Posted by Ackis Mar 01, 2010 at 04:49 UTC
Anyone who has an authenticator attached to their account should run a search (and probably an antivirus scan in case it's on the threat list already) immediately and ensure the file emcor.dll does not exist on your computer. This file is one reported to be allowing hackers to access World of Warcraft accounts that have authenticators attached to them. It's also possible there are other variations of these suspicious files, so if anyone has additional information please respond in the comments.
Based on this thread, the file may be found in /users/username/appdata/Temp. Since the file is fairly new (first mentions of it are only a few days ago), and the common source is unknown, I urge everyone to not log in to World of Warcraft or the account management site until you've run a scan. Confirm your computer is secure before using your authenticator, because this DLL file is allowing hackers to crack through it and access your account.
A warning sign that you're currently infected with this keylogger is that WoW will say your authentication code is incorrect, even if you know for sure you typed in the correct code. Thanks to Cameron for posting about this in our forums, too.
Posted by Ackis Feb 28, 2010 at 16:09 UTC
There seem to be some server problems with Curse.com.
This will affect Curse.com and it also seems Curse Client downloads.
CurseForge/WowAce do not seem to be affected, so as a developer you can continue to update addons.
For end users, if you wish to download addons you can access them from the project page (http://www.wowace.com/addons/arl/ for example). Click on the files tab and you can download from there.
The people who make things work are aware of the problem, and are working on it.
Sorry for any inconvenience.
Update: The network issue has been resolved, and all services should be working properly again. We apologize for the inconvenience.
A network outage at a core router in New York City is currently preventing many Curse network sites and services from functioning properly, for people in certain parts of the world. We have contacted our data center, and they are looking into the issue now.
Posted by funkydude Jan 09, 2010 at 13:46 UTC
A big deal lately with the security of wow accounts seems to be phishing. Fake whispers in-game are stating to show up nearly as much as gold advertising.
With the admitted leak of email addresses on the WarcraftRealms website earlier in December due to a security hole, you need to be more cautious as ever, as phishing email is now back on the rise. The email read:
These people will stop at nothing to get your wow details, here is a perfect example of a classic phishing email:
At first glance, this looks extremely authentic. Note that even the email originates from "blizzard.com" which goes against the in-game loading screen "tip" of trusting emails with such extensions. Infact the only give away that this is a phishing email is when you hover over the link, you can see it forwards to a non-blizzard website, an attempt to steal your account details.
I see people frequently say things like "My computer is secure". That may be fine and dandy, but did you ever stop to think about the security of websites out of your control? The truth is, you just can't guarantee this security. So here's a few tips:
Posted by Ackis Jan 01, 2010 at 08:11 UTC
Happy New Year everyone!
Things should be getting back to normal on Monday, so if you were waiting for something from us, the queue will be reviewed then.
I hope everyone had a safe and Merry Christmas, had Happy Holidays, and had a wonderful New Year.
Posted by Ackis Dec 18, 2009 at 22:37 UTC
Well, it's that time of the year again. The holidays are upon us.
A lot of people will be taking time off so please have a bit of patience when submitting new files/projects for approval. We'll get to them as soon as possible.
We'll see you next year!