View Single Post
01-03-14, 02:10 PM   #6
def9
A Cobalt Mageweaver
 
def9's Avatar
AddOn Author - Click to view addons
Join Date: Jan 2008
Posts: 219
Thanks for the clarification on acceptable links everyone. It also seems they've figured out the issue and our security programs are most likely already on board or will be soon.

Originally Posted by Kaltonis on Blizzard forums
To summarize for those of you that haven't read the green posts:

-The trojan is built into a fake (but working) version of the Curse Client that is downloaded from a fake version of the Curse Website. This site was popping up in searches for "curse client" on major search engines, which is how people were lured into going there.

-At this point, it seems the easiest method to remove the trojan is to delete the fake Curse Client and run scans from an updated Malwarebytes. Should you still have issues, there is a more manual method that Ressie posted earlier in the thread.

-Thanks to Ressie's efforts, most security programs should be able to identify this threat shortly, if not by the time I type this.

-If you were compromised, follow the instructions here and we'll do our best to set everything right (as we always do).

-For those of you interested in these MitM style attacks, this is the only confirmed case we've seen in several years outside of the "Configuring/HIMYM" trojan in early 2012 that hit a handful of accounts. These sort of outbreaks are annoying, but an Authenticator still protects your account 99% of the time. Stay safe!
Source: http://us.battle.net/wow/en/forum/to...92?page=10#189
__________________
Epiria, level 100 Ret/Holy Paladin
Simkin level 100 Combat Rogue
Feldeemus, level 100 Arcane Mage

Last edited by Cairenn : 01-03-14 at 02:24 PM. Reason: Added link to official post ~ Cairenn
  Reply With Quote