Thursday, July 5, 2012

New W32.Gammima.AG Variant Goes After Diablo 3 Accounts

Diablo 3Are you a Diablo 3 player?

Make sure you keep your operating system up-to-date and the virus definitions for your antivirus software of choice current.

Symantec researchers have identified a new W32.Gammima.AG variant that intercepts Diablo III communications to help thieves gather the login credentials they need to hijack player accounts.

Of course, the reason for this new & improved version of the malware is most likely due to the Real Money Auction House, which allows D3 players to use real money to purchase game items and gold.

W32.Gammima.AG’s focus isn’t limited to just Diablo 3, either. Gamers that play Arad, Lineage, Maple Story, The Kingdom of the Winds and World of Warcraft are also said to be targeted as well.

Researchers didn't disclose how they encountered the malware, but Gammima is known to spread through local drives and copy itself to removable storage devices. It's always wise to watch what you download and take the necessary precautions to protect yourself against drive-by-downloads.

Protect Your Diablo 3 Account

To protect their gaming accounts from cybercriminals, Symantec recommends that users:

  • Keep their computer operating system fully patched and up-to-date.

  • Run antivirus software and keep the virus definitions current.

  • Use the account protection features offered by Blizzard Entertainment, which include Authenticators (mobile app or physical key-chain) and option to receive SMS alerts of account changes. Blizzard requires the use of an authenticator to add/remove money to your account balance anyway.

I personally have been using the Authenticator mobile app since I first started playing, despite not having any intention to use the Real Money Auction House and it’s not that much of a pain to enter the code during login. Better to be safe than sorry!

[via Symantec]

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment