Current Event: Spike in Online Game hacking

According to an article on Gamasutra online game hacking spiked in 2008.  It was noted that it usually wasn’t the games themselves being directly attacked, rather attackers would use social engineering or other techniques to install malware, such as keyloggers, that would steal the user’s account information.  Once the attacker can log into the the victim’s account, they can then use their position of trust to send malicious links to friends of the victim, furthering their malicious goals.  The attacker could also steal the victim’s virtual assets and sell them for real money.  For example, in Blizzard’s World of Warcraft, despite it being against the EULA, there is a large real world market for in game gold and items.  Because it is generally not the games themselves being attacked, it is hard for game developers to prevent this.  However, Blizzard is setting a good example by allowing users to purchase RSA key generators as an extra line of defense (though you would think that with all the money they are sucking from their players they would be able to include this at no extra cost).  These authenticators generate unique keys at the press of a button, a new one of which is required at each logon.  With this extra layer of defense, even if the attacker logs the victim’s password and authenticator key, the next time they log on the authenticator key will be different, preventing the attacker from successfully logging on.  More details on the Blizzard Authenticator can be found at Blizzard’s site here.