Passwords Matter—The Hidden Risks “Minor” Info Stealers Pose

Last week, we had two major mass compromises. The first one hit more than 100,000 websites, including major news sites like the Wall Street Journal and the Jerusalem Post. The second campaign was much smaller, hitting only around 1,000 pages, and also lacked similarly high-profile victims although the casino firm Ameristar was on the victim list.
The first attack directed users to http://www.{BLOCKED}nt.us/u.js. Once users go to this URL, they inadvertently download a Trojan detected by Trend Micro as TROJ_DLOAD.VAC. This downloads a malicious file detected as TSPY_GAMETHI.QJB. A very similar payload was used by the second wave.
Target: Online Gamers
What is worth noting here is that TSPY_GAMETHI.QJB stole information related to online gaming sites such as Aion Online, Dungeon Fighter, and World of Warcraft. It is tempting to think that the potential fallout from these are minor but it is not. As pointed out in a late-2008 white paper, the “virtual worlds” in online games pose real security risks.
It is also quite likely that the stolen information are not just related to online games. Last week, an interesting paper was presented at the Workshop on the Economics of Information Security. Written by two University of Cambridge researchers, the paper analyzed how 150 various websites use passwords. The researchers found that many sites used passwords less (continue reading...)