A new way for spreading malware - online game item trade
By Bryan on October 11, 2011 | Malware, item trade, in-game item trade, infected, malware, TrojanDropper:Win32/Fedripto.A,
A new way of spreading malware has hit the gaming world. It seems that in-game item trading may cause the players a lot of problems.
With the introduction of Massively Multiplayer Online Role-Playing Games (MMORPG) like World of Warcraft (2004) a new gaming era has begun. This is the era of games which have no ending. And this caused a new phenomenon virtual economy. Players started buying and selling their accounts with high level characters, in-game items and everything what was possible to make profit of. But now creators of malware have found a hole which they can use to hack into players' computers and steal personal data.
The system is very simple. When trading in-game items the buyer wants to see whether the seller really has the needed item. Therefore, before making a purchase the buyer asks to send him a screenshot where the particular item is shown in sellers account(as seen above). That is where the malware may be hiding hiding. The seller may send a simple image of the item but with a hidden executable file, usually identified as TrojanDropper:Win32/Fedripto.A. It can start a lot of malware components including backdoor type of malware which allows the criminal to remotely connect to the buyer's computer and take any information he needs.
Sometimes, all you need to do is click an infected ad in a trusted site and you can get infected. Even more, there have been reported accidents where a whole network of an organization was infected with malware. This happened when an employee was browsing sites to find items to trade and clicked an infected ad which then corrupted the whole network. One of those ads was found on Allakzaham – a popular site which was used by the World of Warcraft players where they used to trade their valuable in-game items.
Gaming can be fun. But remember to always check files that unknown people send you. Also, to safe yourself from horrible talks with IT administrator and the boss of your company be sure to know which sites are save visit.
More Malware news
Danger! Facebook private messages and Instant Messengers are infected by worm
According to TrendLabs, infected messages are spreading on Facebook which contain a malicious link pointing to an archive file “May09-Picture18.JPG_www.facebook.com.zip”. Zipped archive itself has a file titled “May09-Picture18.JPG_www.facebook.com” and uses the extension “.com”. Malware within is able to terminate services and processes related to AV which quickly shuts down AV from detection or removal of the worm. This detected malware is named WORM_STECKCT.EVL. Read more.- Wikipedia warns: Ads on Wikipedia page informs about malware within your PC
- Beware of fake Instragram app
- New tricky anti-virus intimidates file-sharers
- Android may have bootkit threats
- Attention! Google malware is circulating online
- Rogue YouTube site targets Syrian activists and brings malware
- ZBot Trojan makes its notice again!
- Mac security news: Flashback Trojan is back
- Be careful! Malware group spreads quickly
- Attention! Keylogger comes via rogue Facebook message
