Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Games

Major Spike in Security Threats To Online Games 48

Posted by Soulskill from the i-blame-world-of-warcraft dept.
Gamasutra reports on data from security software firm ESET, which shows a major increase in the number of gaming-related security threats over the last year. They attribute the rise in attacks to the amount of money involved in the games industry these days. ESET's full report (PDF) is also available. "[ESET's research director, Jeff Debrosse] explains: 'It's a two-phase attack. If someone's account was compromised, then someone else can actually [using their avatar] during a chat session, or through in-game communication... they could leverage that people trust this person and point them at various URLs, and those URLs will either have drive-by malware or a specific [malware] executable. What ends up happening is that folks may end up downloading and using it. This is just one methodology.' These attackers also target gamers in external community sites, says Debrosse, through 'banners on websites or URLs in chat rooms or forums' — which can lead to unsafe URLs. 'If [users] don't have adequate protection, they could very well be downloading malware without their knowledge.'"
This discussion has been archived. No new comments can be posted.

Major Spike in Security Threats To Online Games More

Major Spike in Security Threats To Online Games

Comments Filter:

  • Re:Considering the Rush Job... (Score:2, Interesting)

    by Drumforyourlife ( 1421647 ) on Friday February 06, 2009 @11:22PM (#26761309)
    This isn't a problem with the games themselves, just the users who are playing the games. There have to be very strict punishments for people who are caught abusing the trust of the community. Good rule of thumb: If it's not in the game, don't click it. This applies to clan sites, FAQ's, Walkthroughs, all of it. Just don't do it unless you can be certain that it's a reputable site you're going to.

  • Re:Considering the Rush Job... (Score:3, Interesting)

    by Ambiguous Puzuma ( 1134017 ) on Saturday February 07, 2009 @12:12AM (#26761579)

    Step 1: Steal (or scam or otherwise obtain) login info for one character.
    Step 2: Log in as that character.
    Step 3: Find another player that appears to have a pre-existing relationship with the account owner.
    Step 4: Convince that player that a family member suddenly died, and that he can't afford the bus/plane ticket to be able to attend the funeral.
    Step 5: Profit (via Western Union).

    Unfortunately this actually happened to someone I know. She was out $300 as a result of this scam. Normally she wouldn't fall for something like this, but the compromised account happened to belong to someone she had known for several years.

    Note that this doesn't require a game bug or other vulnerability--it can be accomplished entirely through social engineering.

  • Re:Considering the Rush Job... (Score:3, Interesting)

    by Opportunist ( 166417 ) on Saturday February 07, 2009 @07:51AM (#26763047)

    And this is where you can easily put a stop on the problem: Ask for a phone number. If you have known someone for years, it is likely that you know where they live, or at least that you have a more or less good idea from the things you two discussed. When your friend refuses to give you their phone no when they want money from you, I guess it can't be so dire. And when they give you a phone number in Malaysia or Whateverstan, you can pretty much assume as well that this isn't the friend you're looking for.

Slashdot Top Deals

The moon is made of green cheese. -- John Heywood

Close