How to obtain thousands World of Warcraft accounts for free

In the last weeks we’ve seen several phishing campaigns targeting World of Warcraft players. This is one of the messages that have been circulating:

WoW phishing mail

WoW phishing mail

If you click on the link included in the message, you will get to the following web site, which for almost everyone will look like the real one:

WOWPhishing

Fake WoW login site

And what happens once you enter your data? Well, let’s enter a fake user name and password and we’ll see:

WOWPhishinglogin

Now we click on “Log In”, where will we be taken?:

WOWPhishingReal

Yes, it really looks like the real World of Warcraft site. In fact, it is the real site… As you have seen, the attack could be considered pretty good, both the message and the web site looked as if they were real, so we can assume that these are smart cybercriminals with high skills. But we know there are a lot of phishing kits out there, and that there are easy ways to acomplish these kind of attacks, so anyone could be able to do this. Of course, if the cybercriminals are not that smart, they could have left a door opened. Do you imagine what we could find if we could enter there?  Well, you don’t have to, we entered and this is what we found:

WOWPhishingFAILNow take a close look at the first file:

Phishing Data Base

Phishing Data Base File

Yes, it looks like a Microsoft Office Access file, but this can’t be true, come on… let’s download it and take a look at what kind of data it contains:

Stolen credentials

Stolen credentials

Oops! Yes, this is the database with all the credentials stolen so far… ours is the number 13,401, and most of the people seems to use their e-mail address as user name… I bet that the password used for WoW is the same one they are using for each and every online service (mail, Facebook, etc.).

And what’s the moral of this story? Well, if such a moron is able to steal thousands of credentials, imagine what a smart cybercriminal could achieve…

Related News

21 Responses

Leave a Reply
  1. notthatitmatters
    Mar 29, 2010 - 10:31 AM
    • Luis Corrons
      Mar 29, 2010 - 07:41 PM

      Thanks, it seems related as you say…

      Reply
      • kakafghan
        May 07, 2010 - 04:40 PM

        i swear to god this is the worst scam ive ever seen.

        Reply
  2. Matt B
    Mar 29, 2010 - 01:59 PM

    As a response to the quote “most of the people seems to use their e-mail address as user name..” Battle.net requires an email address to log in with. When Blizzard converted WoW over to Battle.net everyone was required to enter an email address as a user name.

    Reply
    • Luis Corrons
      Mar 29, 2010 - 07:43 PM

      Thanks for the info, Matt. The last time I loged into battle net was in January last year, will try again as soon as Starcraft II is available though ;-)

      Reply
  3. warcraft strategy guide
    Mar 29, 2010 - 04:37 PM

    what the heck! How could someone do this. Man, didn’t know this stuff. Nice info! I learn a lot.

    Reply
  4. Luis
    Mar 30, 2010 - 11:51 AM

    Well… not every e-mail address you see there are from people that fell for the scam.
    I, for one, after insulting them with every bad word I know, started entering about 50 or more bogus e-mail addresses with bogus passwords, so as to keep the phissers entertained.

    Reply
    • Luis Corrons
      Mar 30, 2010 - 02:47 PM

      Well, that’s kind of DoS the bad guys… I like it!!! ;)

      Reply
  5. Everseeker
    Mar 30, 2010 - 01:30 PM

    “…? Well, you don’t have to, we entered and this is what we found:
    …”
    Could you explain this part just a weee bit more in detail?

    Reply
    • Luis Corrons
      Mar 30, 2010 - 02:49 PM

      The thing is that I do not want to show the bad guys where they were mistaken. I only can tell you we didn’t use any exploit or similar thing.

      Reply
  6. warcraft strategy guide
    Mar 30, 2010 - 03:40 PM

    Hope I won’t be a victim for this kind of stuff. The biggest drawbacks in online games are being hacked by someone. It’s really frustrating to know one day you can’t open your account anymore.

    Reply
  7. Tyriama
    Mar 30, 2010 - 05:56 PM

    I consider myself a half-decent tech guy, but it’s nothing to what my friend can do. There was one time I had my account hacked (before authenticators and all that thing came) and in the short window between my scanning of my PC, some idiot managed to track my info.

    My friend then hooked up to my PC, found the malware taking all the information, and started hacking the hacker back.

    Not only was it fun to teach the idiot a lesson, but sending in a ticket to the police for information theft is also nice, as we learned he lived in the same country as we do =)

    So hackers, beware, you are not the only one who can hack! :D

    Good read, panda’s :D

    Reply
  8. Mandina
    Mar 31, 2010 - 01:55 AM

    Thank you so much for this info! This is excatly how I got scammed this week! This is the exact way that every one I know got scammed reacetly!! Thank you for let me understand how they done it!

    Reply
  9. Spitt
    Apr 02, 2010 - 08:29 AM

    Don’t just think that because you use an authenticator, that you are safe. There are authenticator emulators and people HAVE backwards engineered them as well.

    Also keep in mind that when you GIVE your info to someone, you aren’t being hacked. A guy I used to know who used to scam peeps, told me, he couldn’t do it except for the fast that there are so many stupid people out there. Simply look at the url, as you hover over it, it will show the actual email.

    Reply
  10. JJ
    Jul 24, 2010 - 03:55 PM

    that doesnt tell us how to get them!

    Reply
  11. free wow account
    Aug 22, 2010 - 10:41 PM

    Well… not every e-mail address you see there are from people that fell for the scam.
    I, for one, after insulting them with every bad word I know, started entering about 50 or more bogus e-mail addresses with bogus passwords, so as to keep the phissers entertained.

    Reply
    • Capn
      Sep 18, 2010 - 02:52 AM

      Congrats, you just wasted about 5 seconds of processing time as their bots attempt all the logins…

      Reply
  12. Synonymous
    Nov 04, 2010 - 03:09 PM

    You should send all the people on the database a link to this article, well that’s what I’d do.

    Reply

Trackbacks/Pingbacks

  1. How to obtain thousands World of Warcraft accounts for free | Enhanced Computer Network Defence
  2. How to obtain thousands World of Warcraft accounts for free … | World of Warcraft Private Servers (WoWps)
  3. Panda Security hacks the WOW Hackers

Leave a Reply

Your email address will not be published. Required fields are marked *

COPYRIGHT 2014 PANDA SECURITY