Online game hacking and social media malware among top security threats in first half of 2011

“Threats to mobile and online security are constantly becoming more sophisticated,” explains HongSun Kim, CEO of AhnLab, an industry-leading provider of security solutions based in South Korea. “Therefore, it is essential to remain alert and aware of growing online trends and threats….”

AhnLab has identified 10 of the most prevalent online security threats leveled at individuals and organizations during the first six months of 2011. They include smarter online game hacking, using social media as a means of spreading malware and an increase in mobile malware, among others.

Online Game Hacking

The incidence of game hacking has risen sharply during the first half of 2011. Game hacking attempts were one of the top security threats last year, and it would seem the hackers have gotten smarter this year because the attacks have become more acute and effective. As of June 2011, the number of game hacking tools had increased by 300 percent, to 4,050 from 1,068 from the same period in 2010.  Of those hacking tools, AhnLab reports that 2,575 were memory modification tools, which are becoming more popular that traditional code modification or auto-play cheating. In fact, only 1.274 auto-play tools were identified during the first half of 2011.

Hacking tools provide some players with unfair advantages during gameplay by modifying user data in the memory, game file and server. Auto play cheats use a specific action function as opposed to mouse and keyboard codes. Hacking tools, both memory modification and auto-play varieties, are easy to use and have become increasingly commonplace. They have also become a serious threat. Hackers generally target games to profit from the trade of game items or game money. The first six months of 2011 witnessed high-profile hacks against Nintendo, Sega and most painfully Sony where hackers were responsible for bringing down the popular Sony PlayStation Network. It seems at least some hackers are no longer content with virtual money and are seeking to steal the real thing from gamers.

Malware Spread by Social Media

If 2011 is the year of social networking, and many news organizations say it is, no one should be surprised to find that using social network services as a path for malware was a top security threat in the first six months of the year. Social media, be it Twitter or Facebook or google+ or some other network are useful and popular means of connecting with and relaying messages to broad networks or friends, family and associates.

Unfortunately, hackers have discovered social networks are also a means of effectively distributing malware. During the first half of 2011, attackers have used Twitter and Facebook to spread malware, usually by using shortened URLs connected with popular issues and trending topics from the Japanese tsunami to the assassination of Osama bin Laden to the attacks in Norway, according to AhnLab. These shortened URLs are distributed via public status updates, direct messages between individuals and even chat services associated with some networks.

Mobile Malware

Malware is also striking mobile devices. AhnLab highlights not just an increase in the amount of mobile malware but also a growing sophistication in how it is being distributed. A premium rate calling Android malware was identified during the first half of 2011. The popularity of Apple’s iPhone is also putting more Mac OS users at risk, in part because Macs have generally been considered relatively safer than the more widely used Windows devices. The curated nature of the Apple iTunes and App Stores also discourage some, but by no means all mobile malware attacks on i-devices.

Mobile malware is proving challenging to identify because it is repacked with other apps from third parties that users download and sometimes even pay for. While the application may appear to be working properly, if malware is installed with it, the malware program performs the tasks given by the attackers. AhnLab recommends only opening links and downloading mobile apps from trusted sources as a means to stemming the flow of mobile malware.

Other security threats identified by AhnLab during the first six months of 2011 are: malicious codes hacking corporations, a growing menace to online banking, fake antiviruses that are increasingly difficult to identify, the growing number of malicious codes patching Windows, malicious codes contained in spam emails and malicious codes spread through Web application vulnerability.

How vulnerable any given individual is to any given threat depends on their online behavior. If there is a silver lining for Twitter role-players, it is that they more than many online gamers strive to keep their RP characters separate from the “real person”. This may be a moot point when it comes to malware which affects a given computer or device as opposed to a specific persona but it does put another layer between the individual’s personal information and the hacker.  Unfortunately, that is probably not enough to keep us safe.