By Elinor Mills, 28 August 2008 08:59
NEWS
Virtual worlds are playgrounds not just for people who want some online fantasy role-playing but for cyber criminals who are looking for places to launder money and steal data, according to security firm McAfee.
The in-game economies of virtual worlds are being hijacked by criminals who attempt to hide their profits through the exchange of virtual currencies, Dr Igor Muttik, a senior architect at McAfee's Avert Labs says in a white paper entitled Securing Virtual Worlds Against Real Attacks - The Challenges of Online Game Development.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
The paper says: "Typically, when a gaming account is compromised, attackers will convert the objects they steal into virtual currency - and then convert the virtual currency into real money." Scammers also are increasingly attracted to virtual worlds, where they have numerous ways of trying to steal private data for fraud. For instance, sloppy scripting in some online games allows viruses to auto-execute and propagate. There are also phishing attempts and messaging spam luring members to malicious sites for "free" games.
Also increasing in number and frequency are data-stealing Trojans that use keystroke loggers and other software to record IDs and passwords, mouse movements and even screenshots, the report says.
Other threats exist in the virtual worlds also. A virtual illness wiped out entire servers of users in World of Warcraft in 2005 when a design flaw allowed the disease to spread throughout low level players. Meanwhile, user-created code caused a virtual terrorist attack in Second Life, according to the report.
Because virtual worlds appeal to the underground, there's also the possibility they could serve as honey pots to attract criminals and terrorists and provide counter-terrorists a glimpse into terrorist activities.
Comments
There are 2 comments. Join the discussion
1. Rob
Should change the title to White Paper on the bleedin obvious.
2. anonymous
I thought it was the 1st April.
We all seem to be looking over our shoulder for crime everywhere. Yes there is crime but in comparison the normal life how prevalent is it?
We should all be vigilant and keep doors locked when we are not around but should we live our lives worrying about someone doing us a disservice?
Perhaps we should get on with living?
Can the world survive the onslaught of crime?
Of course it can but just dont look in that cupboard there ...