Thursday, January 27, 2022

ArenaNet says password attacks affect 11k Guild Wars 2 accounts

Password crackers have hacked more than 11,000 accounts belonging to players of the new game Guild Wars 2, in part by applying credentials siphoned from an unknown fan site that was recently compromised, game officials alleged.

The compromised sites include an unnamed Guild Wars related fan site that ArenaNet security alleged recently warned of a breach of its account database. “That’s important, but just one of many apparent breaches of other games and web sites that hackers have been collecting email addresses and passwords from,” they added.

“If you don’t want your account hacked, don’t use the same email address and password for Guild Wars 2 that you’ve used for another game or web site,” officials wrote over the weekend. “Hackers have big lists of email addresses and passwords that they’ve harvested from malware and from security vulnerabilities in other games and web sites, and they’re systematically testing Guild Wars 2 looking for matching accounts.”

Guild Wars 2 user forums are filled with threads like this one and this one, which tell alike stories. Online games such as World or Warcraft have long been goldmines for account hijacks because the in-game assets such as gold and weapons can be distributed online for real life money. Accounts themselves are frequently sold wholesale.

There are still many threads being posted about account take overs,

Eventually after 4 days they got back to me on my hacked account. Sent me a link to recover my account. But I get an Error contact Support (I LOL’d at the thought of that).

Do I really have to wait another 4 days for someone to get back to me again ???

Here is the ticket number, screenshot of error message in there: 120904-008678 one player said.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …