There are a great number of people who are claiming that after downloading QuestHelper and/or the CurseClient that they are getting hacked, keylogged, or that their babies are being stolen by ninja mutant Elvises (or would it be Elvisi?).
I'd like to point out that the first two are as likely as the last, providing that:
- You're only using versions of the CurseClient that have been hosting on Curse/CurseForge or ones linked to you directly by myself or other staff members (aka alphas).
- You're only getting QuestHelper from reputable addon sites, such as Curse.com, CurseForge.com, or WoWInterface.com. To my knowledge it's not been uploaded anywhere else by the authors.
- You haven't paid a ninja mutant to dress up as Elvis and steal your baby.
Sadly these type of rumors are often started and perpetuated by people looking to discredit others and most of the attacks I've seen recently are slanted as anti-Curse.
There was recently a 24 page thread generated (in one freaking day!) on the official WoW forums. The instance of some of the posters there into ascribing guilt to various people and groups combined with some obvious misinformation makes me wonder if it's an intentional propaganda move. However, this is mere speculation as I have no evidence to support the thoughts as fact.
As far as keyloggers go. Please keep in mind it's most likely not the last thing you did that got your account comprised. It is a fairly common practice for these the groups responsible for hacking your accounts to wait weeks or even months before attempting to use a password.
Also, brute force attacks are not completely unheard of. So if your password is 'god', 'sex', or 'secret' please change it right away!
Lastly, a few things to remember:
- Curse does in no way support the keyloggers, account hijacking, or gold selling.
- You can't get a keylogger from an addon as long as you just put the files contained therein in your addon directory. You'd have to run an executable somewhere!
How do you download the quest helper?
I haven't met an automatic updating client that hasn't had issues with spreading keyloggers- either unwittingly or otherwise.
I have and update about 200 addons manually, if it gives you any idea how I feel about them.
P.S.: One of the reasons WoWUI has such a poor track record for this kind of thing is that, whenever allegations occur, whether true or false, and however plausible they may be, the webmaster responds with some incredulous, priggish message about how impossible it is, denies it ever happened ever could happen or ever will happen, and promptly ignores the whole issue.
Doesn't sound familiar at all, does it?
Heads-up that there are apparently some dodgy AtlasLoot zip files flying around. Same advice as before, if you get the mod from an 'official' source, you won't have a problem.
For all its technical flaws, it's an awesome movie =)
Re: what Hawkwinter99 said:
None of what you said is relevant to this thread. QuestHelper can cause issues with logging in... but NOT because it is unsafe in any way. That issue lies with the way QuestHelper is structured, loading massive amounts of data all at once, and the way the WoW servers operate, disconnecting you if you take too long to load into the world. If you're logging in inside Dalaran or any other heavily populated area that takes longer to load on its own, when you add the time it takes to load all of QH's data, if your system isn't fast enough, it's very easy to go over the limit and get disconnected. This has NOTHING to do with keyloggers. It has NOTHING to do with account hijacking. It is NOT a "risk" or security concern of any kind.
Addon authors probably already know that the Blizz API is very specifically limited to make darn sure that you can't use it to write a keylogger... but the general public isn't as likely to "get it".
My guess is that the real culprit is the recent Zero-day IE7 exploit that has been heavily used by organized criminals (and yes, people who buy gold are supporting account hackers.. DON'T DO IT) to specifically steal game passwords. All you have to do is use IE (even fully patched) to visit a web site that's been compromised and end up viewing the wrong xml file and you're hacked. The web site can even be a legit site, but one or more pages have been hacked without the owners knowledge.
I recently had a guildie (who does not indiscriminately download files and generally keeps his nose clean security-wise) get hit. His account was ransacked, they went through the guild bank (he had fairly high access) and they vendored all his gear, etc. They also changed his registered email address and password. It was a nightmare for him to get it back.
He ran all sorts of virus scans, cleaned his computer, got his account restored, and started playing again. Within a couple days, his account was hacked again. Pretty sure the issue was that the hack included a rootkit and it reinstalled the backdoor.
Had to advise him to wipe his computer and reinstall from OS up. He's getting a Blizzard authenticator, and until he has is, he's not playing.
Sorry for rambling, but I thought it might shine some light on how bad this can be for those who don't know.
Today, A "GM" from Blizzard actually associated a logon issue with Questhelper. (Character was stuck in game and could not log back in, also..showed character in game) The "GM" advised that I should turn off my addons and try then. I did..and it work. I believe that Questhelper and a few other addons will have a occasional clitch like anything else, and its a risk that we take. If Wow wanted us to have a ssytem like questhelper, they would have made it PC friendly. Over 250,000 people download Questhelper from this site alone and 5million play wow... Qhelper will always be a target for Hackers as well as WOW since it seems to be the fastest way to get to people.. Lesson...Wear a Dam RUBBER!!
Thank you.
PS...dont forget Love all you hackers out thier.
That's the type of thing an idiot would have on his luggage!
How about 12345 as a password? :P
I notice you missed out wowui as a reputable addon site. ;) Yea it has a poor track record (and remains to be seen if they've improved) but some of us authors do put up our mods there. In my case, only to stop others putting up their own mucked-up copies. QuestHelper's author also updates there (and it's identical to the copy on Curse.com in case you ask).
Seriously, everyone who whines about CurseClient and/or QuestHelper beeing a keylogger should just learn how Software works. I wonder how many of this ppl have a 'good working' Firewall installed. Not to mention lame ass passwords. But, whom I'm telling this? ;-)
Anyway, imo Kaelten is right with what he said above. Maybe its a conspiracy against Curse.
I'm pretty sure Elvis is already plural. "Look at all these wonderful Elvis." yeah, that's it.
TW servers had implied phone lock system, that is, before you can login, you must use a phone-number registered phone to call the lockup server to release the lock for you to login.
Thus make keyloggers became useless.
questhelper sucks anyway.
Then we'll have to combine them into "sexgod".
Also, you forgot to mention, Kaelten, that often times the keylogger people will have your account information for months before doing anything with it. So your password could have been stolen at any time. Also, be careful when logging onto computers that you cannot personally, 100% vouch for their security.
I think god and sex are too short to be passwords for World of Warcraft.
Hello World is a key logger! AHHHH PANIC!!! AHHHHH AHHHHHHH!
Do you honestly have a better plan than a ninja mutant to help steal babies?
Belazor: DIAF TROLL!