Rogues Attack World of Warcraft: You Are Entering Combat

Share: Email Story Twitter Facebook Stumbleupon Add to Any
by Jordan Yerman | April 10, 2007 at 09:13 am
947 views | 0 Recommendations | 0 comments

Windows Warcrafters beware: hackers are looking to pwn you! These guys are evidently pros, having compromised The Dolphins Stadium website in an earlier attack.


For months, hackers--most likely in China and Russia, according to security watchers--have been surreptitiously installing keylogging software on WoW players' Windows computers, hijacking their accounts and selling off their often valuable in-game assets.

And the problem doesn't show any signs of going away.

The gangs perpetrating the hacking are "incredibly active, and it's a good exploit," said Roger Thompson, CTO of security software developer Exploit Prevention Labs. "It's probably a conservative estimate to say that there's tens of thousands of victims."

The exploit works when unsuspecting WoW players visit any number of Web sites infected by the hackers with keylogging software. When the players visit the sites--which are often unrelated to WoW, but that players frequent, Thompson said--the software is quietly installed on their computers, allowing the hackers to spy on keystrokes and steal players' WoW passwords.

Source: news.com.com

UPDATE:

[q
url="http://www.theregister.co.uk/2007/04/10/wow_hijackings/"]According
to an advisory by McAfee, some ANI exploits are being carried out by
the same malicious hackers who commandeered the Miami Dolphins football
stadium just in time for the Superbowl. The Trojan unleashed in that
attack sat dormant on compromised machines until users opened the WoW
client, at which point a keylogger captured login credentials,
according to the BBC.

The booty can bring in good money on the black market. According to
Symantec, WoW account logins are worth about $10, more than the going
rate of $6 for verification details on credit cards.

WoW attacks work when users visit hacked websites that exploit
Windows machines that have not been updated to fix the ANI flaw or
other vulnerabilities. The sites, many of which are related to the
popular online game, silently install keyloggers. Once an account is
hijacked, the attackers collect the user's points and assets and then
sell them. Reports of such attacks date back to at least May of
2006.[/q]

 

Advertisement
Share: email story | add to any | | facebook | stumbleupon

Most RecentMost Recommended Comments (0)

recommend Sign In or Join to post comments
in , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

closeSign in to NowPublic

Not a member?

JoinIt's free!

is reporting from
Member
NP Rank: