Posts Categorized: Gaming threats


Cybercrime Trends 2013 – Year in Review

by

It’s that time of the year! The moment when we reflect back on the cybercrime tactics, techniques and procedures (TTPs) that shaped 2013, in order to constructively speculate on what’s to come for 2014 in terms of fraudulent and malicious campaigns, orchestrated by opportunistic cybercriminal adversaries across the globe. Throughout 2013, we continued to observe and profile TTPs, which were crucial for the success, profitability and growth of the cybercrime ecosystem internationally, such as, for instance, widespread proliferation of the campaigns, professionalism and the implementation of basic business/economic/marketing concepts, improved QA (Quality Assurance), vertical integration in an attempt to occupy […]

Continue Reading »

Webroot’s Threat Blog Most Popular Posts for 2012

by

It’s that time of the year! The moment when we look back, and reflect on Webroot’s Threat Blog most popular content for 2012. Which are this year’s most popular posts? What distinguished them from the rest of the analyses published on a daily basis, throughout the entire year? Let’s find out.

Continue Reading »

Fishing for Phishers is a Full-Time Job

by

By Ian Moyse, EMEA Channel Director We seem to take phishing attacks for granted these days, in much the same way that we’ve accepted spam as a natural, and inevitable, by-product of email. Some experts believe that one of the best solutions to thwart phishing attacks is end-user training, but I doubt training alone can be a viable solution. Can we really train every computer user to be sufficiently security literate, such that anyone can distinguish a phishing message from a genuine bank email? I doubt that it is possible, especially given how specific the details in spear phishing (phishing […]

Continue Reading »

10 Threats from 2010 We’d Prefer Remain History

by

With 2010 finally behind us, and an unknown number of cyberattacks likely to come in the new year, I thought I’d run down a brief list of the malicious campaigns criminals pulled off last year that I’d really dread to see anyone repeat. Now that they’re in the past, they should stay there. Operation Aurora: Google’s accusation (with Adobe, Juniper Networks, Rackspace, Yahoo! and Symantec) that China hacked its servers, allegedly stealing private emails stored on the company’s servers. The big surprise wasn’t that it was happening, but that companies were publicly talking about it. Abused ccTLDs: 2010 saw lots […]

Continue Reading »

Game Trojans’ Biggest Tricks in 2010

by

By Andrew Brandt and Curtis Fechner It’s appropriate that this year’s Blizzcon, the two-day celebration of all things World of Warcraft, takes place during National Cyber Security Awareness Month. No other game is as heavily targeted by thieves as WoW, so we thought this would be as good a time as any to run down some of the malware threats that face gamers. 2010 has been a big year for Trojans that steal game passwords or license keys. The people who create malware targeting online games show no signs of relenting, nor are they laying down on the job. Innovation […]

Continue Reading »

WoW Patch Brings Out the Malware Trolls

by

Last week, Activision/Blizzard released a long-anticipated patch for its immensely popular game, World of Warcraft. While I don’t play this game, a number of our Threat Researchers do, and they’ve been on the lookout for shenanigans. Curtis Fechner found a doozy. The update comprises a major overhaul of many core systems within the game, affecting the graphics engine, game rules, player abilities, and also the interface. Many players use downloadable, player-created add-ons to further customize the appearance of the user interface; Patches as comprehensive as this one mean that many of the old add-ons simply won’t work until the add-on’s […]

Continue Reading »

Five Reasons You Should Always “Stop. Think. Connect.”

by

Today’s the official kickoff for National Cyber Security Awareness Month, and the organizations supporting the event, including the National Cyber Security Alliance, the Anti-Phishing Working Group, and dozens of corporate citizens including Webroot, want you to protect your computer and your personal information. So they’ve come up with a three word campaign slogan they hope will become conventional wisdom for every Internet user: Stop. Think. Connect. Think of it as the 21st century equivalent of looking both ways before crossing the street. In my case, they’re preaching to the choir. For years, I’ve advocated that people treat everything they see […]

Continue Reading »

Starcraft 2 Launch Day Piracy Infects Eager Gamers

by

While some members of our Threat Research group are attending talks at the Black Hat Briefings, the rest of the team is back at our offices, hard at work watching for novel threats.  That’s good news for gamers, and bad news for malware distributors who might try to take advantage of a confluence of events where many elite members of the security community are temporarily turned away from monitors while they attend the conference. I received a warning about one potential threat facing gamers who might turn to piracy to get a copy of Blizzard’s new real-time-strategy game, Starcraft II. […]

Continue Reading »

WoW Expansion Beta Likely to Spawn Phishers, Scams

by

Blizzard’s announcement today that they will begin a closed beta-test for the latest expansion pack is likely to generate a lot of excitement among that particularly low breed of online criminals who steal the fruits of other people’s entertainment when they commandeer passwords for other players. While it’s hard to believe that most players of online games aren’t aware of the profusion of phishing sites attempting to steal logins, the problem clearly isn’t going away, so the warnings remain the same: Keep a close eye on your browser’s Address Bar, and make sure you’re really logging into Blizzard’s Web site, […]

Continue Reading »

Chinese Phishers Get On the Fake Codec Bandwagon

by

Malware distributors in China have started pushing the same kinds of fake codec scams on unsuspecting Chinese Web surfers that criminals elsewhere in the world have mastered. I’m not sure how I feel about this. On the one hand, I feel sorry for the Chinese victims, most of whom are probably blissfully unaware of the dangers they now face on the Web. On the other, perhaps this will finally serve as a wake up call to Chinese authorities that they need to do something about homegrown Sino-cybercrime. In the course of investigating some odd-looking URLs (including one which uses the […]

Continue Reading »