This morning I spoke with a French hacker-turned do-gooder, Jacques Erasmus, who uses his extraordinary knowledge over at online security company Prevx. According to Erasmus, a virus was created last Wednesday which is targeting gamers on World of Warcraft and Counterstrike.
Created in Germany, the worm is spread on MSN Messenger, where a spam message directing users to an infected site is sent out to a user’s complete contact list, in turn automatically sending itself to all of their contacts as well.
The worm then searches through the user’s hard drive, searching for log-in details to World of Warcraft and Counterstrike, as well as PayPal and Barclays Bank amongst others. The information is then uploaded to an FTP site, where the hackers can view all the details, as well as anyone else clever enough to gain entrance, such as Erasmus, who viewed hundreds of people’s details.
“Over 300 people an hour are being affected”, Erasmus told me, with the worm starting its trail of havoc last Wednesday, the 11th of June. He’s contacted Lycos, the German hosting company which is powering the infected site, however they haven’t as yet done anything about it. It’s predominantly people from the UK and Germany who are being targeted, with WoW and Counterstrike players being their main interest.
The German hackers have apparently infiltrated hundreds, or even thousands, of gamers’ accounts on these sites, where they steal their gold or in-game currency, and sell it on, thus making money for themselves.
Erasmus’s advice on avoiding being targeted by the makers of this worm is to be wary of all URLs friends on MSN send you, and to ensure your security and anti-virus software is up to scratch. Which is, of course, why Prevx is so keen to alert people to the threat, as they offer free anti-virus protection through their website for such occasions.
Related posts: Worm creator claims Macs are just as open to viruses as PCs | Apple QuickTime worm spreading through MySpace