<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/platform.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d24605170\x26blogName\x3dWhat\x27s+New\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttps://newsko.blogspot.com/search\x26blogLocale\x3den_US\x26v\x3d2\x26homepageUrl\x3dhttp://newsko.blogspot.com/\x26vt\x3d-5077661798594369790', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe", messageHandlersFilter: gapi.iframes.CROSS_ORIGIN_IFRAMES_FILTER, messageHandlers: { 'blogger-ping': function() {} } }); } }); </script>
   What's New[definition].  
 
    
Google
Google Web
« Home

Posts

Bot herder pleads guilty to hospital hack
Ethics, Hacking, and Religion
A True eBay Crime Story
Storm-watching satellite heads into orbit
Hi-tech bid for joggers to reboot
The death of Wikipedia
Microsoft Says New Windows Is on Schedule
A car that slows you down
Imagining a day without Microsoft
Backing Up Messages In Outlook Express
 
     Archives
March 2006
April 2006
May 2006
June 2006
July 2006
 
     Links




Word of the Day

Article of the Day

This Day in History

In the News

Quotation of the Day

Trojan targets World of Warcraft gamers

According to Symantec, a new trojan called "Infostealer.Wowcraft" is making the rounds. Unlike many malicious programs, however, it makes no attempt to steal your credit card information. Instead, it goes after something much more personal—your World of Warcraft account.

The trojan, which is a modified version of a similar piece of nastyware that had already been detected in the wild, installs itself in the startup portion of the registry, disables any running anti-virus software it can find, and launches a keylogger process when it finds any windows labeled "wow.exe," "Launcher.exe," "signup.worldofwarcraft.com," or "www.wowchina.com," the latter being Blizzard's official Chinese web site.

Once the trojan has nabbed the unsuspecting user's World of Warcraft account information, it e-mails the name and password back to an address used by the author. Once the thief has this information, he can log on to the stolen account and use it with impunity, as the game does not check for a specific CD key or even geographic location when the user logs in.

What would be the purpose of such an action? Two words: gold farming. Blizzard has been fairly stringent about banning accounts that are suspected of being used simply for collecting in-game gold and selling it (for real money) to impatient gamers. This merely takes the idea to a new level, where "account farms" generate long lists of stolen accounts for the gold farmers, who don't need to worry if those accounts get banned because they can just pick up a new one.

The trojan is not the first one of its type. The W32.HLLW.Gotorm worm, first discovered in 2003, attempted to steal online game account information and CD keys for popular games, including Half Life, Warcraft III, Counterstrike, Starcraft, and Diablo 2, and then spread them over the Kazaa network.

The good news is that the Wowcraft trojan is currently exceedingly rare in the wild. According to Symantec, it exists as a payload on two or fewer web sites, and less than fifty total infections are known at this time. Because the trojan has no self-replicating properties, it will not spread even from "infected" machines, and this severely limits its chances for propagation. Nevertheless, it remains a good idea to make sure that you keep your operating system fully patched, and always make sure that you scan any suspicious downloaded files. After all, when you've spent that long getting your Mage to level 60, it would be a shame to lose the account to a gold farmer.

Trojan targets World of Warcraft gamers - Wednesday, May 24, 2006 -

Post a Comment

Enter your email address:

Delivered by FeedBurner



 


Linux Tips and Tricks - Mox Diamond - Arcane Denial - Sylvan Library
Linux Tips and Stuff - ba-zoo-ra - iBUG teks/

© 2006 What's New