As the world of PC gaming continues to expand, so does the spread of malware designed to steal online game credentials from less-than-savvy PC users.
Many people wind up using the Internet only for access to email and Internet-enabled games. Such people often don't consider the risks involved with casually going online and as a result many systems go unprotected. Those systems are easy targets for proliferation of malware.
According to Microsoft, the company's Malicious Software Removal Tool (MSRT) has so far removed over 8 million copies of game-related malware from 8 different malware families.
The malware is typically designed to harvest login names and passwords for popular game sites. Stolen credentials are then often used to gain access to and sell the victims' game-related resources, such as accrued virtual currencies, weapons, tools, and other items commonly attached to a virtual actor or real world game player.
For example, a worm dubbed "Taterf" by Microsoft steals credentials for the hugely popular World of Warcraft (WoW) game site. As of August 2008 MSRT has removed 4,088,366 copies of Taterf from infected systems.
In January the makers of WoW, Blizzard Entertainment, said that its subscriber base had surpassed the 10 million mark. Such a large subscriber base makes for a very enticing target, particularly with a thriving black market related to online gaming. In some cases a complete player account can be sold for well over $1,000 and other items, such as virtual currency and equipment, can net hundreds of dollars.
But game makers aren't sitting by idly while their customers' accounts are pilfered by online pirates. In June Blizzard announced that it had created a two-factor authentication system to help defend against theft. For $6.50 users can purchase a small standalone authentication device that generates a six-digit security code that must be entered during the login process for account access.