Electronic spying campaign targeting electronic gaming companies




Home | News | security and protection |
Electronic spying campaign targeting electronic gaming companies

Deployment experts Bkasprska team Lab today’s report contains detailed research, analyzing a continuous electronic eavesdropping campaign carried out by the organization known as Winnti specializes in cyber crime.

According to Kaspersky Lab’s report, launched group Winnti attacks on companies working in the field of electronic games and online since 2009 and still active so far. The group aims to steal electronic certificates signed by the licensed software providers in addition to the theft of intellectual property, including source code for projects for electronic games on the Internet.

The first incident, which drew attention to the activities of a group criminal Winnti, has occurred in the fall of 2011, when it was revealed a malicious Trojan horse program on a large number of computers around the world. The obvious common denominator between all infected computers lies in that they were used to playing a game known in the online auction. Shortly after the incident, evidence emerged to indicate that the malicious program that hit computers players were part of the regular update of the official server of the company-saving electronic games. The victims expressed from infected computer users and members of the complex players doubted that the game publisher Electronic installs a malicious program to spy on its customers. But it turned out later that the malicious program has been installed on the computers in the players coincidence that cybercriminals were targeting company already saving electronic game.

In response, the company made the publisher of the game and the owner of the server who posted the Trojans among its clients, a request to Kaspersky Lab for analysis of the malicious program. It was found that the Trojan horse was originally custom dynamic link library for Windows environment 64 – bit and used as a malicious program operator. And was a remote administration tool, gives attackers the ability to monitor the victim’s computer without the user’s knowledge. This is an important discovery because the Trojan horse program that is the first malicious program for version 64 – bit Microsoft Windows has a valid digital signature.

The Kaspersky Lab experts have begun analyzing campaign Winnti and found that more than 30 companies operating in this area has been hit by Winnti, knowing that the majority of these companies involved in the production of electronic video games located in Southeast Asia. However, companies operating in the field of electronic games on the Internet and located in Germany, the United States, Japan, China, Russia, Brazil, Peru and Belarus entered among the victims of a Winnti.

In addition to industrial espionage, Kaspersky Lab experts revealed about 3 plans to make money that could be used by organize Winnti for illegal gains:

Conducting fraud currency in force in the electronic games like the rune or gold used by the players to convert virtual money into real money.
Use the stolen source code of electronic gaming servers to look for gaps within games to strengthen and accelerate the process of forging currency game and assembled without raising suspicion.
Use the stolen source code of electronic gaming servers known to publish pirated Malghemadtha.

Currently still organization active Winnti, Kaspersky Lab continues to be achieved. And perseveres Kaspersky Lab expert group to work with complex IT security, electronic games production sector and authorities issued certificates to detect additional infected servers while helping to pull stolen digital certificates.

Games penetrate spy Kaspersky



In: Technology & Gadgets Asked By: [15446 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »