Online criminals are targeting gamers with viruses written to steal virtual assets that can be sold to other players, a security firm said Tuesday.
In a “new malware dynamic,” cyber-crooks are going after login details needed to install and access online games, Panda Software said. Trojans sent through email and chat room are the most common forms of malware used in the thefts.
Online gaming is a growing multi-billion-dollar business worldwide that offers lots of opportunities for cyber-crooks. Gamers are willing to pay for virtual assets, such as weapons and powers, in order to reach high levels in a game and increase their reputations.
In the last six months, Panda has seen three trojans targeting online games, an indication that malware authors have recognized the willingness of players, most in their teens and early 20s, to pay for assets that can help them win, Patrick Hinojosa, chief technology officer for Panda Software in the United States, said.
In the past, cyber-crooks have entered the games in order to trick players into giving up their user names and passwords.
“Apparently, they want to do it easier and faster by going directly to the machine,” Hinojosa said. “It’s also safer than using an online identity that can be traced.”
Examples of recent game-targeting trojans include Lineage, which steals login details and allows another player to steal virtual money to buy weapons, privileges or abilities; Legmir, which steals the passwords of “Legend of Mir” players; and Trj/WoW, which targets “World of Warcraft” players.
To avoid become victims, gamers should use only legal software from third parties, and be wary of files sent via email or chat rooms, said Panda Software, which is based in Spain, but has U.S. offices in Glendale, Calif.