[ISN] Microsoft warns game developers of security risk

From: InfoSec News (alerts@private)
Date: Tue Aug 15 2006 - 01:39:59 PDT


http://news.com.com/Microsoft+warns+game+developers+of+security+risk/2100-1029_3-6105609.html

By Reuters
August 14, 2006

All too familiar with hackers looking to exploit security flaws in its
software, Microsoft warned video game developers on Monday that their
PC games are now a target for criminals.

Popular massively multiplayer online (MMO) games, such as "World of
Warcraft," have created a market for valuable game identities loaded
with gold or other hard-earned forms of in-game currency that can be
used to buy new weapons, magic spells or other trappings to advance
within the game.

Using software designed to infiltrate a computer system, hackers steal
account information for users of MMO games and then sell off virtual
gold, weapons and other items for real money.

"Those of you who are working on massively multiplayer online games,
organized crime is already looking at you," said Dave Weinstein, a
Microsoft security development engineer at the company's Gamefest
video game development conference.

In multiplayer online role-playing games, players assume a fictional
character and take control of the character's actions and interact
with other players in a virtual world. For World of Warcraft, a user
buys the game software and then pays a monthly subscription rate to
access the online world.

Online game accounts are already on sale in the black market next to
stolen credit card accounts, fraudulent passports, fake work papers
and other illegal items gathered by identity theft.

In fact, some game accounts can be worth up to $10,000.

"For a lot of the customers out there, there is more store value on
their MMO characters than there is on the credit card with which they
pay for the account," said Weinstein.

"The police are really good at understanding someone stole my credit
card and ran up a lot of money. It's a lot harder to get them to buy
into 'someone stole my magic sword."'

Story Copyright © 2006 Reuters Limited. All rights reserved.



_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Tue Aug 15 2006 - 01:54:12 PDT