Gold sellers in World of Warcraft are unscrupulous – but also busy people. Once, they revealed a hack to Blizzard to make more profit.
Often, one would like to know what everyday life at Blizzard looks like. Curious incidents during development or strange events regarding player account security. Luckily, there is a former developer who shares insider information. He recently revealed how a gold seller disclosed one of the most dangerous security vulnerabilities to protect his business.
Who is he? The YouTuber known as “Pirate Software” is actually named Jason Hall and has worked for some huge companies in the past – mainly Blizzard Entertainment and Amazon. He primarily worked in cyber security, focusing on the safety of websites, games, and accounts. He has now grown tremendously on Twitch and his shorts are suggested to many people daily.
What happened at Blizzard? A few years ago, there was a problem with account security in World of Warcraft. Although two-factor authentication (“2FA”) had been introduced early on, requiring players to confirm their login with a physical or digital authenticator, it was not enough.
The security team at Blizzard received reports from the community managers. A player had been hacked – even though he had 2FA activated. Hall initially found this strange, but the problem escalated. In the next report, there were already 5 accounts with 2FA activated, then even 200. The number of hacked accounts was rising rapidly.
For dubious gold sellers (or “hackers”), it was possible to circumvent this security measure and gain access to foreign accounts.
Traditionally, accounts were hacked (and still are) to steal the gold players earned and then sell it. Both actions are, of course, prohibited.
Why did gold sellers reveal the trick? As so often: money. Once the gold sellers knew how to circumvent the security of 2FA, the number of daily hacked accounts continued to rise. This, in turn, flooded the market with more WoW gold, which was sold by the gold sellers, thereby driving down the price of WoW gold.
One of the largest gold sellers believed that this was a short-term strategy. With the falling gold prices, they would not be able to profit for long. So he took the next logical step:
The gold seller went into the official Blizzard forum and revealed how his colleagues managed to circumvent 2FA. He requested that this security hole be closed quickly so that he could “earn a living from his work” – work that is actually prohibited according to WoW rules.
Ultimately, Hall and his team managed to close the security gap through this tip and prevent even more players from getting hacked.
This is probably one of the most curious incidents. At the same time, it is likely one of the few stories where the calls of “Blizzard is working with gold sellers” are indeed justified.
Lastly, Hall offers a tip: If a company asks you to change your password, then do it. Simply using the same password again is a pretty dumb idea.
Sometimes, you may not lose your account to hackers – but because you are just too nice.
