If you encountered computers at an early age then you most likely indulged in computer gaming. Can you ever forget the excitement when you first played Prince of Persia, Wolfenstein 3-D and Doom? Other memorable ones include Counter-Strike and Grand Theft Auto.
Gaming has evolved from solo playing in one computer to interacting with multiple online players from far flung locations. This has spawned a lucrative business with revenues from online games being estimated to be in the billions of dollars. This has obviously attracted cyber criminals.
The rise in massively multi-player online role playing games (MMOGs) has made computer games attractive targets. Crooks are able to exploit the vulnerabilities in MMOGs to commit identity theft and intrusions.
MMOGs require permanent internet connections and this access is used to steal user data from both real and virtual environments.
In these games, players often change or purchase virtual commodities. These may be weapons, clothes, medicine, money or property. The items are bought using real money which is converted into virtual currencies. These virtual funds are attracting crooks. Profits derived from illicit activities are hidden in the game economies of virtual worlds in a new form of money laundering.
Due to the competitive cut-throat business of computer gaming, vendors have overlooked security in their mission to be first to market the next big game hit. The result has been increased vulnerability to data stealing Trojans. These Trojans have the aim of recording user IDs and passwords together with the IP addresses of the servers these MMOGs are hosted. Keyloggers are also introduced which record all keystrokes.
After compromising a player's online account, the online crooks are able to convert the virtual objects and currencies they steal into real money.
Other vulnerabilities that are easily exploited are scripting holes. These are typically found in web applications which allow code injection by malicious users into the web pages viewed by other users. An example would be where you play an online game from a website that has a link to another site that exploits a scripting vulnerability. Upon clicking the line malicious scripts execute in your browser and steal sensitive information like passwords and billing information.
Games that require permanent internet connections and use some form of virtual economies need to be used with caution.