"History is a wonderful thing, if only it was true"
-Tolstoy

Wednesday, May 03, 2006

WoW gets "real"

My position as a skeptic gets weaker all the time.
InfoWeek on Trojans in Worlds of Warcraft and theft off virtual goods:

" Trojan Snags World Of Warcraft Passwords To Cash Out Accounts

Attackers hope to take over users' accounts, then make money by selling the players' in-game goods, such as weapons.




A new password-stealing Trojan targeting players of the popular online game "World of Warcraft" hopes to make money off secondary sales of gamer goods, a security company warned Tuesday.

MicroWorld, an Indian-based anti-virus and security software maker with offices in the U.S., Germany, and Malaysia, said that the PWS.Win32.WOW.x Trojan horse was spreading fast, and attacking World of Warcraft players.

If the attacker managed to hijack a password, he could transfer in-game goods -- personal items, including weapons -- that the player had accumulated to his own account, then later sell them for real-world cash on "gray market" Web sites. Unlike some rival multiplayer online games, Warcraft's publisher, Blizzard Entertainment, bans the practice of trading virtual items for real cash.

"Win32.WOW is a clear indication that malware writers are targeting anything that involves money," said MicroWorld chief executive Govind Rammurthy in a statement. "Bucks may be smaller compared to a Trojan that steals bank accounts or credit card numbers...[but] cyber criminals are not complaining as long as the target is soft and numbers are high."

The Trojan spreads via traditional vectors, such as e-mail and peer-to-peer file sharing, added Rammurthy, but it has also been watched while it installs in a drive-by download from gaming sites' pop-up ads. The surreptitious installation is accomplished by exploiting various vulnerabilities in Microsoft's Internet Explorer Web browser.

Identity thieves have aimed at Warcraft previously. Just over a year ago, players were warned about a campaign that collected passwords from a bogus log-in site."


No comments: