is to delete the fake Curse Client and run scans from an updated Malwarebytes. Should you still have issues, there is a more manual method that Ressie posted earlier in the thread. Thanks to Ressie’s efforts, most security programs should be able to identify this threat shortly, if not by the time I type this. If you were compromised, follow the instructions here and we’ll do our best to set everything right (as we always do). For those of you interested in these MitM style attacks, this is the only confirmed case we’ve seen in several years outside of the “Configuring/HIMYM” trojan in early 2012 that hit a handful of accounts. These sort of outbreaks are annoying, but an Authenticator still protects your account 99% of the time. Stay safe!”
For those curious about the aforementioned manual method that Ressie posted, you can check here.
Were you affected by this new Malware?