If you are running WoW on Windows, and use an Authenticator (as you should!), make sure you have up-to-date AV software, and check your system for ‘emcor.dll’.
Apparently this keylogger watches for you to log in to WoW or the World of Warcraft website, and rather than passing your credentials to Blizzard, instead passes them to a third party. They then log in to your account within the 30 seconds the Authenticator code is valid, and commence the usual account strippage.
Quote from Blizzard’s Kropacius:
“After looking into this, it has been escalated, but it is a Man in the Middle attack.
http://en.wikipedia.org/wiki/Man-in-the-middle_attack
This is still perpetrated by key loggers, and no method is always 100% secure.”
For now, Mac users are unaffected. From WoW.com’s article:
“This is a PC only attack, at the moment. Mac users are immune to this particular virus, however they are not immune in general. Mac users must practice the same security methods as PC users.”
Always good advice to follow basic safe-browsing procedures, no matter what platform you’re on. Strong passwords, ad/script blocking software, a good hardware firewall, and common sense are your best defense against all these sorts of threats.