…whatever the hacker community’s personal taste is in games and consoles, gamers are a tempting target…
…but I'm not convinced that LulzSec's admiration for Nintendo and Sega makes them suitable playmates. More about that in my latest article for SC Magazine's Cybercrime Corner:
The fact is, as Tom Brewster suggests, that whatever the hacker community's personal taste is in games and consoles, gamers are a tempting target. The class of phishing Trojan aimed specifically at game-players that ESET calls Win32/PSW.OnLineGames, which accounted for 1.58% of infections detected by its ThreatSense.Net® telemetry according to May's Global Threat Report (putting at number 3 in the top ten detections), has been one of the top-scoring detections every month for the past several years. As I'm quoted as saying in that same IT Pro article:
"Online and console gaming has long been a favourite target for phishing for credentials, and attacking the service providers is a natural progression as a supplement to that kind of attack”
Credentials and game assets are easily converted to cash, either virtual or the real thing. In fact, my colleague Cameron Camp just put up an excellent blog article about Bitcoins, a "self-generated hash-based peer-to-peer currency with no centralized regulating body…" and asks "will it replace traditional legal tender as the currency of choice for cyber-nastiness?"
Well, I'm not sure how seriously LulzSec takes Bitcoins, but it seems happy to take the currency.
David Harley CITP FBCS CISSP
ESET Senior Research Fellow