trojans
Latest
Account security is your responsibility, not Blizzard's
PlayNoEvil recently published an article explaining why they think it is that hackers target gamers by stealing their passwords and other account information. While there is some truth in the premises offered, articles like this one only serve to fuel conspiracy rumors and encourage players to think of themselves as victims rather than take responsibility for their own account security. Gaming companies do place some of the blame for a compromised account on the account holder, and for good reason. The hacker certainly didn't gain access to your computer because of their actions, and their computers that store your information are as yet untouchable.The browsers you use, sites you visit, firewall settings, anti-virus software and update practices are just a few of the ways that you contribute to your own hacking experience. Sharing your account information with your lover, best friend and mother may sound safe, but you don't control the security of their computers, or their friends' computers. The majority of people I know who have been hacked signed into their accounts on their sibling's computer or a publically shared machine. In fact, NASA ended up with a keylogger targeted at gamers on the International Space Station. It traveled aboard on the laptop of one of the astronauts. You just can't trust any computer that isn't your own.It may be hard to hear, but a hacked account is because of something you did, whether it was an unfortunate stroke of luck, such as stumbling onto a redirect on a legitimate website in the small window before the site addresses it, or a serious oversight in security on your part.
BitTorrent copies of iWork '09 may contain nasty Trojan
Intego has released a security alert for a Trojan horse circulating in copies of iWork '09 downloaded from BitTorrent trackers and direct download (read: not official, but warez-esque) sites. The Trojan, known as OSX.Trojan.iServices.A is actually pretty clever: it exists as a package within the actual iWork '09 installer (meaning you can't see it unless you view every package in the installer bundle). Then when the installation begins and asks for your administrator password (which is what a non-infected version of iWork '09 would do), the Trojan package will install itself as a startup item in the /System/Library/StartupItems folder, where it has root permissions.Once this service is on your system (and it is called something that sounds innocuous: iWorkSerices), it will connect to a remote server online, making your computer a target for other malicious downloads and remote operations.It is important to note that the iWork '09 files on these downloads are not affected in any way, they are merely a catalyst to get this Trojan on your system.Intego has updated their virus definitions for its VirusBarrier programs. We recommend not downloading software from untrustworthy or unofficial sources. And you know, paying for a legitimate iWork license.
Antivirus company claims viruses are out to get you
McAfee Avert Labs, a monitoring and research division of McAfee Inc., claims that malware attacks are on the rise, and the targets are often gamers. According to McAfee, there was a 245% growth in the amount of malware being developed from 2006 to 2007, with roughly 300% more developed from 2007 to 2008. So far this year, development already exceeds 2006 and 2007 combined. Earlier this year, McAfee released a list of some of the most dangerous web domains. Even major, reputable websites are not immune, although the problems are usually addressed almost instantly. Commonly targeted websites include social networking sites like Facebook, as well as gaming sites.The developers harvest the information, and sell it to others who then exploit it, possibly to steal your account information. With so little time until Wrath of the Lich King, I'd like to remind everyone that buying gold or power-leveling services is not only not permitted, it is likely to get you burned. For more information on protecting your computer from keyloggers and other malware, check out the following guides:
Blizzard Authenticator to be introduced at the Worldwide Invitational
The problem with keyloggers and other methods of account theft has been well documented here at WoW Insider, and it seems like a constant problem. Even the most conscientious of players has fallen prey to it. However, at the Worldwide Invitational, Blizzard is introducing a little piece of hardware that could make those problems vanish. Say hello to the Blizzard Authenticator. The Authenticator is a small piece of hardware that you can associate with your World of Warcraft account. Once the Authenticator is associated with the account, you will need it to log on. Every time you log on, you press a button on the Authenticator to generate a six-digit code that you must input to log on. Since only you know the code, and it's generated apart from your computer at the time you're ready to log on, it will be safe from trojans, keyloggers, and other hacks. The Authenticator will be available at the WWI to start, then eventually at the Blizzard Store. The starting price being quoted by Blizzard is $6.50 -- a small price to pay for safety from a ransacked bank and naked server transferred characters, for many. Is this the big announcement though? It's possible, of course, but we like to think there's more in store at the WWI. Stay tuned here, and we'll let you know.
WoW Ace Updater ad banners may contain trojans, claim some users
While the Incgamers malware problem is fixed, it looks like there's another malware flare up in the world of addons. The WoW Ace Updater, according to many users, may be passing off a trojan from an ad in the guise of an antivirus program. The program, called Winfixer, pops up in a window and (in some cases automatically) installs malware while claiming your computer is compromised and that you need to buy the full retail version to fix it. It can be detected and removed by Spybot Search and Destroy and Vundofix, and Symantec includes instructions on how to manually remove it here. Wowace.com site owner Kaelten has disabled the ads on WoW Ace Updater completely for now, and is talking to his Ad provider to find out what went wrong and which ads might be causing problems. This isn't the first time a popular WoW site has had trouble with trojans in ads, and unfortunately, it is unlikely to be the last. Kaelten seems to be on top of it, though, so hopefully he'll get to the bottom of these claims. Since the ads are currently disabled, the program itself should already be safe to use. If you're feeling a bit skittish, though, you can check out some of Sean's recommendations for other upgrade programs here. I should note that, being a religious user of WoW Ace Updater myself (I run it at least a good 5 times a week), I just made sure to scan my computer with the aforementioned Spybot Search and Destroy as well as AVG Free Edition. According to those programs, It has a clean bill of health.
Incgamers.com malware mixup fixed
Yesterday, I reported to you that Google (via Stopbadware.org) had marked wowui.incgamers.com (which redirects to wowui.worldofwar.net) as a bad site. Today, the site is reported as clean according to the same report (you can check it out here). Rushter of Incgamers.com explained to us on the comments of the previous article that the problem was with a seperate attack on a different hosted site (which was quickly dealt with, and unrelated to worldofwar.net, says Rushster), but Google marked the whole site as bad. The worldofwar.net UI database was unaffected, he says, and after some back and forth, Google has now dropped the warning. Of course, it's still always a good idea to check your computer for viruses, trojans, and keyloggers regularly, and realize that no website is completely safe (though having a good defense always helps). That said, at the moment it looks like wowui.incgamers.com, also known as wowui.worldofwar.net, is a safe spot to grab your addons from.
Wowui.incgamers.com invaded by malware?
Here at WoW Insider, we've noticed an unusual and disturbing glut of people having trouble with being keylogged or otherwise hacked soon after installing new addons lately (which wouldn't be a surprise -- lots of people were grabbing addons after patch 2.4, so that makes them a likely route for attackers). While it's too early to make any definite connections, It seems like there's one new lead that's just popped up: popular addon site wowui.incgamers.com (not linked for obvious reasons) is apparently passing off bad files, according to reports from Stopbadware.org and other anonymous sources. If you've been using the site for your addons, especially in the past week or so, it might be a good idea to exercise some caution and run your favorite anti-virus or anti-malware program. The site has already been in trouble recently with reports that their UICentral addon updater (now discontinued) was using copyrighted code, and now it looks like there's more trouble abrewing for them. Update: Wowui.incgamers not infested with malware. Full story here.
BBC: Teach our kids about safe Mac computing
It's the end of innocence, according to the BBC, the time when you'll have to sit down your children and tell them about the birds, the bees, and the recent Mac Trojan (no, not that kind of Trojan) security compromises. There's little new or ground breaking in the BBC article but their adherence to the Safe-Sex/Safe-Computing paradigm is pretty hilarious. We all knew that as the Mac became more popular as a platform that it would start to be attacked more regularly and last week's exploits confirms this new reality. On the one hand, a wider installation base means better software and easier repairs. On the other hand, Mac OS X security becomes a bigger and bigger target. Thanks to Steve Barnett
Episode 3 of the WoW Insider show now available
Episode 3 of the WoW Insider Show is now available to listen over at WoW Radio and also as a podcast on iTunes (wow, those iTunes reviews are harsh, aren't they? Send us your suggestions on how to make the show better at theshow@wow.com). I was on board this time around, as was our own Amanda Rivera, and WoW Radio's ever popular Turpster and Alris from the World of Theorycraft.We chatted about all of our popular posts from last week, including whether rogues stealthing around constitutes an exploit, Matthew's post about trojans, and what exactly Blizzard's Hydra is. We hit on lots more, too, and I made everyone give their prediction for the patch 2.2 release-- "this week," "next week," or "later." I believe "this week" won among the four of us (it's what I said), but considering what the CMs are saying lately, I have to admit I'm second guessing myself-- we may not see the patch tomorrow morning after all.And don't forget that we do this live every Saturday at 3:30pm EST over at WoW Radio. Tune in next week for yet another episode of WoW Insider in audio form-- we call it the WoW Insider Show.
Symantec: No file infecting viruses for OS X
Every time I write about Mac security the comments fill up with people telling me that I am an idiot (actually, come to think of it, that happens with most of my posts). Therefore, I thought some of you would enjoy this post from Symantec that which states categorically that there are no known file infecting viruses for OS X. Hurrah! Macs rulez!! W00t!Hold your horses, spanky. Todd Woodward, the author of the post, rightly points out that while there are no viruses for OS X there are worms, rootkits, and vulnerabilities in the OS itself. So, it is like I always say, Mac users might not have to worry about viruses now but that doesn't mean that OS X is somehow magically immune to viruses.
