Game Hacks, Phishing Leveled Up in 2008
Last year brought a spectacular increase in malware designed to trick users out gaming-related information according to ESET's 2008 Global Threat Report.
ESET uses the name Win32/PSW.OnLineGames for a family of Trojans with keylogging and, sometimes, rootkit capabilities, which collect gaming-related information such as login credentials. Once items of value in the games, such as avatars and treasures, are stolen, they are resold in the real world. There have also been phishing attempts along these lines.
Sites like ExtremeTech have also reported a recent upsurge in gaming phishes, with several attempts to collect usernames and passwords for Valve Software's online Steam shop and gaming service.
Why gamers? Why now? Gamasutra quotes Jeff Debrosse, ESET's research director, as saying that "it really comes down to the really simple fact of they're looking for the trail where the most money is amassed... and in this case the money trail really leads to online gaming."
The solutions sound frustratingly similar to those for security problems in other areas: user education, updated security software and strong authentication. But the best defense is the informed user: Users have to recognize malware attacks before they fall victim to them.
A version of this post originally appeared at the PCMag Security Watch blog.