Trojan steals usernames and passwords from online gamers
Posted on 15.11.2007
Online gamers, be on guard - A new Trojan named ‘Win32.OnLineGames.dr’ can rob your username and password of the game account, warn the experts at MicroWorld Technologies. ‘OnlineGames.dr’ comes into computers via offers and help notes posted by crooks in game forums or by exploiting browser vulnerabilities.

Written in Delphi language, ‘OnlineGames.dr’ injects its DLL component into running processes and places an ‘autorun.inf’ file in the root of each drive to ensure that it gets activated every time a drive is opened.

Once active, it snoops on user activity, steals confidential account information from unwitting victims and sends it to a remote attacker. In a few cases, the Trojan also posts this stolen information to certain malicious websites. With the username and password of a virtual game player in his hand, the Trojan writer can directly log on to the victim’s account and sell off the characters and other goods for real world money.
This Trojan targets ‘Massively Multiplayer Online Role-playing Games’ (MMORPG), particularly the ones like Gamania and Wowtaiwan, meant for the Taiwanese audience. MMORPG is a genre of online computer role-playing games where a huge number of players interact with each other in a fantasy world. Every participant plays the role of a fantasy character and buys and sells fictional goods online, while they also barter stuff among each other. On many websites you can buy goods and characters using actual currency and do vice versa.


More than 900 embedded devices share hard-coded certs, SSH host keys

SEC Consult analyzed firmware images of more than 4000 embedded devices of over 70 vendors and found that, in some cases, there are nearly half a million devices on the web using the same certificate.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Nov 30th