PDA

View Full Version : How flaws in Blizzard's billing department are being exploited


TalonBot
01-08-2010, 12:11 PM
http://www.blogcdn.com/www.wow.com/media/2010/01/ah010810gold.jpg
In our continuing series on account security (http://www.wow.com/category/account-security/) issues present within Blizzard's offices, we bring you news that lax training in Blizzard's billing department is being exploited by those attempting to game the system and illegitimately acquire more gold and high value in-game items.

The critical flaw in Blizzard's system is that billing support personnel are currently given the ability to "roll back" characters to previous versions more or less on the spot, with the customer on the phone. Because of this, there is a high degree of flexibility and personal accountability on the part of the billing representative. The flexibility extended here is vitally important to customer service, however the training that comes with the flexibility, we are told by multiple sources, is inadequate and leads to this exploit being practiced by a growing number of individuals.

The exploit involves human interaction (aka social engineering), which in security systems is the notoriously weak point. The exploit is often referred to internally as "onioning," which involves the player repeatedly claiming the account was compromised to the Blizzard billing support representatives. There are obviously more details to doing this, but we don't want to provide a how-to. Blizzard is aware of how this is done, and they are currently not implementing checks to combat this.Continue reading How flaws in Blizzard's billing department are being exploited (http://www.wow.com/2010/01/08/how-flaws-in-blizzards-billing-department-are-being-exploited/)

Filed under: Blizzard (http://www.wow.com/category/blizzard/), News items (http://www.wow.com/category/news-items/), Account Security (http://www.wow.com/category/account-security/)

How flaws in Blizzard's billing department are being exploited (http://www.wow.com/2010/01/08/how-flaws-in-blizzards-billing-department-are-being-exploited/) originally appeared on WoW.com (http://www.wow.com) on Fri, 08 Jan 2010 15:00:00 EST. Please see our terms for use of feeds (http://www.weblogsinc.com/feed-terms/).

Permalink (http://www.wow.com/2010/01/08/how-flaws-in-blizzards-billing-department-are-being-exploited/) | Email this (http://www.wow.com/forward/19308352/) | Comments (http://www.wow.com/2010/01/08/how-flaws-in-blizzards-billing-department-are-being-exploited/#comments)



More... (http://feedproxy.google.com/~r/WowInsider/~3/tZuVuxrk3gk/)