CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 24th, 2009

Increasing Number Of Warcraft Players Attacked By Password Stealing Malware

Out to steal online gold and other assets worth real money, scammers are stepping up attacks on World of Warcraft players, according to security researchers.

A researcher from anti-virus firm Webroot has explained how official forums offered by WoW creator Blizzard are being used to spread links that lead to malware, which steals passwords and other game credentials. The scam employs the common technique of telling visitors that their Adobe Flash player needs to be updated and then offering a malicious trojan instead of the real installation file.

Elsewhere, phishers are churning out emails that purport to be official communications from Blizzard, according to researchers from security provider Sophos. The emails claim the game maker is launching a new service and invites them to click on a link for a free sneak peak. The resulting website, in turn, phishes user credentials.

The attack outbreaks come a few weeks after Blizzard issued an update for Warcraft III that fixed a gaping hole, which could lead to the complete hijacking of machines running the real-time strategy game. According to Webroot researcher Andrew Brandt, it was exploited simply by getting vulnerable victims to join a custom game hosted with booby-trapped maps.

Attackers targeted the vulnerability in a game called DotA, or Defense of the Ancients, by creating fake maps that used the same file configurations as legitimate custom maps.

“What makes this exploit particularly nasty is the fact that your PC gets infected the moment you join a game where the infected DotA map is in use,” Brandt wrote. “Once downloaded, the game automatically unpacks the infected map and executes the malicious code.”

In April, Blizzard took the drastic step of advising players steer clear of all custom games until a patch could be released. With the hole plugged, attackers are falling back on other ways of preying on players.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Login And Password Stealing Trojan Masquerades As Firefox Plug-in
  • Increasing Number Of Websites Infected With Troj/Unif-B
  • Password-Stealing Trojan Spreads Through Latest Windows Zero-Day Vulnerability
  • Popular Facebook Game Caught Serving Malvertisements
  • Ubisoft Servers Hit By DDoS Attack Over The Weekend

    • Posted in Cybercrime, Data Theft, Malware, Scams, Software | Print This Post Print This Post

    This entry was posted on Monday, August 24th, 2009 at 11:08 am and is filed under Cybercrime, Data Theft, Malware, Scams, Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Increasing Number Of Warcraft Players Attacked By Password Stealing Malware

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »