Playing dirty: evolving security threats in the gaming world
Amir Fouda, Hannah Mariner CA
download slides (PDF)
Game-targeting malicious software has been the quiet achiever in the malware landscape over the past year. In fact,
over the last several years, with the worldwide explosion in popularity and profitability of online games, malware
writers and hackers have turned their attention towards the growing pool of new target users. Note the increasing
numbers of specialized malware that attempt to steal the online gamer's login credentials and in-game assets. Think of
the social engineering tactics malware writers use to entice the unsuspecting gamer into running their malicious
software.
This paper focuses on drawing attention to the rise of game-targeting malware designed to trick, steal and
profit from the vulnerable gamer. What makes the gamer a tempting prospect for malware writers? What functionality
does game-targeting malware exhibit? What social engineering strategies are employed in luring vulnerable users?
What role does the games industry have in protecting and informing its users, and where does the security industry
fit into this scheme?
Our research will track the evolution of game-targeting malware by deconstructing real-life examples. This
will be presented in terms of the malware's technical capabilities, its evolving functional complexity, and
indications of possible directions in the near future. We will also provide an insight into how gaming consoles
are vulnerable to such attacks, as well as examining possible preventative measures for users in the gaming
community.
VB2010 will take place 29 September-1 October 2009 at the Westin Bayshore, Vancouver, BC, Canada.
Early bird discount available until 15th June 2010.