Iron Edge
Iron Edge => General Discussion => Topic started by: Goza on December 21, 2006, 11:22:02 am
-
If you haven't heard yet, there seems to be a new wave of keyloggers placed on some WoW addon websites.
See todays news topic at http://www.worldofraids.com/v2/ for some good info.
The major infected sites seem to be WorldofWar.net and Curse-gaming.com.
One logger places itself as "NTLDR.exe" in your c:\ directory, so you might want to check for those file (exe, not dll).
Another one is \Windows\System32\algetgleyus.exe , that one also creates a registry entry under \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run called systwyei (you can open the registry editor by running regedit.exe). This one however also seems to use several different filenames so it might be hard to detect.
-
i think if u are logging thru launcher u cant get hacked.
and ofc i hope ppl not giving they user/pw info on some sites (exept wow-europe to pay for acc)
-
You can be hacked. But the launcher looks for known keyloggers...
Depends how quickly they update the launcher I guess.
I haven't seen a launcher update recently, so I would think these new keyloggers are not caught by it yet!
-
I'd guess the launcher does download the keylogger signatures upon each launch from the Blizzard site, in order to keep up to date. At least something like that seems to be done when you start the Burning Crusade beta main game.
However, I wouldn't blindly trust it. It's far too easy to create thousands of keylogger derivates.
-
A good way to avoid ever being keylogged is if you have a piece of software like Blackice, and turn on application protection. That way, if a program tries to kick up that you haven't opened before or has been altered since you lasted used it when you open it, it halts it and gives you the option to kill it. :)
Alternatively, just keep a frequent eye on the task manager, if you like keeping your task list short.