CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 3rd, 2010

World Of Warcraft Gamers Hit By Man-In-The-Middle Attacks

World of Warcraft users won’t be happy to hear that hackers have managed to pull a man-in-the-middle attack on several servers hosted in Europe. This happened even with the extra security barriers added by the use of an external authenticator. The attack is suspected to have came from China or/and Malaysia.

The attack basically happened like this: while a regular user accessed a WoW-themed infected site on the web, they installed a trojan, named Malware.NSPack, thinking that they were installing a game add-on. That trojan would then go to install suspicious files on the user’s computer (emcor.dll copied to ../users/username/appdata/Temp) and log all key strokes, sending back data related to WoW authentication credentials.

The data acquired was then employed by attackers to circumvent WoW’s login system and empty the user’s account of all of their in-game (“fake”) money. Subsequently, those sums can be transferred to other accounts, which then can be put up for sale and turn real profit for the hackers.

The keylogger trojans that infected the users were hosted on Chinese-based websites, were graphically cloned after the WoWMatrix website and advertised using Google AdWords service. The spoofed data was relayed using a server hosted in Malaysia. Websites reported by users as being attack sources are cursea.com, deadlybossmodss.com, gamesacca.com and wowmatrixf.com. The sites were taken down, along with the Google AdWords banner.

WoW tech admins were quick to reply and investigate, offering this answer within 24 hours of the first report, “After looking into this, it has been escalated, but it is a Man in the Middle attack. This is still perpetrated by key loggers, and no method is always 100% secure,“ trying to excuse the authenticator’s failure in supplying full protection.

The attacks themselves don’t differ very much from other man-in-the-middle hacks on banking sites, the only difference being that this latest target wasn’t harboring real money like banks do, but fake in-game gold.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Gamers Accounts Hacked In Sony Playstation Store
  • GTA IV Gamers Are Targeted By Spyware Spam
  • Insecure Online Updates Toolkit For DNS Cache Poisoning Exploited In The Wild
  • Increasing Number Of Warcraft Players Attacked By Password Stealing Malware
  • Visa Announced Payment Cards With PIN Generator To Fight Online Fraud

    • Posted in Cybercrime, Data Theft, Hacked, Software, Targeted Attacks, Trojans & Worms | Print This Post Print This Post

    This entry was posted on Wednesday, March 3rd, 2010 at 3:38 pm and is filed under Cybercrime, Data Theft, Hacked, Software, Targeted Attacks, Trojans & Worms. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: World Of Warcraft Gamers Hit By Man-In-The-Middle Attacks

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »