Video gamers face malware deluge

Games are increasingly a target for hi-tech criminals

Players of online games are increasingly becoming the target of virus writers, reveals research.

More and more malicious programs are being written to steal the login credentials of popular online games.

The Microsoft research revealed a family of malicious programs aimed at titles such as Lineage, World of Warcraft, Maple Story and many others.

Hijacked accounts are plundered for in-game booty or sold on through the net's underground market places.

Loot and booty

Cliff Evans, head of security at Microsoft UK, said its latest look at the software threats facing Windows revealed a strong growth in one family of malicious programs known as taterf.

In the last six months, Microsoft has seen more than 4.9m infections caused by Taterf - a figure up 156% on the total seen in the last six months of 2008.

Mr Evans said the virus used a variety of tricks to steal login names and passwords for the most popular online games.

"It's all about getting login credentials," he said. "The question is what might they do with those credentials."

"They might sell them because they are worth something," he said. "By using them they can obtain certain things within the game or they can buy services through some sort of market place."

"There's clearly a financial angle to it that makes it worthwhile," he said.

Steven Davis, chief of game security firm Secure Play, said: "Online game account information has been an increasingly lucrative target for crooks as they can steal the account or loot game currency."

TATERF TARGETS Rainbow Island Cabal Online A Chinese Odyssey Hao Fang Battle Net Lineage Gamania MapleStory qqgame Legend of Mir World Of Warcraft

"Crooks also use stolen credit cards for gold farming which has become a much more serious problem," he said. "They are attacking games because it is easy and there is no real interest from law enforcement."

Mr Evans from Microsoft said gamers could follow some simple steps to avoid having their account stolen.

"Never log onto a game account unless you are on a machine that you trust," he said. "And never download cheats or cracks from websites."

Version control

Other trends revealed in the research were a move away from fake security software aka scareware. Statistics gathered by Microsoft show that the number of machines it found with such programs installed had fallen from 16.8 million machines to 13.4 million.

By contrast, said Mr Evans, worms that travel networks independently looking for victims were seeing a resurgence. Such self-guided programs were now the second biggest security threat to Windows users, he said.

Mr Evans said the trends revealed in the survey gave grounds for hope.

"At the moment we're holding things at bay," he said. "There's constant change in terms of the cyber criminals changing their tactics. It's a question of keeping on top of that."

Every significant update of Windows or new version showed a decrease in the number of infections per thousand machines, said Mr Evans.

The first version of Windows XP had about 35 infections for every 1,000 machines scanned, said Mr Evans. By contrast, he said, only 4 in every 1,000 of the machines running the first version of Vista needed disinfecting.

The statistics cover the first six months of 2009 and data comes from several sources.

It includes Microsoft's Malicious Software Removal tool which runs on 450 million machines worldwide; 100 million machines using Windows Live One Care, malicious webpages scanned by search engine Bing and corporate security services run by Microsoft.