Feeds

Cybercrooks turn Eve Online into botnet battlefield

Fun-spoiling, DDoSing thieves farm virtual gold to sell for cold hard cash

SANS - Survey on application security programs

Crooks using online games to farm virtual currencies that they can sell for real money have turned internet spaceship game Eve Online into a battlefield for botnets.

Eve Online is home to various rival groups who generate in-game currency for gamers who want to join in without spending their time acquiring experience and resources by working their way up from the bottom. Rivals groups from eastern Europe are using botnets to DDoS opponents before taking over their territories. Regular gamers are often caught in the cross-fire of multi-pronged attacks that might occur in game, via DDoS attacks to forums, over VoIP communication systems and late night prank phone calls. Game servers have taken a hit in the process.

Gold farmers are known for using Trojans to gain control of compromised accounts. The Eve Online baddies have taken a different tack through attacks that swamp forums with junk traffic.

Chris Boyd, a senior threat researcher at GFI Software and gaming security experts, said that Eve Online's difficulties are a part of wider problems in virtual worlds.

"Gold farmers can cause the price of in-world items to rise, chat channels can be flooded by sale scams, endless bots and automated processes can cause significant server load," Boyd told El Reg. "That's before you get to the problems creating by phishing, hacking and scamming established and profitable accounts."

Boyd (AKA paperghost) agreed that the miscreants on Eve Online are taking it up to 11.

"The idea that there are effectively dead systems filled with nothing but spambots and hostile empires that are happy to do battle outside of their gaming realm by DDoS'ing websites and making prank phonecalls is a fascinating insight into the troubles plaguing virtual worlds, and real world currency having a marked impact on virtual trading makes this a few steps above dedicated DDoS botnets designed for nothing other than kicking console gamers out of Halo 3 sessions."

Various groups rumoured to be working out of Eastern Europe and Russia are said to be offering in-game currency for real money. "Investigations by the owners of the game have caused several leaders of these alliances to be banned in the past," explained Reg reader Patrick, who was the first to tell us of the hive of villainy within Eve Online.

More details on some of the DDoS attacks and other shenanigans on Eve Online can be found in blog posts on "Evenews" here, here and here. ®

SANS - Survey on application security programs

More from The Register

next story
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
Feast your PUNY eyes on highest resolution phone display EVER
Too much pixel dust for your strained eyeballs to handle
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
US mobile firms cave on kill switch, agree to install anti-theft code
Slow and kludgy rollout will protect corporate profits
Sony battery recall as VAIO goes out with a bang, not a whimper
The perils of having Panasonic as a partner
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.