World of Warcraft gamers, be extra careful. There is currently a scam going around across all realms that may cause players to lose all their hard-earned gold.
The attack is described by Motherboard as "a sophisticated combination of social engineering and malicious code," and it is as dangerous as it sounds.
On Reddit, a thread under the World of Warcraft subreddit has started the discussion on the scam, with a user going by the name of MrNoobyy writing the opening post.
The user narrated that another person, impersonating a user from a top guild, has been spamming his realm's trade chat with offers to sell mythic gear and mounts at good prices. When he finally inquired about the offer, he was requested to do a /run command in his chat windows, with the scammer claiming that the script will prevent any issues with a custom user interface.
MrNoobyy did not run the script, but upon closer inspection of the command, it will allow the scammer to launch scripts through whisper that will force the victim to give away all their gold.
The scammer has been spotted in different realms, each time impersonating a member of a top guild with a small letter "l" in its name, which he replaces with a capital letter "I" to make the difference indistinguishable.
Once the scammer acquires a victim who would run the script that he sends, the attacker will begin to communicate with the target's user interface, open trade windows and empty the victim's in-game accounts containing gold and items.
The dangerous part is that the victims will also be sending whispers to their friends to run the script, without the knowledge of the victim that he or she is sending out these private messages. While most World of Warcraft gamers would not think about running scripts sent by strangers, they might be more willing to run those that were sent by a fellow guild member or a friend in the game.
As such, the scam has been termed as an infectious one, as those that have fallen prey to it become a part of the scam's machinations.
A representative of Blizzard said in the Reddit thread that the company is now investigating the scam, though for some gamers, it may already be too late.
Blizzard has been having its good share of run-ins with hackers and cheaters lately. In June, a hacker who knocked Overwatch, World of Warcraft, Hearthstone and Diablo III offline openly taunted the gaming company, while earlier in the week, Blizzard filed a lawsuit against the company behind an Overwatch cheating tool.