Sergey Golovanov, senior malware analyst and non-Intel research group manager, Kaspersky Lab, gives us some tips on staying safe while gaming online.
Massively Multiplayer Online Role Playing Games (MMORPGs) involve the exploration of virtual worlds and quest completion to earn money or experiences, MMORPGs has become an everyday phenomenon with millions of people participating globally.
As a result, the gaming industry has become extremely lucrative and cyber criminals are engaging with gamers in various ways, either luring or direct intrusion – stealing passwords to gain access to accounts, exploiting game vulnerabilities and making use of malware. So what should gamers be aware of and how do these criminals operate?
Gamers pay real money to make use of gaming sites or to gain in-game valuables, and although these valuables are part of the ‘virtual world’ they have value in the real world. This makes it ever more enticing for hackers, who want these valuables, to resell them, or intercept any money transfers taking place.
Entering the game as a player themselves, cyber criminals can become friends with other gamers and then start offering them advice, or bonuses in exchange for other players’ passwords. Another well known method is that of phishing emails, where an email is supposedly sent from the server administrator asking users to authenticate their account via a website link in the message, allowing the cyber criminal to gain access to passwords and account information.
In addition to external exploitations, it is critical to understand that every game has programme vulnerabilities. Through this they are able to gain access to the server database to harvest players’ passwords or password hashes. What’s more, cyber criminals can then take advantage of in-game player chats, where access to the players’ database is gained either manually or by use of a dedicated utility.
Finally, a cyber criminal’s last resort is making use of good old fashioned malware. From publishing links to malicious programs via file sharing networks, spam in game or via emails and exploiting site vulnerabilities, using malware to steal passwords is so simple, malicious users make use of this method more often than any other techniques.
For gamers, the first line of defence is regularly updating all programmes installed on a computer to prevent penetration of malicious programmes, as well as ensuring they are using an internet security solution by a company that regularly updates malware databases.
If at any time users notice any abnormality in the game, quit and try to re-enter at a later stage. And remember that before even considering logging on to relax and play online, make sure that the PC being used is sufficiently protected, as the consequences can influence more than just the game, but the gamer’s personal life!