Chinese malware stealing game usernames, passwords

November 22, 2006

More than half of all Chinese malware used last month was designed to steal usernames and passwords, according to new analysis.

The research also found that 45 percent of October's Chinese malware - written in a simplified version of Chinese - was intended to steal online gaming login details. Eight percent of the code aimed to give hackers the username and password information for the Chinese QQ instant messaging system.

According to Carole Theriault, senior security consultant at Sophos, this should act as a warning to computer users to regularly change passwords and use different passwords for separate sites.

"Given the ever-growing popularity of online gaming in China, this is a worrying trend - once hackers have stolen login details, they can effectively impersonate the victim in the online world," she said. "Millions of people play these games every day, but once inside the game, it's difficult to check their identity and these cyber criminals can wreak havoc, for example buying and selling items in online stores and running up huge debts without the victim even realizing."

Theriault added that while cybercriminals hacking into an instant messaging system may not appear to be a major concern, users should be worried.

"The danger is that the cybercriminals will have inadvertently gained access to bank accounts, or cracked the passwords to secure password protected information," she said.

prestitial ad