You are here: silicon.com > Software > Security Strategy

Security Strategy

Virtual worlds under siege from cyber crime

A hiding place for scams, spam and phishing…

Tags: spam, virtual worlds, second life

Printer Friendly Email Story RSS

By Elinor Mills

Published: 28 August 2008 08:59 GMT

Virtual worlds are playgrounds not just for people who want some online fantasy role-playing but for cyber criminals who are looking for places to launder money and steal data, according to security firm McAfee.

The in-game economies of virtual worlds are being hijacked by criminals who attempt to hide their profits through the exchange of virtual currencies, Dr Igor Muttik, a senior architect at McAfee's Avert Labs says in a white paper entitled Securing Virtual Worlds Against Real Attacks - The Challenges of Online Game Development.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

The paper says: "Typically, when a gaming account is compromised, attackers will convert the objects they steal into virtual currency - and then convert the virtual currency into real money." Scammers also are increasingly attracted to virtual worlds, where they have numerous ways of trying to steal private data for fraud. For instance, sloppy scripting in some online games allows viruses to auto-execute and propagate. There are also phishing attempts and messaging spam luring members to malicious sites for "free" games.

Also increasing in number and frequency are data-stealing Trojans that use keystroke loggers and other software to record IDs and passwords, mouse movements and even screenshots, the report says.

Other threats exist in the virtual worlds also. A virtual illness wiped out entire servers of users in World of Warcraft in 2005 when a design flaw allowed the disease to spread throughout low level players. Meanwhile, user-created code caused a virtual terrorist attack in Second Life, according to the report.

Because virtual worlds appeal to the underground, there's also the possibility they could serve as honey pots to attract criminals and terrorists and provide counter-terrorists a glimpse into terrorist activities.

Original article: Rising fraud threats in virtual worlds from CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

Should change the title to White Paper on the blee...
Rob

I thought it was the 1st April. We all seem to ...
Anonymous

Click here to see all

Related Links

Business still experimenting in Second Life

Second Life avatars meet lawmakers

Come an' Avatalk in Second Life, urges BT

Second Life tackles virtual nuisances

Second Life clamps down on virtual banks

Big Blue expands its Second Life

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...

Naked CIO Naked CIO: Cloud computing more expensive than we thought? Smart IT leaders will examine the impact of how they pay for tech

UK ID cards rollout hit by delay as launch date revealed

Bletchley Park's World War Two codebreakers in their own words

'You're responsible for your own wi-fi security' say ISPs

'UK must up privacy safeguards following Phorm'

The top 10 technologies you need to plan for next year


  • Jobs
Software Sales Specialist-Software Optimisation Sales

Oracle, IBM, Symantec, Adobe, McAfee, Citrix, VMware, Novell, BMC. Experience of selling up to C-Level - New business attitude - Experience of ...

E-Commerce Business Analyst - Worcester - 35k

This particular company, which is part of this larger multinational group, is a lot smaller however so you have the advantage of working for a ...

Network Security Analyst

Our client is an innovative, forward thinking engineering organisation with a product range instantly recognisable as one of the worlds leading ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Is Your Enterprise Architected for Tomorrow's Growth?

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Salesforce.com makes more friends in the cloud

Google sheds light on netbook plans for Chrome OS

How to squeeze the last drops of savings from an outsourcing contract

Salesforce.com plans social networking for business

Outsourcers to fall victim to cloud computing rush?

Office 2010: Beta launched




Quick Sitemap Links: