The issue came to light on June 22, when a user named “Abidah” realized that almost 200,000 gold pieces had disappeared from his account for three unauthorized purchases in the game’s Auction House,. He posted his plight on the Blizzard forums, where other users shared similar experiences.
Blizzard investigated, and discovered that while “World of Warcraft” itself had not been compromised, its Web and mobile Auction House apps had. On June 23, Blizzard acknowledged the hack.
“We have taken the Web and Mobile Auction House offline to perform an emergency maintenance,” wrote a customer service representative on the forums. “Unfortunately we can’t provide an ETA as to when they will be brought back online.”
Blizzard is still not sure how hackers compromised the Auction House apps, but a number of users tell similar stories: After using the Auction House apps, they logged in a few days later to find tons of gold missing from their accounts, often exchanged for absolute junk.
In order to steal gold, the hackers put common, almost worthless items on display at the Auction House. Using players’ compromised accounts, they then bought the item for exponentially more than its in-game worth (a block of wood, for example, is not really worth 50,000 gold pieces).
In all likelihood, the hackers do not want in-game gold for its own sake, but rather want to sell it online in exchange for real money. The only problem with this plan is that Blizzard will usually restore players’ gold if they lost it to a hack. In a large-scale hack, this will essentially duplicate the server’s gold supply, causing massive deflation. Selling gold for real money becomes a profitless endeavor. [See also: 13 Security and Privacy Tips for the Truly Paranoid]