Trojan Snags World Of Warcraft Passwords To Cash Out Accounts
Attackers hope to take over users' accounts, then make money by selling the players' in-game goods, such as weapons.
A new password-stealing Trojan targeting players of the popular online game "World of Warcraft" hopes to make money off secondary sales of gamer goods, a security company warned Tuesday.
MicroWorld, an Indian-based anti-virus and security software maker with offices in the U.S., Germany, and Malaysia, said that the PWS.Win32.WOW.x Trojan horse was spreading fast, and attacking World of Warcraft players.
- Leveraging The Cloud For Business Resilience
- How crowdsourced testing has changed the game for innovative software companies
If the attacker managed to hijack a password, he could transfer in-game goods -- personal items, including weapons -- that the player had accumulated to his own account, then later sell them for real-world cash on "gray market" Web sites. Unlike some rival multiplayer online games, Warcraft's publisher, Blizzard Entertainment, bans the practice of trading virtual items for real cash.
"Win32.WOW is a clear indication that malware writers are targeting anything that involves money," said MicroWorld chief executive Govind Rammurthy in a statement. "Bucks may be smaller compared to a Trojan that steals bank accounts or credit card numbers...[but] cyber criminals are not complaining as long as the target is soft and numbers are high."
The Trojan spreads via traditional vectors, such as e-mail and peer-to-peer file sharing, added Rammurthy, but it has also been watched while it installs in a drive-by download from gaming sites' pop-up ads. The surreptitious installation is accomplished by exploiting various vulnerabilities in Microsoft's Internet Explorer Web browser.
Identity thieves have aimed at Warcraft previously. Just over a year ago, players were warned about a campaign that collected passwords from a bogus log-in site.