 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Thu, Aug 5, 2010 at 3:15 PM, Richard Pieri <richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote: > On Aug 5, 2010, at 1:47 PM, Bill Bogstad wrote: >> >> This statement rather surprised me. ? From what I can tell from some >> quick web searching, the "MitM" WoW attacks which are happening are >> key loggers/trojans running on the end user system. > > Blizzard recently stepped up the Authenticator removal mechanism by requiring two consecutive Authenticator codes. ?In response, the account thieves are stepping up their game, too. ?The newest form that I'm aware of shims itself as a proxy between the Warcraft client and servers. ?It captures credentials and first authenticator code then returns a failed login code prompting the unwitting victim to enter credentials and code again. ?Bang, account compromised and stolen. That still sounds like it is running on one of the end points (client). In order to do that the end point has to have already been compromised. That's very different from manipulating the communications path between two secure end points. Bill Bogstad
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
