English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Hackers Gain Success in Dodging WoW Authenticator

According to security experts and players, online criminals are distributing malware proficient at tricking World of Warcraft's hardware-based authentication system.

To distribute a Trojan program, which has been created to capture the one-time password produced by WoW authenticator tokens, cyber crooks are making use of spoofs of renowned WoW websites, promoted through Google Adwords.

As confirmed by Blizzard, hackers have invented a work-around, which grants them access to games guarded by its authenticator tool.

The aforementioned instance is the first confirmed case, wherein a World of Warcraft account has been jeopardized despite an attached authenticator. The victim alarmed others of the matter on official forums. Similar experiences were reported by other players as well.

Appearing on PCs as 'emcor.dll', the latest Trojan launches a man-in-the-middle attack. When the player logs in next time, his token-generated password is intercepted and sent to the attacker.

The attacker gets limited time to use the right password while the player views an error message on his monitor. In that limited time period, he has to log into the account and clear out its assets for reselling them on the grey market.

Particularly in East Asia, trojans aiming at online gaming accounts have become common; however, a whole new twist of additional sophistication can be noted in the endeavors to thwart two-factor logins to gaming accounts.

Experts commented that man-in-the-middle assaults are not new. There are scores of programs that can initiate them very easily, enabling crooks to intercept passwords. Basically, these programs get in between users' systems and the server to which users are trying to connect. As it is not visible to the end-user, so these attacks are extremely dangerous.

Blizzard, however, has always highlighted that authenticator was never ever a 100% flawless way to protect gaming accounts. It must only be regarded as an added level of security. This recent development also demonstrates the need to update anti-virus software and to be aware of key-loggers. However, these measures failed to protect the aforementioned user from the attack.

» SPAMfighter News - 09-03-2010

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>