Cyber Criminals Seize Internet Games Credentials Using Trojan

Researchers at the security software firm "Symantec" have found a database, which contains 44 Million stolen credentials for online games captured with the help of a Trojan, designed specifically for the purpose.

The stolen accounts have a major portion of 'Aion,' 'World of Warcraft' and games from PlayNC of NC Soft like 'City of Heroes,' 'Guild Wars,' and 'Lineage II.' Of all the targets, Wayi Entertainment (a Chinese game distributor) was victimized the most with 16 Million of its accounts stolen.

The security company states that the database contains gamers' login credentials and those of websites which harbor Internet games. Further, it holds some 17GB of data of the flat-file kind.

The researchers states that to obtain the database, information stealing malware was used, as reported by Dark Reading on May 27, 2010.

The researchers also state that the person who captured the items created "Trojan.Loginck." This Trojan is designed for automating the monetizing procedure of the login credentials. The Trojan pushed from a botnet automatically gains access to the database of the stolen items after which it collects captured usernames and passwords and checks for their authenticity.

In case the Trojan is able to login, it will replace the login time of the database with the latest and update the user credentials prior to accessing the subsequent account details of username and password. This helps the attackers to access the database wherein they can hunt for the real combinations of usernames and passwords, the researchers explain.

Interestingly, the market value of these captured credentials for online games ranges from $35 to $28,000. As a result, the credentials are ripe enough to resell them despite the developers regard such an operation illegitimate and worthy of ban in case found.

Meanwhile, the detection of such an attack isn't new. During March 2008, McAfee exposed a hacking operation which infected 10,000 web-pages so that innocent visitors could be compromised and their gaming passwords stolen.

Thus, it is recommended that computer-users should maintain up-to-date anti-virus software so that their accounts remain safe from getting hacked or compromised.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 6/4/2010