Like this author?

Follow this author, get more from this author. Ta-da!

Sign up now

Hide this X

news\

Potential Trojan could steal your Battle.net account info, Blizzard warns

Blizzard has issued a warning of a potential dangerous Trojan that is being used to compromise Battle.net accounts, even if the accounts are protected with an authenticator. According to the post, the Trojan "acts in real time" by stealing both your account information and the authenticator password (both mobile and key fob) at the time you enter them.

Blizzard recommends searching for the Trojan on your computer if your account has been recently compromised, though they've yet to find an anti-virus program that will remove it. The only method they've mentioned to remove it is reformatting your system. 

For those of you who want to make sure you're not infected, simply follow these steps:

 It can be identified by creating an MSInfo file and then looking in the Startup Program section of that file for either "Disker" or "Disker64". It will usually appear like this:

Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup
Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup

If you are one of the unfortunate ones to discover the Trojan, Blizzard wants you to reply on their thread with all sorts of specific information.

Matt-liebl-profile
Matt Liebl You can follow Senior News Editor Matt Liebl on Twitter @Matt_GZ. He likes games, sports, musicals, and his adorable dog, Wrigley. And his wife.
Share with your friends
In this article

Tags: Battle.net

blog comments powered by Disqus