Re: QuestHelper or CurseClient Keylogger Rumors

There are a great number of people who are claiming that after downloading QuestHelper and/or the CurseClient that they are getting hacked, keylogged, or that their babies are being stolen by ninja mutant Elvises (or would it be Elvisi?).

I'd like to point out that the first two are as likely as the last, providing that:

  • You're only using versions of the CurseClient that have been hosting on Curse/CurseForge or ones linked to you directly by myself or other staff members (aka alphas).
  • You're only getting QuestHelper from reputable addon sites, such as Curse.com, CurseForge.com, or WoWInterface.com. To my knowledge it's not been uploaded anywhere else by the authors.
  • You haven't paid a ninja mutant to dress up as Elvis and steal your baby.

Sadly these type of rumors are often started and perpetuated by people looking to discredit others and most of the attacks I've seen recently are slanted as anti-Curse.

There was recently a 24 page thread generated (in one freaking day!) on the official WoW forums. The instance of some of the posters there into ascribing guilt to various people and groups combined with some obvious misinformation makes me wonder if it's an intentional propaganda move. However, this is mere speculation as I have no evidence to support the thoughts as fact.

As far as keyloggers go. Please keep in mind it's most likely not the last thing you did that got your account comprised. It is a fairly common practice for these the groups responsible for hacking your accounts to wait weeks or even months before attempting to use a password.

Also, brute force attacks are not completely unheard of. So if your password is 'god', 'sex', or 'secret' please change it right away!

Lastly, a few things to remember:

  • Curse does in no way support the keyloggers, account hijacking, or gold selling.
  • You can't get a keylogger from an addon as long as you just put the files contained therein in your addon directory. You'd have to run an executable somewhere!


You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of jaimeskeet jaimeskeet Oct 01, 2010 at 22:50 UTC - 0 likes

    How do you download the quest helper?

  • Avatar of SkunkWerks SkunkWerks Feb 17, 2009 at 18:05 UTC - 0 likes

    I haven't met an automatic updating client that hasn't had issues with spreading keyloggers- either unwittingly or otherwise.

    I have and update about 200 addons manually, if it gives you any idea how I feel about them.

    P.S.: One of the reasons WoWUI has such a poor track record for this kind of thing is that, whenever allegations occur, whether true or false, and however plausible they may be, the webmaster responds with some incredulous, priggish message about how impossible it is, denies it ever happened ever could happen or ever will happen, and promptly ignores the whole issue.

    Doesn't sound familiar at all, does it?

  • Avatar of Daviesh Daviesh Jan 10, 2009 at 22:51 UTC - 0 likes

    Heads-up that there are apparently some dodgy AtlasLoot zip files flying around. Same advice as before, if you get the mod from an 'official' source, you won't have a problem.

  • Avatar of Anyia3 Anyia3 Dec 24, 2008 at 01:30 UTC - 0 likes

    For all its technical flaws, it's an awesome movie =)

  • Avatar of Phanx Phanx Dec 21, 2008 at 19:20 UTC - 0 likes

    Re: what Hawkwinter99 said:

    None of what you said is relevant to this thread. QuestHelper can cause issues with logging in... but NOT because it is unsafe in any way. That issue lies with the way QuestHelper is structured, loading massive amounts of data all at once, and the way the WoW servers operate, disconnecting you if you take too long to load into the world. If you're logging in inside Dalaran or any other heavily populated area that takes longer to load on its own, when you add the time it takes to load all of QH's data, if your system isn't fast enough, it's very easy to go over the limit and get disconnected. This has NOTHING to do with keyloggers. It has NOTHING to do with account hijacking. It is NOT a "risk" or security concern of any kind.

  • Avatar of DigitalSorceress DigitalSorceress Dec 20, 2008 at 01:48 UTC - 0 likes

    Addon authors probably already know that the Blizz API is very specifically limited to make darn sure that you can't use it to write a keylogger... but the general public isn't as likely to "get it".

    My guess is that the real culprit is the recent Zero-day IE7 exploit that has been heavily used by organized criminals (and yes, people who buy gold are supporting account hackers.. DON'T DO IT) to specifically steal game passwords. All you have to do is use IE (even fully patched) to visit a web site that's been compromised and end up viewing the wrong xml file and you're hacked. The web site can even be a legit site, but one or more pages have been hacked without the owners knowledge.

    I recently had a guildie (who does not indiscriminately download files and generally keeps his nose clean security-wise) get hit. His account was ransacked, they went through the guild bank (he had fairly high access) and they vendored all his gear, etc. They also changed his registered email address and password. It was a nightmare for him to get it back.

    He ran all sorts of virus scans, cleaned his computer, got his account restored, and started playing again. Within a couple days, his account was hacked again. Pretty sure the issue was that the hack included a rootkit and it reinstalled the backdoor.

    Had to advise him to wipe his computer and reinstall from OS up. He's getting a Blizzard authenticator, and until he has is, he's not playing.

    Sorry for rambling, but I thought it might shine some light on how bad this can be for those who don't know.

  • Avatar of Hawkwinter99 Hawkwinter99 Dec 17, 2008 at 08:59 UTC - 0 likes

    Today, A "GM" from Blizzard actually associated a logon issue with Questhelper. (Character was stuck in game and could not log back in, also..showed character in game) The "GM" advised that I should turn off my addons and try then. I did..and it work. I believe that Questhelper and a few other addons will have a occasional clitch like anything else, and its a risk that we take. If Wow wanted us to have a ssytem like questhelper, they would have made it PC friendly. Over 250,000 people download Questhelper from this site alone and 5million play wow... Qhelper will always be a target for Hackers as well as WOW since it seems to be the fastest way to get to people.. Lesson...Wear a Dam RUBBER!!

    Thank you.

    PS...dont forget Love all you hackers out thier.


  • Avatar of Seerah Seerah Dec 15, 2008 at 16:24 UTC - 0 likes

    That's the type of thing an idiot would have on his luggage!

  • Avatar of flarecde flarecde Dec 15, 2008 at 14:39 UTC - 0 likes

    How about 12345 as a password? :P

  • Avatar of Drool Drool Dec 13, 2008 at 15:00 UTC - 0 likes

    I notice you missed out wowui as a reputable addon site. ;) Yea it has a poor track record (and remains to be seen if they've improved) but some of us authors do put up our mods there. In my case, only to stop others putting up their own mucked-up copies. QuestHelper's author also updates there (and it's identical to the copy on Curse.com in case you ask).

Facts

Date created
Dec 11, 2008
Last updated
Dec 11, 2008

Author