Frackin script kiddies!!
Dan Ritter
dsr-mzpnVDyJpH4k7aNtvndDlA at public.gmane.org
Sat Aug 7 08:42:26 EDT 2010
On Fri, Aug 06, 2010 at 02:27:53PM -0400, Richard Pieri wrote:
> On Aug 6, 2010, at 12:46 PM, Derek Martin wrote:
> >
> > It's still not a MITM, because even if you consider the game client
> > the end point, then it's the endpoint itself that's been compromised.
> > What you have is a trojan, plain and simple.
>
> This is true for key logger attacks. This new type of exploit inserts itself into the host system as a network proxy. It listens to connection requests from the client and passes them either to the real Blizzard servers or fakes -- I'm not precisely sure which it does, or if it does both depending on some hidden switch somewhere.
>
> To address Bill's point about frequency: it's that the black hats are using more and more sophisticated attacks. Today it is Warcraft accounts -- which, silly as it may sound on the face of it, are worth a lot of real-world money. Tomorrow it will be something more immediate, perhaps Citi or Bank of America.
>
Also, we should note that the original post from David indicated
that he was accessing his systems remotely. There's a non-zero
chance that potentially hostile invisible proxies are lurking on
any given open WiFi, hotel network, or net cafe.
-dsr-
More information about the Discuss
mailing list