Chinese Hackers Hijack Online Role-Playing Games
CREDIT: Sameboat/Public domain
Video games are popular entertainment, but they also generate a lot of money for developers. Where there's money, hackers are sure to follow.
That's just what Chinese hacking group Winnti has done. By attacking companies that produce online games for the Southeast Asian market, Winnti has managed to drain legitimate companies' coffers while filling its own.
According to a report from Kaspersky Lab, Winnti has compromised security at a minimum of 11 companies — mostly located in China, Japan and South Korea — since 2011. These companies generally produce massively multiplayer online role-playing games (MMORPGs) for the Southeast Asian market (think "World of Warcraft" but with a smaller budget and more Eastern aesthetic).
Winnti received its name due to its attack of choice: the "Winnti" Trojan that infects a system, steals its information and routes it back through a number of phony Web addresses. These rerouting sites’ origins range from Japan to Russia to the United States.
Once Winnti has compromised a game's assets, producing massive amounts of money is relatively simple. In these games, players accumulate virtual currency (like gold) in order to buy in-game items and services. Some of these games allow users to exchange virtual currency for real money or items. Even if no official exchange exists, users can often make real money by selling excess virtual currency online.
Even if the virtual currency does not translate into real money, Winnti could still succeed in kneecapping a game, according to the report. Fair distribution of currency is vital to keeping a game's economy balanced. If money becomes valueless, high-level items become trinkets, and the game loses its challenge. This will drive players away.
Kaspersky Labs go on to explain that once armed with the game's source code, Winnti could easily inject malicious software into the game. Simply playing the game would infect users with malware. In addition to providing another potential revenue stream for Winnti, this hurts the game developer by crushing its credibility and driving users away. [See also: 10 Things You Must Know About Malware Infections]
Unless you work at an Eastern game studio, your odds of running afoul of Winnti are low. However, the Winnti malware is fairly run-of-the-mill, and a good malware sweep will get rid of it.
Many Eastern games are available to play in the West, provided you don't mind the language barrier. So use caution while playing — if the server looks suspicious (is it almost empty? Does it have an unusual name?), Winnti might already have its hands in the developer's pockets. Don't let it get to yours.