Blizzard has identified malware that's been targeting World of Warcraft users recently which was able to steal account info and the authenticator password. The trojan is a fake version the Curse Client, the add-on management program for the game. Users have been coming across this on a fake version of the Curse website as they search for "curse client" on major search engines.
The Battle.net support site suggests those affected to remove the trojan by deleting the fake Curse Client and running scans from an updated Malwarebytes. Most security programs should be able to identify the threat now, and those compromised can get in touch with Blizzard.