First it was banks and now it is online gamers. As global internet usage continues to grow, cyber criminals are training their eyes on the net gaming community for their next big hit, according to specialists from computer security company McAfee.
Experts at the firm’s Avert Labs research centre have named the 10 security threats they expect to be the most serious in 2008. And they revealed that the number of password-stealing Trojans, or malicious software, that targeted online games in 2007 grew faster than the number of Trojans that targeted banks.
“The threat to virtual economies is outpacing the growth of the threat to the real economy,” they reported. “As virtual objects continue to gain real value, more attackers will look to capitalise on this.”
Avert Labs’ security strategist Toralv Dirro said online gamers who spend thousands of hours on games were proving a goldmine for cyber thieves.
“In 2007 a prime example of a growing trend of revenue generation through the online gaming community was seen. The FuJacks worm created by hacker Li Jun was designed to steal online gaming credentials that were then sold for profit,” he said.
“There is value in gaming credentials for accounts that allow users to skip the hours required to get to elite status in the game.”
Last week American computer game developer Blizzard Entertainment announced that its hugely popular game, World of Warcraft, had crossed the 10 million subscriber-mark. The game, launched in late 2004 in North America, allows users to log on from anywhere in the world for a virtual adventure.
It has become the most popular game in its genre, referred to as Massively Multiplayer Online Role-Playing Game or MMORPG by the gaming industry. This type is a particular target for cyber criminals.
The US-based market research and consulting firm Park Associates says the online gaming market is expected to be worth $4.4 billion (Dh16bn) by 2010, while another report by DFC Intelligence forecasts the market will grow from $3.4bn in 2005 to more than $13bn in 2011.
Patrick Hayati, Regional Director for McAfee, says regular players need to be constantly on their guard. “Games such as EverQuest require about 70 people to be simultaneously online all the time,” he said. “In order to do that, sometimes a player gives out his account details to someone in his team whom he might not even know. And that could be dangerous.
“Sometimes these gamers turn off the anti-virus software on their computers to process the game faster, since the anti-virus occupies space. They are all playing in a virtual world, but they are still vulnerable to real world dangers.”
Real dangers, Hayati said, included theft of credit card details, identities and virtual in-game objects or points, which sometimes take months or even years to earn.
According to the Internet Crime Report published by the Federal Bureau of Investigation in the United States last year, there were more than 200,000 complaints, compared to just 10,000 in 2000. The total loss from all referred cases of fraud was estimated at $198.44 million. Although the problem is much smaller in the UAE there has been an increase in cyber crime cases in general, said officials.
But despite the ominous warning issued by computer security experts, online gamers in the UAE are unfazed.
“I think it’s a little overblown,” said Abbas Jafar Ali, Editor-in-Chief of gaming websites megamers.com and t-break.com. “Most times, I think, it is just a case of a hacker having fun. Often it is for reputation – for kicks. I don’t think anyone from the hacking community would steal details from gamers for the money.”
Gamer Taimoor Hafeez dismissed the warnings. “Most PC owners would understand the risk and take appropriate precautions. Of course, nothing can ever be foolproof, but websites and people who spend a lot of time online know what they are doing and take enough measures to protect themselves,” said the 22-year-old, who reviews games for various websites.
“As far as awareness goes, I think online gamers are more aware of the dangers than anybody else.”
The two gaming enthusiasts, however, agree that risks do exist and that increased participation in online games could potentially attract thieves to the virtual world.
“The risks are there,” added Jafar Ali. “But for now hacking into an online gamer’s account isn’t of that much a benefit monetarily. It just wouldn’t be profitable.
“There’s probably more money to be made if you hack into the gaming website’s accounts and get the entire subscription database. But that has not happened.”
Gamers risk losing credentials to hackers