Are game accounts getting stolen? Really?

Announcements
1

How crazy is it that cybercriminals are designing malware to steal log-ins for our online game accounts? Are they really that valuable? I can understand wanting to steal my credit card or bank account number. I can understand wanting to steal my identity so they can open new credit accounts in my name and stick me with the bill.

 

But, my game account? Really?

 

Over the last few years, various security companies (including Symantec) and several independent security agencies have published reports about the growing prevalence of Trojans aimed at stealing online game account log-ins. Recently, the European Network and Information Security Agency (ENISA) published an enormous report called Security and Privacy in Massively-Multiplayer Online Games and Social and Corporate Virtual Worlds about…well, the title says it all. It is an extensive report covering all sorts of risks associated with online worlds. The report says that over 30,000 new programs aimed at stealing online game passwords were released in 2007 alone.

 

So threats are being documented but is this really affecting online gamers in a material sense?

 

In theory, these programs are targeting virtual items that equate to real money. In fact, the sale of virtual objects from MMO/VWs (Massively Multiplayer Online Games and Virtual Worlds) in 2007 was estimated at almost $2billion worldwide. So the potential is certainly there but here at Symantec we wanted to find out if gamers were really feeling the pinch from this new underground economy tactic.

 

So we sponsored a few surveys with the gamer community to find out. At DreamHack Winter 2007 about 12% of participants said they’d had game log-ins or serial numbers stolen. Nine months later, at the German Games Convention 2008, 16% of participants said they’d had a games account stolen. Clearly gamers ARE getting their game accounts stolen.

 

The ENISA report went into much more than I’ve got space to go into here. It makes these fast growing and evolving online communities sound a lot like the Wild West. These worlds sure are fun and things are changing fast but this new style of community is also full of risks and challenges that we haven’t quite figured out how to solve. It will be interesting to see how things go in the months and years to come.  

 

And for now we can at least use the tools we have to stay protected from attacks that are based in traditional technologies, like a good antivirus to keep out those pesky Trojans.  On that note, let’s return to our hapless group of gamers to see what happens when a member of your guild chooses the wrong antivirus to depend on: