Any of you MMO fans out there that are still chugging through Blizzard's iconic World of Warcraft universe will definitely want to listen up. The developer is warning individuals (specifically WoW players) that a new Trojan virus has made its way past Blizzard's authenticators, allowing you to become a victim of hacking, even if you take extra steps to ensure your account's security.
Blizzard recently added a “compromised accounts” posting to its Battle.net forums that better explains what the Trojan is and how you can eradicate it from your system and authenticator. It is important to understand that this is not just another simple piece of Malware and it shouldn't be ignored. If the virus is currently affecting your machine and you attempt to login to your account, hackers may gain access to your login information and any applicable passwords associated with your account.
The virus works by allowing hackers to collect real-time data as your enter it. If you regularly have the client “remember your username” then hackers may have only collected your password but will not have access to the name associated with it. If you believe that you may have been a victim of this hacking for any reason it is definitely a good idea to immediately change your password.
According to the forum post, the Trojan is specifically targeting authenticators through a fake Curse Client. Jurranok, a Blizzard Support Forum Agent, states that you may be able to directly delete the Trojan from your system by creating an MSInfo file (details here) and then “looking in the Startup Program section of that file for either “Disker” or “Disker64.” Once you eradicate the file you should run an updated version of Malwarebytes to ensure that the offending virus is gone.
Regardless of the recent attack, Blizzard is still convinced that the authenticators are the best way for you to protect your system from any attacks. If you're concerned about any potential issues in the future, it may be best to download and use Blizzard's recent Battle.net platform. This program allows you to run your favorite Blizzard titles without having to actually login, keeping your information safe from these types of Trojans.