A new trojan has been discovered that specifically targets players of the MMORPG World of Warcraft. The trojan transfers account passwords and information to another account where items can then be traded and sold on gray market sites for money and in-game gold.
Information Week: MicroWorld, an Indian-based anti-virus and security software maker with offices in the U.S., Germany, and Malaysia, said that the PWS.Win32.WOW.x Trojan horse was spreading fast, and attacking World of Warcraft players.
If the attacker managed to hijack a password, he could transfer in-game goods — personal items, including weapons — that the player had accumulated to his own account, then later sell them for real-world cash on “gray market” Web sites. Unlike some rival multiplayer online games, Warcraft’s publisher, Blizzard Entertainment, bans the practice of trading virtual items for real cash.
“Win32.WOW is a clear indication that malware writers are targeting anything that involves money,” said MicroWorld chief executive Govind Rammurthy in a statement. “Bucks may be smaller compared to a Trojan that steals bank accounts or credit card numbers…[but] cyber criminals are not complaining as long as the target is soft and numbers are high.”
The Trojan spreads via traditional vectors, such as e-mail and peer-to-peer file sharing, added Rammurthy, but it has also been watched while it installs in a drive-by download from gaming sites’ pop-up ads. The surreptitious installation is accomplished by exploiting various vulnerabilities in Microsoft’s Internet Explorer Web browser.