This last weekend, it was revealed that account hackers have successfully bypassed Authenticator security using “man in the middle” attacks; interposing themselves between player and server, and taking the player’s input for themselves, telling the player they failed to login, and then using the info themselves to get in and change things to suit themselves.

Today, I received an email from Intravax, who had a harrowing story to tell;

We had 3 of our members’ accounts stolen within the last month. No major damage as there are caps to what ppl are allowed to withdraw from the vault.

Then one of our officers got hit and that did a bit more damage, although it wasn’t anything that couldn’t be replaced in a week or 2.

Then, this Monday on 3/1/2010 it was like our WoW version of Sept 11th. All our officers got hit, including our GL (each of us have authenticators) and 6 other guildies.

The hackers were like a virus and multiplied by immediately inviting several dozen other characters and promoting them all to the highest rank possible, and we were cleaned out and all our toons were deleted (most of us had at least 3-4 Lvl 80’s all geared in T9 or above). As an added twist to the gut, before the toons were deleted the hackers used them to spam in /trade and /general for their gold selling companies, thereby getting our accounts suspended our reputation tarnished.

All 6 tabs of our vault were filled to the brink with top level flasks, gems, enchants, crafting mats, buff food, etc.  Additionally, we had over 75k gold which was donated by the officers and guild members to offset the costs of all the crafting materials that were donated.

Is it a claim made by a reader, impossible for me to confirm? Yes.

Do I believe the writer? Yes. Yes, I do. The entire email was very well written, it wasn’t asking for any kind of action or publicity on my part. Intravax was just letting me know what had happened to him, his friends and their casual guild, and giving me a heads up to be careful with my own casual guild bank settings, so that the chances of the same thing happening to Sidhe Devils might be reduced.

Thank you, Intravox. I can assure you, having been the victim of account hacking years ago myself, before Burning Crusade was released, I know at least a little of how it feels to come in and find that your character or account is trashed.

In my case, the hacking happened in mid-session, Christmas Eve several years ago, while I was on vent with friends in Undead Strat doing, as I recall, a timed Baron run. So, I got to hear, live and in person, the play-by-play details as my friends followed my character, still all in party together, through hearthing from Eastern Plaguelands/Strat Undead to Ironforge, watched me strip naked, and then, still in party with my main, watched as party chat showed my character D/E’ing all my stuff , mailed the mats off… and then followed my character as it ran back and forth from the bank to the mailbox, sending off all my stuff to someone else.

At least my character wasn’t deleted.

Merry Christmas, Windshadow!

Talk about wanting to just quit the game in disgust. That right there is a feeling of violation that is difficult to overcome. The emotional aspect, quite apart from the inconvenience of lost items, characters or gold that might be returned after an investigation, is hard to describe.

What is it? Why does this keep happening, despite the best efforts of Blizzard to prevent it?

Sophisticated methods for hacking player accounts are designed, developed, tested and implemented.

This represents a significant investment in time and resources on someone’s part.

What would be the incentive to cause folks to go to such extended lengths to get access to your account?

Here is my assumption; real world money is the incentive.

It is my assumption, my theory, that the majority of hacked accounts are performed by gold sellers looking for inventory to sell to a willing market, and not malicious punk kids with too much time on their hands.

A market of consumers that will seek them out and offer them real world currency in exchange for virtual world gold.

I don’t buy gold, and you don’t buy gold, and nobody you have ever known has ever bought gold… and yet, somehow… people still make money selling gold.

Funny, isn’t it?

It’s my understanding that there are several ways gold sellers acquire the gold they offer to fulfill orders.

First, there are people that work directly for gold sellers, that go out and farm and play the auction house to develop gold.

Second, there are people who may be regular players like anyone else, but they work as affiliates, independant ‘stringers’, and when they have gold available to sell, they contact the gold sellers directly and offer it to them… for less than the gold seller will flip it for to the buyer. The gold seller has the website contacts to sell, the stringer has someone they know to sell to when they have some extra.

Methods one and two, as I described them, are fairly safe for the gold seller, but they represent an investment, an expenditure. They have to either pay someone to play to harvest the gold directly, or pay a stringer to get their supply.

The third method is to hack a stranger’s account, loot all their stuff, ship it off to a third party to clearance it, and then delete the account.

This is fast, and aside from developing the hacking method and identifying the target, inexpensive on the part of the gold seller. Either the account is hacked or not, and with guild banks, the potential score goes beyond access to one player’s account.

This business all revolves around the fact that players have something that has a real world monetary value, and there are those out there that have the means and the desire to take from others to enrich themselves. And even better… where are the cops to prosecute them for the stolen goods?

“Excuse me officer, but I had $1500 in property stolen last night.”
“Oh, really? Tell me, where did the crime take place?”
“On Kael’thas, Alliance side. They got everything. Wiped me clean out. They got away with over 25,000 gold, enchanting mats, Frozen Orbs and epics with a street value of $1500. And they defaced my property by deleting my characters!” 
“Uh…. huh. Get the hell out of my sight, nutball.”

In almost all cases, I would be willing to bet that it is not a vindictive or malicious act; I really believe it is the real world monetary benefit that keeps them doing this.

So long as you have something they want, something that is valuable to them, and there is no actual risk involved to them in taking it, then they will continue to plot means of stealing you blind.

I would like to propose a possible solution.

Blizzard, please, open an official micro-transaction store and just sell the gold yourself.

Do it.

No limits on how much, make it legal, and price it so low that it’s undercutting the gold sellers.

Players are somehow able to find gold sellers online, so I’ve got to imagine, since you’ve got computers and the internet yourselves, that you could figure out where they are and how much they charge.

Give the player, the person that seems unable to tear themselves away from buying gold, a legitimate, safe and dependable location to get it from.

Remove any reason someone may have to visit a gold seller outside of Blizzard.

Tell the players, if they really cannot stand to farm gold for epic flying or that awesome epic hammer on the AH themselves, you will give them a place to go where they know they’re getting the best deal, the transaction will be safe, they will not be subject to viruses or hacking, and they will not be risking an account ban.

On the flip side, make it clear that if you DO catch anyone buying gold or selling gold outside their own store, you WILL still ban their account.

I didn’t want to make the obvious analogy with prohibition and alcohol… but seriously. If players, regardless of what the consequences may be to them, continue to go give the gold sellers money, then the gold sellers will continue to find ways of getting it to give.

Remove the incentive. Take away their payday. Reduce their market to nothing.

Make them go find someone else to rip off.

Now, I’m not naive. I know that the WoW economy is very involved, and Blizzard does a lot to try and balance the availability of gold through play with the number of things that you can spend it on. Blizzard is a world economy in scope, and they have to do a lot of work behind the scenes to battle inflation.

That being said… I think, purely my own opinion but what the heck, on a blog that’s what you get, pure opinion, but I think I can safely say people are sick and tired of wondering if today is the day some thief has hacked their account.

Just do it. Cut out the middle man, sell the gold yourself, and call it a day.

I won’t buy it, but someone out there sure as heck will, and you’d be performing a valuable service for the community if you can finally find some way of cutting the gold sellers off at the knees.

69 Responses to “A Call to End Prohibition – Sell Gold Now!”
  1. Guthammer says:

    Ever hear of a gold buyer being banned? Named?

    How about flagging a users account if they bought gold so that the rest of us could bring some social pressure to bear (no pun intended)?

  2. Krarg says:

    Official sell gold is like official sell drugs imo, it may work if something like this happens:

    1.- Permanent ban to anyone who buys gold, tracked ie just as any tax declaration, if you received a high amount of gld, you have to prove where that gold did come from.
    2.- Blizzard sets prices for everything and instead of use AH we can sell vendors anything we want to a reasonable price set by blizzard, then that vendor has in stock as many items sold to him by players, so another player can buy it there.
    3.- Reduce the importance of gold for most important things, and basically just allow to “sell” to the vendor mentioned in the point 2, stuffs like mats and crafted gear. Pets, mounts, important items make them BoP or BoA (Like Battered Hilt ie.)

    Those are just some ideas, maybe crazy, maybe non sense, but that’s what i think.
    That way Blizzard can control Inflation.

    my two cents.

  3. Stupid Mage says:

    “Here is an option: Make it against the policy to give or receive more than 3k per quarter outside of the AH.”

    So how am I supposed to send 5k to my alt so they can buy their epic flying??

  4. Malphailuron says:

    Doesn’t add much to the discussion, but wow.com recently put up a piece about this:

    http://www.wow.com/2010/03/04/why-blizzard-cant-and-wont-sell-gold/

  5. Bromson says:

    I don’t know BBB, I thought it was a pretty good idea with nice logic behind it. :)

  6. Woog says:

    Im floored by the idea. You definitely took the proverb ‘keep your enemy closer’ to this problem. While I agree with the drastic measure approach that you proposed, I don’t think ‘beat them at their own game’ method will work.

    Similar to many aspect of unpleasant in-game experiences the fact that WoW is a very popular game is a blessing and a curse at the same time.

    One of my favorite post from you Bear.

  7. Elegantdeath says:

    Yeh, ya know… come to realize it, being able to buy gold from Blizzard would be like those games in which you can use God-mode or other cheats… kinda cool at first but wears off fast.

  8. Kawil says:

    Yo BBB,

    I love your blog and find most of the stuff you say quite insightful, but I hope you don’t mind me saying this is just a horrible idea. Selling gold through the Blizzard store would crash the economy, and things would just go for ridiculous prices. Things would be terribly out of whack. Not to mention the group of people that are interested in collecting as much money as possible (which is becoming more and more popular) would all rage-quit if they found that you can just buy gold from Blizz. Blizzard has also said they’re never going to allow their game to become a “buy all your mats on our store for RL money” type of game, which I applaud.

    I could, however, extend your point to something like the gold sinks. Maybe allow people to purchase a Traveler’s Mammoth for $15, or epic flying for $10. It would certainly increase the amount of people with them, but I would imagine those that buy gold are probably those that can’t afford simple things like epic flying. I have yet to meet a hard core raider that doesn’t have a lot of money stashed away, but I know a lot of people who don’t play all that much and can’t afford epic flying. Or altoholics who can’t drum up 30,000g for all their alts.

    I think the key is finding out who really does buy gold, and WHY they buy gold. If they can figure that out, then maybe they can finally target those that buy it and eliminate the demand, therefore cutting off the supplier.

  9. VSUReaper says:

    And to you, I present this: http://www.wow.com/2010/03/04/why-blizzard-cant-and-wont-sell-gold/

    Blizzard cant sell gold, as that article will explain, for the simple fact that it would ruin the game for everyone that can not afford to buy gold. High pop servers that have been around forever are a perfect example of why: everyone has gold, its not worth that much, so people piss it away. This raises the price b.c the seller knows that the buyer doesnt mind spending more (its just gold, amiright??). So then you have to have more to do stuff. Its a vicious cycle.
    Now insert new transfer from a low pop server, or perhaps hes new to the game. He cant buy crafting stuff, he cant buy gear, he cant do anything b.c he cant afford anything unless he spends an exorbitant amount of time getting gold.
    An extension of that thought is my old room mate offered to pay for a faction change + server x-fer for my toons (all 6 of them!) if I would buy up as many gems as I could before leaving. He even offered to send a toon over to my server with 20k gold to help. The reason? On my server, red gems go for about 120g. On his, 600g. The difference: my server is less than 2 years old. His is one of the original servers. EVERYTHING is expensive there, and I would be sitting on a gold mine if I transfered. But I never will.
    .-= VSUReaper´s last blog ..Better late than never… Stat Changes =-.

  10. Yossi says:

    Gold Escrow!!

    In much of the world, for transactions over 10,000USD/AUD/GBP/EUR, there is often a need to disclose why this transaction is taking place. The onus is typically on the banks to do this.

    Why not introduce a new limit for gold trading in-game? Any transaction that involves the transfer of more than 499g could require a Blizzard Escrow Service, where item and cash are placed in “escrow” for, say, 30 minutes. Any account that transfers/pays more than 999g directly to players (not including AH) in one game day then must wait 24 hours for the gold to go through.

    AH proceeds over 1000g per day could have a 24-hour “cheque in the mail” period. Chain-selling/mailing could then be subject to further checks.

    I was hacked about 3-4 weeks ago, whereupon I promptly bought an authenticator. I scanned a rarely-used computer (the one my kids use for online flash games) and found evidence of a keylogger :/. I did manage to notify Blizzard within about 5 hours of the hack, but it was enough time to have pretty much everything sold, disenchented and cashed in.

    The hackers RELY upon haste. Put in a slight delay, that will become “part of life” for players (over time), and suddenly hacking will become MUCH less lucrative than simply farming. You don’t need to sell gold, or stop the sale of gold. You just need to make “honest work” (mining/herbing) pay better than crime (hacking).

  11. Yossi says:

    (PS)

    By effectively limiting the ability to BUY gold in quantities of more than 1000g/day from a single account/hacker, and with additional security to detect “odd” behaviour, especially with multiple characters on the same account, or a single person receiving “gifts” from multiple “generous” accounts, then you’re stemming the fuel for the crime: The gold buyers.

  12. Tinderhoof says:

    I am not sure if this was mentioned or not, but Blizzard can never sell gold. The resaon being is once they sell gold it becomes a currency exchange. Because WOW is avilable in lots of countries out side the US, it would be subject to international banking laws, exchange rates, and taxes. The way it would be handled would actually be illegal in several countries. Its just not something that is worth the headache.

  13. Chris says:

    the correct answer is to use EVE Online’s method.

    Players can buy timecards from Blizzard or third party sellers. They can then either apply those timecards to their own accounts, or sell them to other players for gold.

    This way, there is no way to convert gold to real money…the most you can do, with a lot of gold, is convert it to subscription time. And if you have plenty of real world money but not much time or inclination to farm gold in game, you can buy timecards and sell them to players for gold. This way, there is zero money entering or leaving the WoW economy as a result of gold trading…its all just being passed around between players.

    Of course, you’d have to look at the amount of gold obtainable via other methods, to ensure that we don’t get into a situation where everyone is wanting timecards because of how much gold they have, and no one is buying them from Blizzard. However, this is the best solution, as Blizzard doesn’t lose any money…they still receieve exactly the same amount of subscriptions. The people selling the timecards simply pay for their own subscription, and timecards on top of that. The people buying the timecards with gold are just basically giving gold to the seller for paying for their subscription.

  14. Shaikki says:

    The way to cut goldsellers out isn’t for Blizzard to sell gold. The only way Blizzard can undercut the goldsellers is to effectively devalue gold so much as to make it worthless – you said it yourself, there is very little overhead in stealing and stripping other peoples accounts and that is what Blizzard would have to undercut.

    So if you really want to remove gold sellers, remove gold. Make everything operate in a manner similar to most of the existing alternative currencies, using untradable items and points. (Badges, honour etc)

    To alleviate issues around wanting to help friends, let those alternative currencies be depositable in the guild bank as the only method of trading them, and have the same sort of restrictions possible as on item withdrawals today. So for example if a lowbie in guild wanted a shiny new thing, you could still help out by farming up some BADGES OF AWESOME (or whatever), plopping them in the GB and they could withdraw.

    That way you could still help friends in your guild but nefarious evildoers would find it much harder to steal your stuff and profit from it in a hard to trace way – as anyone buying those stolen badges would have to join the same guild. I’ve no idea if such things are tracked but I imagine they could be fairly easily if the will was there and it would also tend to flag such bad buyers to their friends. (“Oh look, Steve left guild for 2 days and came back decked out in BADGE OF AWESOME gear….hmmm.”)

    It would severely bugger up the WoW economy of course but then the economy on many servers is completely borked anyway so I’m inclined to suggest that little of value would be lost… :)

  15. Shaikki says:

    EVEs system works for EVE but I’m not sure it would in WoW. It might but EVE has a single server economy and a substantial amount of work is done on maintaining that economy. So all GTCs and ISK relate to the same server world, so if I want to trade you a code for some ISK then assuming both of us would have spent the ISK (and not just sit on it) the effect on the economy is negligible.

    Compare to WoW, where the economy is completely fragmented into servers and many of those economies are rather shafted anyway. We’d have to be on the same server to have no net effect and if we weren’t then either we couldn’t do the trade (so RMT is more convenient to get the deed done) or we can but it could over time lead to wildly unpredictable shifts in the economies of servers as gold transfers between them.

    Given the dodgy nature of the WoW economy* on any given server anyway I’m not sure how noticeable this would be of course but it’s something to bear in mind.

    *EG the rampant inflation that the gold supply compared to sinks has produced over the years.

  16. Bob says:

    Even if Blizzard started to sell gold in micro transactions, it sadly wouldn’t solve the hacker problem. Gold in general would inflate and, such as the currency market in Diablo 2 LoD, items would take over as being the preferred method of currency (Primordials, crafted BoE items, Orbs, etc etc). It’d just be one thing after another.

    The only way I could possibly see killing the gold farmers would be to boycott the gold sellers and try to get their consumers to stop ‘consuming’. That would take a rather extreme amount of cooperation the likes of which I don’t forsee happening.

  17. Akiosama says:

    BBB,

    A good article – I think you’d be on to a potential solution with this approach, with only two problems – how far would you have to devalue gold in order to make it not worth selling, and what would that do to the views on gold making to those who are doing it legitimately?

    Time is money. It takes time to make money in WoW. It takes time to level in WoW. There are people out there with real-world money who value their time more than the gold sellers/leveling service companies charge for their products. Because of this, there will almost always be a customer base for these companies to sell their stuff to. The main reason these comanies are not more successful is that players, through guilt, ethics, personal views on the game, and potential punishments from Blizzard think that those other factors make it worth the time and effort to create those products in a legitimate manner.

    The companies we’re talking about don’t have those factors involved in their calculations, since they generate no revenue. They’re a business first and foremost, and their goal is to make profit. Which leads to the biggest reason why even if Blizzard sells gold, there probably wouldn’t be a drop in potential hacking…

    The easiest way to increase your profits is to lower your costs.

    This is the reason why a large portion of the leveling services and gold farmers are from lower-income countries. Wages for the production of these services, such as they are, are lower, which keeps costs down, leading to larger profit margins for the same product price point.

    The problem is, to some of those companies out there, even this isn’t enough profit – especially given that this game is, more likely than not, finite in its lifespan.

    So, in order to milk the WoW players for as much revenue as they can, they need to lower costs further and decrease the production time of their product (i.e. gold). What’s the cheapest and best way to do that, given an even marginally decent background with computers? Hacking.

    Someone else has done the majority of the work for the companies relying on this method. The gold is there and just waiting to be claimed. For what might have been a couple days’ effort (in total – even if it was spread out over some time), the hackers in Intravax’s tale probably netted at least 100K in gold.

    If we assume a low-ish price of $6 for 1K gold, that would net the hackers $600 for a couple days’ work. Worse yet, those hackers are probably running multiple hits at once.

    See how even a low price (from an effort standpoint) for gold will keep the activity profitable for hackers?

    Therein is the problem with selling gold to deter hackers. You can’t get lower than almost free for production cost, for these gold thieves. If they get caught, they don’t lose their hacking programs, and they’re free to try again later. They’re probably not even buying the game – the only thing they’re using that might cost money to them are the authenticators, and iPhones make those free now with an app.

    So, that’s probably not a solution – and in fact, if Blizzard drives the prices down, then they’ll probably redouble their efforts to make up for lower margins with higher volumes, and the hacker problem would possibly get worse.

    And in the meantime, as said before, inflation within the game would run rampant and hurt the players who are trying to play within the game legitimately.

    As Bob says above, the only way to stop these guys is to take away the customer base voluntarily – but there are too many people out there (meaning any at all) that want to get to the end game without putting the time and effort into the process to get there (even if there’s a possibly reasonable-sounding explanation for it like “This is my 10th toon, I’m leveling!”), because their time is worth more to them than the money spent buying time from a gold or leveling service. And because of that, I see this as an eternal problem, and I think we all just have to take all the precautions we can to keep from exposing ourselves to hacker, and have luck that we are not the unlucky person who gets hacked despite all that we’ve done to minimize our risks.

    It’s sad, but there are people who don’t want to play the game, but instead want to win the game, that propogate this sort of parasite, to the detriment of many.

    I for one do what I can to minimize my risk, and keep my fingers crossed.

    Good luck to you and your guild, Intravax.

    Thank you, BBB, for spawning an entertaining debate, as well.

    My 2 yen,

    Akiosama
    .-= Akiosama´s last blog ..Does (or Does Not?) Play Well With Others =-.

  18. Tesh says:

    Late to this party, but let me add that Sirlin’s discussion thread on RMT has some further nuggets of thought to chew on:

    http://forums.sirlin.net/showthread.php?t=992

    I tend to agree with Sirlin on this, and think that the citation of Prohibition is apt. Sirlin also notes that societies tend to progress only once citizens can own property. That changes a lot of things from the feudal society where the King (Blizzard) technically owns everything.
    .-= Tesh´s last blog ..Teshketchbook: Cat Costumes =-.

  19. Abby says:

    I agree entirely. Gold sellers not only hack into my friends accounts but they ruin my auction house. I spend a lot of time “playing” the AH to get my gold, I plan and buy up large stocks to make big returns and all it takes to make my stock useless is some gold seller willing to undercut all my goods just to get minimal profits. They need to be stopped and nothing blizzard will do, short of cutting them out of the picture, will stop them.

  20.  

World of Warcraft™ and Blizzard Entertainment® are all trademarks or registered trademarks of Blizzard Entertainment in the United States and/or other countries. These terms and all related materials, logos, and images are copyright © Blizzard Entertainment. This site is in no way associated with Blizzard Entertainment®