Trending Games | World of Warcraft | Overwatch | Elder Scrolls Online | Pantheon: Rise of the Fallen

    Facebook Twitter YouTube YouTube.Gaming Discord
Quick Game Jump
Members:3,752,867 Users Online:0

Show Blog

Link to this blogs RSS feed

Battling the MMO Mass Market

I play, I test, I enjoy MMO's, but there is a dark side to Games, Players, and cheaters. I will expose them all in a no holds barred style....

Author: Chronis

China Gold Sales Modus Operandi

Posted by Chronis Sunday November 21 2010 at 5:02PM
Login or Register to rate this blog post!

Whats the fastest way to make gold in WoW?  The answer is : DON'T play the game.  Seriously, chinese gold sellers dont play, its not wrth their time.  Ok, thats a bold statement, but lets look at the average player and how they make gold.  For comparison reasons, we will only look at that guy in mom's basement who plays about 10 hours a day, every day.  He is the only one to compare to the chinese professionals, a casual player simply does not have the time to make tons of gold.

This guy knows how to make gold.  First, he has capped a tradeskill, and sells things int he AH that sell at a good price and fast.  An example would be Alkemy Flasks, everyone needs em and the average price for one flask is about 12g.  Our player will spend about a day just gathering herbs so he can make a ton of flasks at once.  (1 day out of a week, prolly spread out over the week, but cumulatve is about a day)  Then he makes the flasks and (if smart) puts em up on the AH about thursday, to maximize his exposure to the majority of players.  A good run of herbs can net him about 1000g a week in just flask sales.  (I know this because I am casual player and can make about 400g a week in the pitiful amount of time I spend gathering)

Now our guy also spends a lot of time in VOA, ICC, and heroics.  With the drop rate of decent items that are BOE, he prolly has an average of 1 great item to sell and a couple minor ones to sell.  The great one should net him about 300g and the minors about 100g each.  Now just to the amoutn of time he plays, considering all the trash items just vendored, add in another 200g.  This brings us to a total of about 1700g a week.  Now since I know there are many other ways to make gold if you really want to, I'll round that up to 2000g a week for the dedicated and serious Scrooge McDuck player.

Now some math :)  If a chinese gold company had 5 guys on a server doing the same thing, then they would bring in 10kg a week to sell.  Hmmm, thats not a lot of gold to sell across an entire server population.  Theres no pofit in that ratio of workers<>gold farmed<>gold sold.  Gold is cheap by the hundreds, even 10k gold sold is less than two hundred real dollars!  So the sales of gold on a particular server MUST be much higher than that, and thus, the need to have gold for sale is greater than I am picturing here.

Remember I said the chinese farmers DONT play wow?  Why should they bother to spend countless hours og boring farming when you, the player, already does it for them!  All they need is access to your account for 5 minutes.  Ok, now take those same 5 chinese scumbags, and instead of laborously gathering, farming and AHing, you give them a list of players that have had their accounts hacked.  They log in to your account, change the password, add an authenticator to your account, and then get to take their time selling off your stuff, and consolodating all your characters on ALL the servers you play on into gold.  If any of your characters has access to the guild vault, that will be cleaned out too. This is much more worth their time than simple farming.

A Casual player account can net them about 7k gold. (I base this on MY worth as a casual player)

A Hardcore player account could easily be double that or even better!  There are many 80's out there that have nothing to buy anymore, and such just stack gold in their bank.

The potential for obtaining gold by theft is staggering, much more than people realize.

Now how do they do it?  Well, if you have been following my blog at all, you have already seen one method; the phishing website.  This is where you get a letter from blizzard telling you there is a good reason to click on the link in the email and enter your login and password at the resulting page.  Well, if your STUPID, you might just do that.  The place you go to is not blizzard, but a page made to look like a real blizzard page.  You just entered your account information and sent it directly to a chinese hacker, who is prolly accessing your account before you have even left the phishing page. Oh, and guess what? Not only did you just give your info away, but you also just got a nasty worm/virus designed to steal your future passwords too.  The chinese hackers have no issues with revisiting your account after you got everythign restored and doing it again.

They also run brute force attacks as well.  See they have a huge list of logins and passwords and can see interesting trends, this gives them an advantage when trying to match up logins and passwords.  I will mention here as a side note; If you are just a complete moron and use the same password for everything (banking, paypal, wow, etc) then these guys can also raid your bank accounts too.

Oh but the funs does not stop there kiddies!  If your are the flip side, one of those JERKS that actually buys gold, then its only a matter of time before you get hacked too.  When you went to their 'legitimate' gold selling website, you were prolly infected with the worm/virus to claim your password as well.  They will wait a while, but then suddenly your wiped out again.

A couple tips to keep you safe:


2. Use a virus scanner. Cant afford one, then get AVG, its free and really good.

3. Run Malware detection often.  Can't afford one? then Use Malwarebytes scanner, its about the best.

4. Never click a link in any email from blizzard.  Login directly to rather than any link in an email.

5. Invest in an authenticator.  You cant be hacked if your using one and also do 1-4 above.

A note on the authenticator, it IS possible to be hacked, however its very unlikely.  How unlikely? well the auth code changes every 60 seconds.  There is a virus out there that intercepts the auth code you type in and sends blizzard a fake one.  Then you cant login and have to try again.  However the virus just send the valid unused code to a waiting chinese hacker to use.  This guy prolly has about 30 seconds to login with the code before it goes bad.  So its really unlikely, first you have to have this worm, and there has to be someone ready to use it on the other end within 30 seconds.  If you run both virus and malware scanner with up to date packages, you should be free of the worm.

Well, this is a lot to comprehend, but hopefully yall might just get a glimpse of the scope of whats going on out there.  Next time, how this effects the gamers....

Proof of Gold Selling from China

Posted by Chronis Saturday November 13 2010 at 1:25PM
Login or Register to rate this blog post!

Got my newest entry in the phishing-steal-your-account sapm in my inbox.  Well, actually its been a few days, I really got two of the beta invites, one password reset notice and an account banned notice.  I wont list them here, as each of them have the same host domain and each of them are being channeled through an austrailain mail server.  Well, here is the domain lookup for them:


Domain Name .....................
Name Server .....................
Registrant ID ................... hc587716510-cn
Registrant Name ................. yang yao
Registrant Organization ......... rongweiw angluo
Registrant Address .............. jiefang lu mingzu
Registrant City ................. zhengzhou
Registrant Province/State ....... HA
Registrant Postal Code .......... 532648
Registrant Country Code ......... CN
Registrant Phone Number ......... +86.07316543289 -
Registrant Fax .................. +86.07316543289 -
Registrant Email ................
Administrative ID ............... hc587716510-cn
Administrative Name ............. yang yao
Administrative Organization ..... rongweiw angluo
Administrative Address .......... jiefang lu mingzu
Administrative City ............. zhengzhou
Administrative Province/State ... HA
Administrative Postal Code ...... 532648
Administrative Country Code ..... CN
Administrative Phone Number ..... +86.07316543289 -
Administrative Fax .............. +86.07316543289 -
Administrative Email ............
Billing ID ...................... hc587716510-cn
Billing Name .................... yang yao
Billing Organization ............ rongweiw angluo
Billing Address ................. jiefang lu mingzu
Billing City .................... zhengzhou
Billing Province/State .......... HA
Billing Postal Code ............. 532648
Billing Country Code ............ CN
Billing Phone Number ............ +86.07316543289 -
Billing Fax ..................... +86.07316543289 -
Billing Email ...................
Technical ID .................... hc587716510-cn
Technical Name .................. yang yao
Technical Organization .......... rongweiw angluo
Technical Address ............... jiefang lu mingzu
Technical City .................. zhengzhou
Technical Province/State ........ HA
Technical Postal Code ........... 532648
Technical Country Code .......... CN
Technical Phone Number .......... +86.07316543289 -
Technical Fax ................... +86.07316543289 -
Technical Email .................
Expiration Date ................. 2011-11-12 10:39:00

Information Updated: Fri, 12 Nov 2010 20:26:39 UTC


The part I love is that these filthy chinese hackers have a sense of humor, listing their return address on the domain as '' :)

If I can educate only one person, then I am happy.  Here are the rules for safe dealings with blizzard:

1. Don't trust any emails you get from blizzard ever! Hackers are copying real emails from blizzard and what you get usually IS an actual letter, just not sent to you.  It will look and feel like a real blizzard communication.  If the letter instructs you do do something, NEVER click on a link in the letter, instead, you should open your browser and go to yourself.  You will then notice your account is not banned, hacked and your password is still intact.

2. Never go to anything else but or!  Phishers links in emails show the correct address, but the hidden link goes elsewhere.  Simply hover over the questionable link and look at the bottom of your IE to see where it is really going.  Again, never click it (See rule #1)

3. If you accidentally click such a link and realize it, well your screwed.  Some phishing sites merely get you to input your login information, others will also include a piece of malware to keylog future passwords as well.  There is no sure way of telling if your virus scanner or spyware detector has removed the latest bit of crap they just installed on your machine.  My personal opinion is to wipe, format and reload your machine from scratch.  Oh, and if your on a network at home, you may have just allowed the virus access to everyone elses machine as well.

Well, next blog I'll delve into more of the mechanics of how these guys operate, and with any luck, possibly an interview with an ex- gold farmer.

New Gold seller phishing scam today...

Posted by Chronis Monday November 8 2010 at 7:05PM
Login or Register to rate this blog post!

Another new one In my box today, this is a little more impressive, as it seems to be a copy of a legit email, rather than poorly worded english....

[Actual links removed, whats visible here is actually legit]


World of Warcraft: Cataclysm Beta Test Invitation

Congratulations! You’ve been selected to participate in the beta test of World of Warcraft: Cataclysm.

As a beta test participant, you’ll have the chance to experience the new content and features of Cataclysm before the expansion is released. We’re looking to get your feedback on the overall gameplay experience, including quests, monsters, zones, dungeons, aesthetics, and more as we continue to implement new expansion content. We would also appreciate reports on any bugs you may encounter. These can be logged using the /bug command explained below.

Getting started:

1. Get the Installer: Log in to your account. In your list of games, click the “Manage Game” button under the Cataclysm beta image to download the installer; you’ll also be able to copy a character to the beta-test realms through the same page. Please note that your account should be flagged for beta access within roughly 24 hours upon receipt of this email.


2. Install the World of Warcraft: Cataclysm client: Once you’ve downloaded the installer, run it and follow the directions to install the client on your machine. You must have a retail copy of World of Warcraft patch 3.3.0 or newer installed on the computer on which you want to install the Cataclysm beta test client.


3. Run the Game and Log in to  After the game installs, the launcher interface should automatically appear on your screen. Log in with your account and you’ll be able to begin playing. You can launch the client at any time by clicking the desktop shortcut or by going to the Windows Start Menu.


Please retain this email for your records. If you experience any issues setting up your account, please contact Blizzard Entertainment Account Services via email at

Please be prepared to enter the current retail account name and password you use. To participate in the beta test, you must have a valid retail World of Warcraft account.

Sending us feedback:

Typing /bug in chat or Alt + Left-Clicking on an icon will open an error reporting interface, and we encourage you to use it any time you encounter a problem or want to send us a suggestion.

We have put up forums for discussing the game at

Only players flagged for access to the beta test will be able to post on these forums, but keep in mind the general public can view them. You are expected to follow the posting guidelines and forum Code of Conduct at all times while participating in any and all discussions. Maintaining a constructive dialog with fellow testers and Blizzard posters will help ensure the forums remain a positive place for discussing and providing feedback about Cataclysm content.



If you experience any difficulties installing the beta game client, or have problems connecting to the test servers, please contact technical support either by posting on the appropriate forum at or by email at Please remember that this software is still undergoing testing, so any in-game issues should be reported using the /bug command.


Now the trick in this phishing scam is the link.  It looks ok, but when you read the source of the message, it directs you to the phishing website where you will enter you will be asked to login to battlnet and also be infected with a piece of malware to steal your future password changes and any other accounts you might have.

I know this because I actually GO to these sites and login with one of those temporary free accounts tht blizz gives out, a throwaway account.  Also I do this on an old trash laptop that gets wiped and factory reset after the experimentation.  Gosh, Im not gonna risk my real computer or account....

Looking at the stripped header reveals:

Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.4675);
Sat, 6 Nov 2010 17:29:33 -0700
Received: from unknown (HELO (
by  with SMTP; 7 Nov 2010 00:29:32 -0000

Both seem to be dead ends, the first is comcast in New jersey, the second is a US college.  I suspect the second IP was spoofed and not the actual origionation point.   What I believe is that a PC at the college has gained one of those slave trojans and actually DID send the email out, making it an accurate header. (Have I confused you yet??)  But that PC was told to send the email by the master trojan controller PC, prolly in China or Asia. (Now Im guessing as to where)  This makes the email seem more real, but I assure you then the hidden link on the clickable is NOT where you want to go...


WoW Gold Sellers, who are they really?

Posted by Chronis Sunday November 7 2010 at 8:52PM
Login or Register to rate this blog post!

Ok, this is my first blog entry, and I know your itching to learn more about who I am, and what I intend to do here, but that is going to have to wait for another time. Suffice it to summarize I am over 40yrs old, have worked in the gaming industry for both a MMO company and a console company in the recent past.  I play WoW right now.  Thats all you get for the moment, I promise to expand on that later.Right now


Im just pissed off, truly...  Once a day I get a new attempt to steal my WoW accounts in my email box.  Sometimes I get two of them.  At first it was amusing, with the broken english, poor grammar and horrid sentence structure.  Now a few friends of mine have had their accounts hijacked to these gold sellers.  So Im pissed now.  I started to take a good look at these messages, stripping out the routing off the headers, backtracking to the real origin.  Guess what...

It really is Chinese and Korean gold farmers.  I always figured it was just American Bullshit spouting off, blaming the Chinese farmer, as we to have a tendancy to look down on non-American cultures and place a stereotype blame across the board for no good reason.  Now I discover there actually is something to it.


Here is my latest phishing in my inbox:

When Cataclysm launches,what do you plan on doing first‏

This is Blizzard Entertainment apology, we acknowledge a mistake, for you to lose the World of Warcraft account in order 
to recover our losses, we will give you 10000 gold coins free of charge and rare mounts a (celestial steed), I hope you can 
restart the game. 
Login website authentication, 48 hours you will receive compensation
{removed Bogus phishing address from here] 
Description: test account and permanently disabled can not compensation This is Blizzard Entertainment's apology, we 
acknowledge a mistake, for you to lose the World of Warcraft account in order to recover our losses, we will give you 10000 
gold coins free of charge and rare mounts a (celestial steed), I hope you can restart 
the game. Login website authentication, 48 hours you will receive compensation
Description: test account and permanently disabled can not compensation


All I can say is that none of this even makes sense!  Its horribly written, unprofessional, and makes me cringe when I read it.  So then I strip the header and find the origionating address, which I pour into my WHOIS and find this:

The following results may also be obtained via:

NetRange: -
NetName:        APNIC3
NetHandle:      NET-61-0-0-0-1
NetType:        Allocated to APNIC
NameServer:     TINNIE.ARIN.NET
NameServer:     NS4.APNIC.NET
NameServer:     NS3.APNIC.NET
NameServer:     NS1.APNIC.NET
NameServer:     NS2.LACNIC.NET
Comment:        This IP address range is not registered in the ARIN database.
Comment:        For details, refer to the APNIC Whois Database via
Comment:        WHOIS.APNIC.NET or
Comment:        ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment:        for the Asia Pacific region. APNIC does not operate networks
Comment:        using this IP address range and is not able to investigate
Comment:        spam or abuse reports relating to these addresses. For more
Comment:        help, refer to
RegDate:        1997-04-25
Updated:        2010-07-30

OrgName:        Asia Pacific Network Information Centre
OrgId:          APNIC
Address:        PO Box 2131
City:           Milton
StateProv:      QLD
PostalCode:     4064
Country:        AU
Updated:        2004-03-01

ReferralServer: whois://

This leads me to a server in Australia, and further investigation shows the actual phishing website, while hosted in Australia, is bought and paid for by a company in China, and accessed from as such remotely.  The hosting site seems to be popular as it is easy, no human intervention setup for any domain you want pretty darn instantly.

So now my rant: FOR THOSE OF YOU WHO THINK GOLD BUYING IS HARMLESS, I sincerely hope you get hacked and ripped off.  These gold sellers will stop at nothing to obtain virtual gold and the only reason they exist is because people actually BUY the stuff.  In games where there is no gold seller activity, you will also notice there are hardly any paying players, and those that are there dont buy gold.


Do the frikkin math folks, if you cheat at a MMO by buying gold, you have no right to ever complain about the state of the game from then on.  Your only contributing to theft.