Due to a recent rash of account compromises across Terenas, I'm posting here to give our guildies some suggestions on what to do to prevent this from happening.
First of all, it's important to know what to do in case your account has been compromised. Refer to this thread, posted by Blizzard if your account has been taken over:
http://forums.worldofwarcraft.com/threa ... 8319&sid=1
As of late, the going theory has been that account compromises may not have necessarily come from websites making use of exploits in MSIE to install keyloggers on players' computers. Instead, it's possible that at least some of the compromises may have originated from tainted Adobe Flash advertisements. Unfortunately, since Adobe Flash is a third party application that can run in any number of browsers, simply using Firefox, Opera, and others won't necessarily protect you. Here are some suggestions:
- Download and install Mozilla Firefox.
- Download and install NoScript for Firefox.
- Download and install Flashblock for Firefox.
- Update: NoScript now provides support for blocking Flash/Silverlight and other applications.
- OR download and install Opera.
- Disable Flash and other plugins from within Opera by clicking on Tools -> Quick Preferences -> and uncheck "Enable Plugins" and "Enable JavaScript".
For Firefox
Firefox is a reasonably secure web browser. Since Firefox relies on Adobe Flash to display animations, movies (Youtube, specifically), and some advertisements, it is important to keep Adobe Flash up to date. Be aware that as of May 2008, remote holes existed in version 9.x of Adobe Flash that were being actively exploited in the wild. Thus, it is better to use Flashblock (see above) for Firefox at all times, even when keeping Adobe Flash up to date.
Flashblock does create a slight inconvenience, particularly in that you must click the large play icon whenever a Flash item has appeared. However, this gives you some control over what Flash is loaded--and where. Some sites (games, some car dealerships, and others) rely exclusively on Flash which can represent a bit of a hurdle when using Flashblock, so be aware of this before installing the addon for Firefox. There are, of course, additional benefits besides the security and peace of mind when you're using Flashblock: for instance, Flash advertisements (spank the monkey and win $100 comes to mind) will no longer load unless you exclusively allow them to (don't do this) and other obnoxious, noisy banners should cease to appear.
For Opera
Disabling Flash in Opera via the quick preferences menu isn't as convenient as having an addon integrated into the browser. Unfortunately, it's the best you can do with Opera as the user JavaScript addon that provides equivalent functionality to Flashblock isn't as reliable. If you need to view a site that contains Flash, you will need to re-enable plugins in Opera (which will expose you to tainted advertisements if you have an old version of Flash).
Adobe Flash
Because of problems with Adobe Flash, it is advisable to download the latest version of Adobe Flash Player as soon as possible. If you're still running version 9.x, you are likely to be affected by this vulnerability. The latest version is 10, and it is advisable to upgrade as soon as possible if you feel you may have an older version.
General Advisories
Of course, the most sound advice is to 1) keep an updated antivirus package installed and enabled on your system at all times and 2) avoid browsing potentially troublesome sites (porn sites, warez sites, serials, cracks, and key generator sites). With other vectors of exploitation, it's possible that your system can become compromised if you don't keep certain important software packages updated, such as your browser, Adobe Flash, Adobe Acrobat Reader, and so forth, even if you stay away from questionable content. If you're running Windows, be certain to check Windows Update frequently for critical updates, particularly those for Internet Explorer (even if you're not using it, more on this later), Windows Media Player, and the .NET framework. If you watch a lot of movies or receive humorous but short video clips via e-mail--just as it was in the days before Youtube--I would strongly recommend using Media Player Classic instead of Windows Media Player. Staying away from WMP won't prevent everything, but it'll reduce the chances your system is compromised by a WMP-specific target. Generally speaking, though, I would recommend sticking to Youtube; if a friend e-mails you a video, ask them to instead find that same video on Youtube and link that.
Now, if you're not using MSIE, why on earth would you want to update it?
Good question. Unfortunately, there are a lot of features in Windows that rely on certain "shared libraries" to be present, one of them being MSIE (particularly MSHTML). Whenever you open a help menu, chances are it's using MSIE to render the document; same thing goes for a number of other applications that display HTML or other similarly formatted documents. Not all that long ago, there was an exploit in MSHTML--which is the core part of Internet Explorer--that would allow a remote attacker to compromise a system running older versions of IE by simply coercing the user into downloading and viewing a help file. So, the moral to the story: keep Windows updated!
Blizzard also sells an authenticator which provides a one-time-use password every time you log in to WoW. These appear to use an algorithm based upon the unit's serial number and provide an extra layer of security against keylogger. The units retail for about $7, but if you're particularly paranoid it might be a worth while investment.
