recently a few guildies and other people on my server in WoW, have gotten keylogger hacked from mods on this site. we dont know which ones for certain, but the only mods they use came from here. so make sure all your virus and spyware scanners are up to date.

  Justo (Khaz Modan)

You do realize that is like saying "My brother's friend's sister used X site and got hacked". We have a very thorough screening process, a permanently auto-updating virus scanner and 24 hour staff checking uploads. Unless you can point to an exact file coming from us I have sincere doubts that it came from us.

I should point out that you can get keyloggers by many other means than installing addons such as:

Not keeping your browser up to date with latest version and security fixes (Internet Explorer is HUGE on this problem) thus allowing websites with injected malicious code to install keyloggers on your machine just by reading their webpages.

  Justo (Khaz Modan)

Personally I have never had a problem with keyloggers or hacks and have been using Curse for a very long time. I recommend for yourself and others that you create a notepad file on your desktop. In this notepad you type your password for wow. When you start the game, you simply Ctrl C the pw and when in the login screen for wow use Ctrl V to paste your pw in the box. Simple yet effective!

yep never had a problem with curse, they do a great job :)).

and thats how i do it as well password is notepaded, of course you could allways buy a finger print keyboard system, microsoft have a few types out now and they cost nothing, keyloggers can be picked up from anywhere ;(

People need to stop blaming Curse for their human errors. The only way to get a keylogger is to click an executable that will actually start a software process. Mod themselves can NEVER be keyloggers. Lua code is not capable nor is it capable of reporting the info back to another source. Keyloggers can come from a Curse hosted mod if the mod was zipped up with an exe file in it.

you simply need to be smarter about what you download. If you see it's not a standard addon but one that contains an exe, walk away from it.

I agree with all the above people , i for once download way to many addons and i've been doing that ever since curse existed , i have still not gotten hacked because i basicly don't run exe or any non addon files

if your friend had done the same you wouldn't be having this problem , as Vampyrate said : People need to stop blaiming curse for their human errors .

We also have to remember that Curse is an "Official Blizzard Fansite" now which means that our security protocal is top notch and well within Blizzards minimum guidelines. Every possible method to prevent malicious software from getting/remaining on the site has been made, now it is up to the users to make sure they pay attention to what they are downloading and report anything malicious that you may come across.

Remember, there is no such thing as an .exe WoW AddOn.

-I don't quite understand how addons could have keyloggers anyway. Mods are
just scripts that run in WoW and are not loaded while typing in your password.
The only way I could see this happening is some kind of buffer overflow exploit
though I'm sure Blizzard would find that easily and patch the game. This seems
similar to the people warning not to cuss out gold spammers cause they will
"hack your account like they did my friends." I'm sure the fact that he gave his
account info to 80 people had nothing to do with it. The only way they could
hack your account would either be hack Blizzard, which won't happen soon,
or brute force crack the password which would take like a year and would get
your IP banned from the login server. I'll bet 50g these people had given their
account info to each other and one person had a keylogger.

-As for the notepad trick I seriously doubt that would work. If the
programmer is good enough to use a buffer overflow, I'm sure his code monitors
what you type out of WoW as well. Or he could just capture the info from the
text boxes themselves. The little stars that hide your password don't hide the
password from the computer, just the user. There's a ton of programs to show
passwords that have been replaced by stars.

-Don't listen to rumors about what hackers can do. They don't put on their
virtual reality helmets and shoot models of your firewall then drop a bomb of viruses
in your computer.

I have to agree. I have never had a problem with any AddOn I got from Curse....unless it was human error on my part.

Also.... Just because you can find an AddOn here doesn't mean that Curse is the only place to get it from.