I found this post whilst investigating avenues on how I was comprimised two weeks ago, I believe mine was related to my Gmail account being hacked into by some friendly IP in China, but none the less it's an interesting read, MITM stands for Man In The Middle in case you didn't know:
ITT: Ignorant people who think you can only be hacked by doing something wrong. This accounts for approximately 50% of the posts, all the stupid people saying stupid things like "People are in denial and they clicked links and are too scared to admit it" or "People don't update their antivirus/adblock/whatever and its their own fault". Seriously. Stop giving PC advice if you're this dense.
I work as a network security engineer. Every month, I encounter at least half a dozen compromised upstream routers, siphoning data for MITM attacks. Usually the router itself is compromised and sending it's data via a third party server, or the router is fed false routing tables from a source upstream from itself. Its uncommon that malware is installed directly to the router, as - well, I won't go into it. It doesn't work that way. However, the end effect is that certain data is siphoned off to remote third party. Different targetted packages determine what kind of data the hacker is trying to grab.
In almost all cases, battle.net logins are one of the targetted subsets. They're worth more to goldfarmers than their purchase $ value. This is an upstream attack, that acts independent of your PC completely. The majority is merely siphoning off data, which can be protected against by simply having an authenticator. By the time someone uses that login, the authenticator code will be invalid. Not having an authenticator makes you completely ripe for "pwning" in this scenario, even if YOU have done nothing wrong, and have everything up to date, don't follow links, etc. People who are telling you otherwise are idiots.
Occasionally, there are active hacks going on where they'll take authenticator data and use it to log in directly, but I haven't seen this happening on MITM routing though I have no reason to think it doesn't. Most often, this is when a keylogger has gotten into your computer, as running an active hack on a compromised router leaves the attacker too open to tracing. However, for the keylogger to get on your PC, there are many attack vectors that STILL don't rely on you doing anything wrong. Anyone saying that you must have clicked something or whatever is still an idiot. There are unpatched OS vulnerabilities that allow hackers to attack your PC directly. There are daily new vulnerabilities in most web-browsers, even with ad-block, no-script, or whatever. New malware comes out daily. Anti-virus is reactive - they get the new viruses THEN update their detection. Some common vectors are detected by heuristics, but the fact is, AV is updated AFTER a virus is out and in the wild, not before.
In short, if you've been hacked and you're reasonably smart and know you did nothing wrong - don't fret. These attacks ARE on the increase. Over the last two years I've seen an increase of around 4000% (this is a rough estimation.. 40x) of MITM routing attacks specifically targetting WoW (amongst other targets). If you haven't been hacked and say "I don't need any protection because I'm too smart to be hacked".. you're not. You're an idiot. I pray you're unlucky enough to be playing on a soon-to-be-compromised route.
General advice is always good at reducing your risk in any case:
- Have up-to-date antivirus and keep it updated.
- Dont' follow strange links.
- Type site addresses rather than following them from emails.
- Keep ad-block and no-script up to date.
- Don't download illegitimate software such as keygens, sandboxes, hacked clients, etc. If it's illegal, and been cracked, it's already been in the hands of the "bad guys". Its been a good couple of decade since there were crackers with self-respect. They'll steal your data if they can.
- Use an authenticator.