Possible authenticator hack

[Ravenstalons]

http://worldofraids.com/ and http://forums.wow-europe.com/thread.html?topicId=12730404058&sid=1

Jist of the article: Look for the emcor.dll file in /users/<username>/appdata/Temp.
Run antivirus look for it as well and remove it.

Some are speculating that the program is trying to get you to deactivate your authenticator by telling you your code is invalid even tho you can verify you're inputting the right one, and others claim that they may have found a way to actually crack your authenticator or give you the invalid entry message that they can use it for themselves since it has not been used yet.

Blizzard could make it more difficult if they wanted but eh.

[Ghoulie]

These things don't really prevent someone from stealing your account just make it harder. People still need to watch their shit, all this does is add a 3rd step and create a small window to steal an account. I dont have one myself and I have no clue what the window, whatever  the time between the code change. So if you have a keylogger and the code changes every 60 secs an attacker has keychange - enteredcode to steal the account.