Filed under: Account Security
Posts with tag trojan
I know, big whoop, right?
The news article reports on something many World of Warcraft players have known for years -- that viruses, phishing sites, trojans, and all those dirty tech terms have us gamers smack in the middle of their digital crosshairs. The findings are a result from a study by Microsoft, which tracked the exceptional growth of a family of worms called Taterf.
The programs have been around for some time now, snooping around players' computers for login details to various games with in-game currency. World of Warcraft players are juicy targets because of the remarkably large player base and existence of the gold-buying industry which Blizzard has actively warned and fought against. While the findings are nothing new, they only serve to confirm our fears about the growing threats to our accounts.
WoW.com has been big about account security for awhile, and it's nice to see the mainstream media begin to show some attention to the matter.
When this happened to a guildie, I must admit I was skeptical. Blizzard scans for viruses? And then sends an email that sounds suspiciously similar to the various phishing emails out there? But my friend sent me a copy of the email and described the whole process to me and I am a believer. Blizzard has some issues it needs to resolve with how it is handling this, however.
Wowace.com site owner Kaelten has disabled the ads on WoW Ace Updater completely for now, and is talking to his Ad provider to find out what went wrong and which ads might be causing problems.
This isn't the first time a popular WoW site has had trouble with trojans in ads, and unfortunately, it is unlikely to be the last. Kaelten seems to be on top of it, though, so hopefully he'll get to the bottom of these claims. Since the ads are currently disabled, the program itself should already be safe to use. If you're feeling a bit skittish, though, you can check out some of Sean's recommendations for other upgrade programs here.
I should note that, being a religious user of WoW Ace Updater myself (I run it at least a good 5 times a week), I just made sure to scan my computer with the aforementioned Spybot Search and Destroy as well as AVG Free Edition. According to those programs, It has a clean bill of health.
Yesterday, I reported to you that Google (via Stopbadware.org) had marked wowui.incgamers.com (which redirects to wowui.worldofwar.net) as a bad site. Today, the site is reported as clean according to the same report (you can check it out here).
Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning.
Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.
This freeware program purports to work not by blocking installation of keyloggers, but by preventing them from logging your keys once installed. Lifehacker tested it by loading a keylogger and reported that it seemed to work, at least in that case, as the keylogger's log file was completely empty.
Of course, you probably shouldn't just install this program and go off clicking strange links willy nilly, but it does look like it could be one more line of defense in the ever escalating battle to protect your computer and your account from those who would steal it. Plus, it's free, so that's even better.
[Thanks for the forward, DrDiesel!]
You'll want to be a bit more cautious when looking up information on the game today. World of Raids reports that an unknown ad banner appearing on Wowhead, Thottbot, and Allakhazam has an embedded
keylogger trojan. You don't even need to click on the banner, apparently, simply mousing over it will be enough. Wowhead says that all they know for sure is that it originates from "ad.yieldmanager.com", and will produce a redirect to "xpantivirus.com." They're working at isolating it.
The issue is known, and all parties involved are tracking it down, so it should hopefully be resolved soon. In the meantime, if you're looking for a quick way to protect yourself, I would follow the recommendation of World of Raids, and try out the Firefox web browser and the No Script extension. As long as you keep the scripts blocked, it should prevent the banner in question from forcing itself on you. This should also provide you with some protection if you accidentally click on the wrong link elsewhere, such as on the WoW general forums.
Edit: Apparently, the virus in question is not an actual keylogger, but it still does a number on your system, which is reason enough to try to avoid it.
According to Craig Schmugar, a researcher with the McAfee research labs, McAfee now sees more password-stealing malware designed to nab accounts of games like Lineage and World of Warcraft than Trojans that go after financial accounts.
Why? Your in-game assets can easily be converted to cash and there's much less legal risk involved in trafficking virtual goods than trafficking, say, stolen credit card numbers. So treat this as a reminder: be careful of keyloggers! (And if you're not sure how, read up on our advice on how to keep your system keylogger-free.)
Filed under: Economy
- Trojan horse PSW.Generic4.TUV
Updating the Virus Scanners is removing the Trojan alert, but if your particular scanner is still flagging it as a trojan, please don't patch the game just yet. I'm sorry but I'm just wanting to be cautious. Although it appears to be a false positive, as with Kaspersky, AntiVir etc.. updating the definitions is solving the problem, I don't want to just say 'use the files' because there could still be a problem somewhere.
Considering the fact that two Blue accounts were recently compromised, it looks like it's a good time to once again make sure your systems are patched, your virus scanners are up to date, and that you've got some good lines of defense against these Trojans. (Personally, I'm a huge fan of FireFox and some of the browser extensions that have come out for it.) Or, as some of my friends have told me, I could just get a Mac, and not have to worry so much about these kinds of things either. I keep telling them I'll happily switch when they buy me one.