Shamelessly copied from Something Awful regarding Blizzard authenticators:
In order to steal the credentials of someone using an authenticator, you have to log in on his/her behalf in real time. Basically, the attack works like this: victim acquires malware somehow, victim logs into WoW, malware steals username/password/authenticator key (possibly based on some signal from an attacker-controlled server), malware disconnects victim and probably locks him/her out for 30 minutes or so, malware immediately sends information to attacker-controlled server, attacker logs in immediately as victim before the authenticator key expires, attacker strips gold from account before victim gets too suspicious. Alternate version: after malware disconnects victim, you hope the victim tries to log in again with the next key, you use those two keys to remove the authenticator, and you hope the victim doesn’t notice for awhile. Both of these are way harder to pull off than the garden-variety malware, because they imply that the attacker can log in as the victim immediately, that the malware can screw with traffic between the machine and Blizzard, and that the attacker can mule the gold somewhere quickly.
If you are connecting to the Internet through a firewalled router, are you more protected from this? Or am I reading this wrong?
I’m mostly curious and I want to test my knowledge, so thanks in advance.