By Andrew Brandt and Curtis Fechner
It’s appropriate that this year’s Blizzcon, the two-day celebration of all things World of Warcraft, takes place during National Cyber Security Awareness Month. No other game is as heavily targeted by thieves as WoW, so we thought this would be as good a time as any to run down some of the malware threats that face gamers. 2010 has been a big year for Trojans that steal game passwords or license keys.
The people who create malware targeting online games show no signs of relenting, nor are they laying down on the job. Innovation is the name of the game, and password-stealers this year innovated their infection techniques to make them more effective and even harder to detect.
Two-factor authentication tokens, such as the Blizzard Authenticator, do a great job of preventing fraud. If you play WoW, the seven or so bucks the Authenticator costs can prevent a lot of headaches if your account becomes compromised by either a Trojan or a phishing Web site. The Authenticator displays a series of numbers that change about once a minute, and a gamer needs to enter these numbers along with a username and password to play the game.
However, while gamers who play Blizzard’s games might find themselves at reduced risk of phishing thanks to the Authenticator, other companies that operate the kinds of massively-multiplayer games most targeted by phishing pages and malware are also targets for theft, and don’t yet offer an equivalent method of securing login credentials.