Like all Internet users, we have to defend against all the riff raff out there. There are also attacks aimed specifically at Gamers.

Here is alook at some recent incidents involving malware targetted at gamers. Back in April, there was a fake Teamspeak patch loaded on the Teamspeak website. It looks like hackers compromised the Teamspeak web site. Then, they uploaded a fake patch with malware. Lastly, they sent an email to everyone with a forum account on the Teamspeak web site to download the fake patch.

More info: http://isc.sans.org/diary.html?storyid=2634

There have been a couple of attacks aimed specifically at WoW users.

“The reason for this, according to the BBC, is that player accounts with WoW are seen as a valuable target for cybercriminals, “

More info: http://www.viruslist.com/en/news?id=208274064

“Online games have long been targeted by malware, mainly due to the thriving virtual economy underlying them.”

More info: http://blog.trendmicro.com/world-of-warcraft-fan-site-compromised/

Another interesting case is a recent vulnerability in the Quicktime player. If a users views a specially crafted movie, their machine can be compromised. This vulnerability was leveraged for an attack on the Second Life game. In the game if you get close to another user's property, they can have it set to play a quicktime video. If they upload a specially crafted video, any users that gets close to their property gets compromised.

To avoid getting compromised, be sure and do all the standard recommendations. Use a firewall, keep OS up to date, run antivirus with updated signatures. You also need to keep other applications updated such as media players and document viewers.

Most importantly, keep your antenna up and be suspicious. If something looks fishy, proceed with caution. Try to verify patches etc with a second source. Keep in mind that “trusted” sites could be compromised and be hosting malware.

For TAW members, you can review the material for the Security Awareness badge and pass the test to earn the badge.