The good part is that Microsoft and the AV gang caught a bunch of some malicious little critters. The bad part is the numbers. What's confusing and ugly to me is that people are willing to trade virtual assets for real ones.
In one week Microsoft caught 2 million infections of password stealers and 1.3 million infections of one paticular password stealer, Taterf. Taterf which targets online games counts for over 80% of all infections and on the first day it was found in 700,000 machines. The virus Taterf was written from, Frethog, was found in 200,000 machines. That's almost 1 million in one day.
The top two targets are 'World of Warcraft' and 'Valve's steaming'.
Lately I've been talking about the change in the last few years from hacking for curiosity to hacking for juvenile reasons to hacking with commercial motives. Where do online games fit?
Well, this is the part that puzzles me. It seems that when someone gets into your account they can sell all your online possessions for "virtual coins" which can be given to another gamer so they could trade it in for real money. That kind of transaction is "virtually" untraceable said Greg Hoglund (co-author of "exploiting online games").
Online games are an easy target for two reasons according to Microsoft's spokesman McCormack. Many gamers turn-off anti-virus tools to get a performance boost. Plus many of them download cracked versions of software which is commonly infected with malware of some kind.
These critters often use problems with a Flash Quicktime player. They also make use of 0-day bugs in Windows.
They spread by infecting removable and permanent drives. So the virus will run whenever you view the root directory with Windows Explorer, put your U3 enabled USB stick in another machine, or map your machine to an infected drive on a network.
A lot of people are comparing this to the Storm worm but remember that the Storm worm got so big by slowly infecting machines in small numbers. It didn't want to get the publicity that Taterf is getting now until it was so big that fighting it almost seemed futile.
What can we learn from this? Always use an up-do-date anti-virus, keep your OS updated, turn-off autorun, and avoid warez or pirated software.
Look into your anti-virus program and learn how they keep their "signatures" up to date. In both your anti-virus software and you windows "automatic update" settings keep either manually update on a regular basis or turning on "automatic updates".
If you are like I was a couple years ago, you don't like the idea of software updating things behind your back. After a while you'll get frustrated at always fighting the OS, you become less diligent, and fall behind in your updates. When that happens change the automatic update settings to 'check for available updates but don't download'.
IDG:
http://www.networkworld.com/news/2008/062008-microsoft-security-fix-clob...
http://blogs.technet.com/mmpc/archive/2008/06/20/taterf-all-your-drives-...
Comments
Post new comment