Its highly obfuscated and might take a bit to break down.Įdit7: we've found the problem. The code just sits idle until the correct criteria is met and then as you're clicking buy, intercepts the buy, shows a fake confirmation screen(this works because blizzard requires a 1 for 1 hardware input to action, that's not the real blizzard confirmation screen you're seeing but a cloned fake one), and then basically places your buyout for a different item.Įdit6: A malicious WA was found in one of the samples provided. This code is usually implemented via snippets in other add-ons, and the malicious addon usually has nothing to do with the AH. This has been done tons of times before and looks exactly like what you'd see on the victim end of one of these.
Ah a former member of the WoW cheating, exploiting and scamming scene (back in 2008-2012ish) this is 100% a malicious addon.
0 kommentar(er)
