Trojan succesfully hacks Authenticator Protected Accounts
A new virus spawned on the internet a few days ago and seems to be the first trojan capable of hacking a WoW account protected by an Authenticator. It was confirmed by Blizzard a few hours ago.

Basically, what the virus does is fairly simple after you’re infected :

• The next time you log in World of Warcraft, the game asks for your Authenticator code.
• The virus intercepts it, send it to another server, and sends a wrong one to Blizzard = You get an error.
• The people behind the virus now have a few seconds/minutes to use the “real” code while it’s valid to change your password / empty your account / guild bank.

How to check if you’re infected
Just search for a file named “emcor.dll” on your computer, it is most likely located in “C:\Users\(Your user name)\AppData\Temp” but I suggest that you check everything just to be sure. If you do find the file, delete it and make sure you update your anti-virus to prevent any further problem.

To be honest, if you found this file your account is probably already compromised.

What does it mean exactly?

• Yes, you can get hacked even if you have an authenticator, the chances are MUCH lower but you’re not invulnerable.
• It definitely isn’t an excuse to not have an authenticator. We’re talking about a single virus here and the authenticator will save your ass 99% of the time.
• Get a decent anti-virus, buy an authenticator, you’ll be safe.

Fuck Me … No Screen Shots … To Busy QQing about the Agi Ring