The Trojans are coming for the Horde! And the Alliance, too.
by Matthew Rossi 
Sep 12th 2007 at 11:30PM
The fine folks at World of Raids, as pointed out by tipster Akyl, have linked to this article, which informs us that 20% of all trojan viruses are aimed directly at you, the World of Warcraft player. (Don't feel too bad, as Lineage 2 gets a whopping 40% of all trojans.) That's really rather astonishing, if you think about it... just a quick search of our own site reveals several trojans made mention of on our site alone. Of course, it's not news that crooks will steal things from you, but what's news is that this is a percentage of all trojans, period. In other words, between Lineage 2 and World of Warcraft, we're seeing more than half of all cyber crime committed via trojan viruses.
Forget banks, people. The future of online theft is your character's gear. Gaming accounts are targeted by the second most common malware on the web right now according to a previous article on the PCRetail site. That seems to suggest that this kind of activity, with its uncertain legality (who do you call when someone steals you WoW password and sells all your gear, after all, the cops or Blizzard? After all, technically all your character's stuff still belongs to Blizz, and not you) and as yet uncharted waters of enforcement, is only going to get more and more common. Gaming is described several times as a 'soft target' for this kind of theft.
There's more money to be made stealing people's accounts and selling all their gold to gold buyers than in trying to steal bank account information.
Have you ever downloaded a trojan, or otherwise had your account hacked? How long did it take to get your stuff back? Did you actually get it all back?
Filed under: Analysis / Opinion, Virtual selves, Economy
Reader Comments (Page 1 of 2)
Baluki Sep 12th 2007 11:48PM
Lineage 2? Seriously? Are there really that many people playing it?
Rathepaws Sep 13th 2007 12:23AM
Yes, Baluki - in Asia
slayerboy Sep 13th 2007 1:30AM
Never say never, but......
NEVER! I use Linux!
Rranzok Sep 13th 2007 1:57AM
Yes, I was hacked. The most horrible experience I ever had on WoW...
My main had 132 days played on him at the time (136 now) and I was randomly disconnected on night during a BM run. Well, according to the people I was in Vent with, I logged back in, hearthed to Shattrath and logged out. It took me about an hour to recover my password (always remember your secret answer!), and when I logged in I found my character was on an entire different server! No gear stripped, save 200g, but in another world entirely. I contacted a GM, changed my password, etc.
But the next morning, my password had been changed again, as had my contact info.
Apparently I had a rootkit on my pc, I had to reformat my harddrive, spend a week in limbo with Blizz to regain control of the account, restore the character to the right server, etc.
Was totally hellish. Luckily, everything is normal again. I still don't know where the trojan came from, though...
InsaneAssault Sep 13th 2007 3:06AM
Thats fine by me. I would rather have them hack into my virtual bank account thats worth $14.99 a month rather than my real one.
pokute Sep 13th 2007 3:13AM
It's not quite that there's more money, but the risks of getting caught are low and legal punishments are much less severe.
yotix Sep 13th 2007 4:21AM
So ... gold buyers are not only cheats who break the TOS to gain an unfair advantage ... they also - I'd say knowingly - often buy gold which criminals have stolen from other players.
I'd be in favor of not only banning gold buyers from WoW, but some form of corporal punishment too. Having the skin stripped off the soles of their feet should do.
Beaverius Sep 13th 2007 5:30AM
I was hacked fairly recently and almost lost about 2500g. I was able to get it back within a few hours, thank alune, but after scanning my comp i realized I had a trojan. GUess where I got it.
From "Sharing" a cracked version of war3 on bittorrent. Now before u say anything, I've already paid for my own copy of the game in the past, just didnt' feel like driving to my house 3 hours away to dig up the disks so it's not like i owed them any money in principle for what I downloaded.
My advice is... SCAN YOUR SHIT to make sure you're clean.
tool03 Sep 13th 2007 6:29AM
Oh the joys of having a non-warez comp and a warez comp.
teje Sep 13th 2007 6:46AM
now these are the days where im really happy that im playing on a mac :>
tdf Sep 13th 2007 6:49AM
It's a huge and growing problem. 4 people in my guild alone have had their accounts hacked in the last few weeks, one of which was our MT which has hindered our progress.
I dread to think how much time this is absorbing for Blizzard's support, if every incident requires investigation and communication with the player in question.
I hope Blizzard at least consider adding some existing account security on logins, e.g.:
* Internet banking style dropdown menus where you pick letters from a security word (this stops people getting your login details using key loggers)
* Ability for players to view logins to their account (including failed ones) in the account management area on the WoW site, so you can see if someone is trying to guess your password
For me personally, I'm only ever logging into WoW from home, where I always have the same IP address. It would certainly give me piece of mind if a login to my account was detected from a different IP, it would ask me an additional security question (mother's maiden name or something like that).
Blizzard definitely need to do something.
Makavelli Sep 13th 2007 7:04AM
Here is the article in question: http://www.viruslist.com/en/analysis?pubid=204791963
Nowhere does it say what the proportion of trojans to online games to non-online games is. I think quotes have obviously been misinterpreted:
"Today the most popular MMORPG targets are Lineage 2 (more than 40% of all Trojans for online games target Lineage 2), World of Warcraft (20%)"
That's saying 20% of trojans targetting online games are targetting WoW, not that 20% of all trojans are targetting WoW.
"In 2006, the monthly number of Trojans for Lineage 2 and World of Warcraft rocketed and at year-end accounted for 70% of all malicious programs targeting online games."
Again, this is in relation to online games, not every trojan around.
I'm not denying that trojans targetting WoW (and other games) is a huge problem, but a lot of what's said in the article is incorrect.
Exanimo Sep 13th 2007 7:18AM
Got hacked aswell, my own fault as i didnt have my scanners up to date but i've been paranoid for months.
Almost quit WoW over it, luckily the GMs restored my raidkit so i could at least get back into the game.
As i'm lazy gonna link to my blog where i told my horror story a while ago: http://fulltimewow.blogspot.com/2007/08/getting-hacked.html
Aggreko Sep 14th 2007 7:49AM
@8
Make sure your computer has a condom and a doctor. :P
-To protect itself
-And to scan it
Also
@7
Gold buyers aren't cheating.
All they are doing is farming you gold for money that you don't want to farm. :) and because blizz doesn't even get that money thats why they call it cheating.
:)
L2UseProt
equiraptor Sep 13th 2007 9:32AM
I have another note regarding accuracy of your comments.
Online crime is not restricted to trojans. Saying "more than half of all cyber crime committed via trojan viruses," based on 60% of trojans being targetted at MMORPGs doesn't tell us anything about the percentage of "cyber crime" being targetted an MMORPGs. Trojans are only one method for exploiting vulnerabilities in systems (or user behavior), and there's always "brute force" if you don't find a vulnerability to exploit.
Guidinglight Sep 13th 2007 9:52AM
Buy a Mac.. I haven't used windows in four years. I don't worry about viruses, drivers, spyware, my god my computer just does what it is suppose to..
Shacti Sep 25th 2007 4:44PM
Buy a Mac? Why not download linux for free, buy the wow linux client (wow client and bc is really cheap these days, at least where i live) and relax?
Ahoni Sep 13th 2007 11:59AM
Once they get enough idiots on the Mac, there will be plenty of problems there too. I worked for a long time in PC repair. Most virus/trojan/malware problems are the users own fault. Not all, most. If you have a computer, you need to have an up to date firewall and virus detection software. You also need to check your computer for spyware. I would recommend staying away from Norton and McAfee. I can count on one hand the number of times a computer with up to date security software had a serious problem.
I can't count the number of computers that had problems that started from someone downloading a screensaver, wallpaper, mouse cursor or smiley faces for their email. If you avoid those, you are ahead of the game. This stuff is pretty simple to prevent, but a royal mess to clean up.
Oh, and nice FUD with this article.
Kristian Cee Sep 13th 2007 12:18PM
While perhaps beyond the scope of an article for WI, I've found DropMyRights to give an extra bit of reassurance when browsing the net. It takes some work to get setup but it's worth it -- your browser is no longer being run with your user rights (usually admin on xp) instead getting a reduced set that can't install software or write to system directories which will stop most of these bugs in their tracks.
http://chris.pirillo.com/2006/09/13/hidden-microsoft-security-gem/ A link to an article regarding it, a better starting point than M$ rather sparse MSDN page on the application.
h8rain Sep 13th 2007 2:39PM
Yup, my WoW addiction is brought to me, by a Mac. I do agree with Ahoni, the more time passes, the more virii/spyware/trojan will appear on the Mac. I never really had problems when I used a PC (but I don't go into the darker side of the internet). I think in the 10 years of using a PC I have only gotten a handful of viruses. Spyware on the other hand is the worst, because a wrong click can screw you up, instead of consciously running a program.
For the time being at least, I enjoy my virus-proof Mac :)