Software // Enterprise Applications
04:12 PM

Gamers Under Fire: Chinese Charge Alleged Fujacks Authors

The majority of malware written in China focuses on stealing gamers' user names and passwords for a growing underground ready to shell out cash to appear to be better players.

With four hackers being charged in China for creating and spreading the Fujacks worm, researchers say it shines a light on the growing number of cybercriminals going after the gaming community.

Li Jun, Wang Lei, Zhang Shun, and Lei Lei reportedly are facing charges in a people's court in Hubei Province in connection with the creation and distribution of the Fujacks worm, according to Sophos. Li Jun, 25, allegedly confessed to writing the worm and selling it to a dozen clients for $12,500 U.S.

Under Chinese law, the men could face five years or more in prison if convicted of writing and spreading the malicious software, Sophos researchers noted.

The worm, which also is known as Whboy, grabbed a lot of attention early this year with its tactic of converting icons of infected programs into a picture of a panda burning joss sticks as it steals user names and passwords from online game players. Joss sticks, according to Wikipedia, are incense sticks usually burned before a Chinese religious symbol or shrine.

Graham Cluley, senior technology consultant for Sophos, said in an interview that Chinese authorities rated the Fujacks worm a five-star risk, the country's highest security rating for malware. He added that the malicious code was embedded in about 3,500 Web sites, infecting visitors' machines.

Malware authors in China are increasingly writing code that will steal gamers' user names and passwords. Half of the world's 8 million online gamers come from China, according to Symantec's Internet Security Threat Report. With that much gaming activity going on, it's creating not just a target for hackers looking for a little fun, it's also creating a market for people to buy the identities of successful gamers.

Hackers specifically are going after the identities of people who are high scorers in games like World of Warcraft and Lineage. However, Cluley also points out that any gamer's user name and password is potentially valuable because about 40% of people use the same ones for everything from online games to their online bank accounts, PayPal accounts, and corporate logons.

"They'll steal your password and then they'll steal your personal goods or even apply for a loan in your name," said Cluley. "If they have that password, they might be able to sell it to other less-skilled gamers who want to appear to be better players, or they may very well have your banking password or your PayPal information."

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of August 21, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.