If you’re a World of Warcraft player using Windows, beware.
For months, hackers–most likely in China and Russia, according to security watchers–have been surreptitiously installing keylogging software on WoW players’ Windows computers, hijacking their accounts and selling off their often valuable in-game assets.
And the problem doesn’t show any signs of going away.
The gangs perpetrating the hacking are “incredibly active, and it’s a good exploit,” said Roger Thompson, CTO of security software developer Exploit Prevention Labs. “It’s probably a conservative estimate to say that there’s tens of thousands of victims.”
The exploit works when unsuspecting WoW players visit any number of Web sites infected by the hackers with keylogging software. When the players visit the sites–which are often unrelated to WoW, but that players frequent, Thompson said–the software is quietly installed on their computers, allowing the hackers to spy on keystrokes and steal players’ WoW passwords.
While the software could easily be used to hack into players’ accounts in almost any online game, there’s no evidence the victims are anybody but players of WoW.
“It’s only a matter of what they want to do,” Thompson said of the hackers’ choice to attack only WoW accounts. “The guys working out how to do it are WoW players. We’re pretty sure we know who (most of them) are: a couple of Chinese college students, and it turns out they’re interested in WoW.”
Thompson said he suspects that a Russian gang may also be involved.
Many of the victims, no doubt, have experiences similar to that of Dag Friedman, a 37-year-old math teacher from Sacramento, Calif.
Last month, Friedman wrote on the WorldofWar.net–an unofficial WoW community site–that he had recently discovered that one of his WoW accounts had been permanently banned by the game’s publisher, Blizzard Entertainment. According to an e-mail he received, the banning was punishment for “account sharing,” a violation of the game’s terms of service in which players give others their passwords and access to their accounts.
Friedman wrote that he had tried to get Blizzard to explain what happened, but had gotten no initial response. Weeks later, however, he was contacted by Blizzard, which told him it had reinstated his account and restored his lost items.
For more on keylogging, check previous articles here