"Winnti" Attacks On Online Gaming Servers Dissected 24
Nerval's Lobster writes "Kaspersky Lab has completed a detailed analysis of "Winnti," a group of Asian hackers who target servers hosted by gaming companies, copying their source code and surreptitiously stealing money or virtual goods over time. In findings published April 10, the security firm said it had completed the latest phase of its eighteen-month investigation. A more detailed account of an actual attacks was published separately (PDF). Winnti has attacked two gaming companies in North America, two in Germany, two in Russia, and fourteen in South Korea. Although the Winnti group has been around for years, it first came to light in 2011, when Trojans began appearing on the PCs of users playing MMORPGs, online computer games which usually require a monthly subscription. Those Trojans, which included RAT (Remote Administration Tool) functionality, had been "signed" with the digital certificate of KOG, a South Korean gaming company. In the course of its investigation, Kaspersky discovered that the gaming companies (which often share resources, partner, and subcontract out work to one another) had provided an opportunity for the Winnti team to secure access to otherwise legitimate digital certificates, which could be used to sign malware. Malware signed by Japanese gaming company YNK Japan was used to attack the servers of social networks Cyworld and Nate in South Korea in 2011."
Re:Stealing on-line gold? (Score:4, Informative)
Watch some of the videos about EVE online's economy. The game designer even has an in house economist to keep track of it all.
The key is to add money sinks as well as money sources. For instance, money used to buy something from an NPC is gone. So, you can adjust the inflation within the game by both tweaking drops/rewards, and item prices.
Of course, most games just have an auction house, while EVE is an entire player based economy.