World of Warcraft strikes back against game-related cybercrime

Filed Under: Data loss, Malware, Phishing

Blizzard token authentication

Blizzard, the company behind the popular online role-playing game "World of Warcraft", has announced that it is producing a hardware token device to help protect its gamers against cybercriminals.

In a trick nabbed from an increasing number of online banks, Blizzard is fighting back against hackers who have feasted upon game players on poorly protected PCs in the past by introducing a small hardware device that produces a one-time six-digit number that can be entered at login alongside the user's regular username and password.

Even if keyboard logging spyware has infected the PC and can grab the username and password it won't find the random number very useful as it expires within a couple of minutes.

What has become clear in recent years is that hackers are actively trying to steal from players of online MMORPGs, whether it be "cyber-money", spells or armoury that they are after. These virtual assets are sometimes sold for real money via the internet. By stealing usernames and passwords, hackers can break into these games and steal other player's virtual identities and belongings.

It should be pointed out that devices like this aren't a complete answer to the problem of cybercriminals stealing your cloak of invisibility or sword of Thorin, but they certainly make life more complicated for the cybercriminals, and could help kill off the market for databases of stolen user ids.

Blizzard's online store says that the devices are only currently available in the USA, and are being marketed for $6.50.  At the time of writing they appear to be sold out - hopefully that means plenty of WoW players have recognised the value of a device like this and are taking Blizzard up on the offer. 

By the way, if you have a problem controlling employees in your company playing games like World of Warcraft in the office, we have a solution for you.

,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.