Online games targeted by cyber-crooks

Cyber-crooks are increasingly resorting to the theft and sale of data relating to the most popular online games

The new malware dynamic, which has seen a shift toward financial returns as the principal drive for malware creators, is increasingly targeting online games. Specifically, cyber-crooks are now after the login details for installing and accessing online games. Similarly, these criminals are trying to rob players of the ëvirtual assetsí obtained in the games, such as virtual money that can be used in the game to buy weapons, powers, etc. Given the effort required by players to obtain these items, there are many people prepared to pay for them as an easy way of reaching higher levels and increasing their reputation. In this way, the virtual economy of the game translates into real profits for the cyber-crook.

With the increasing number of games available online, there is a corresponding increase in the options for those willing to exploit this lucrative by-product of online games. There is now the risk that a whole new business model could be operated by cyber-mafias, stealing virtual assets, of apparently no real value, and selling them for real money to the highest bidder.

The malware that most frequently affects games are Trojans. The Lineage virus steals the login details of a player, allowing another player to relieve him of the virtual money used to buy weapons, privileges or abilities within the game. The different variations of the Legmir virus target players of ìLegend of Mirî, stealing their passwords. Gaobot and its variants, although more widely known for their bot characteristics, also try to get in on the act, stealing the Cd-Keys of several games, and spreading to new potential victims. Similarly, they open a backdoor on infected computers making them vulnerable to future attack. Users of ìWorld of Warcraftî could be affected by Trj/WoW.

According to Luis Corrons, director of PandaLabs: ìThe new financial motivation for malware creators and the professionalisation of malware has led us to believe that the sacking of these virtual assets offers potential returns for cyber-crooks that cannot be ignored.î

In addition, it is important to consider the damage that this type of malware represents for developers of games, allowing unauthorised users to play freely using stolen login details or CD Keys. Moreover, if companies block access to the key to prevent the fraud, legitimate users will also be blocked with the consequent confusion and annoyance, and generating a negative impression of the company.

One sound piece of advice for players who don’t want their details or virtual assets stolen is to ensure that they use legal software, which has the guarantee of being genuine and untampered with by third parties. It is also advisable to be wary of files sent over e-mail or chat sessions, especially those accompanied by messages promising some kind of benefit or profit. In particular, users are well advised not to open any attachments unless they are completely sure they have come from a trusted source. Another key to preventing infection and the spread of this type of malicious software is the use of an integrated security solution with preventive technologies, such as Platinum 2006 Internet Security. Being aware of the way these threats spread and also of safe practices will help reduce possible incidents to a minimum.