Chun Feng Microsoft
download slides (PDF)
With the increasing prevalence of online games password stealers (hereinafter referred to as 'PWS'), game vendors and third-party security vendors are using new security mechanisms to provide better protection for online game users. However, without a doubt, there is an escalating fight between the anti-malware vendors/online game vendors and the operators of the black markets for PWS. Recent PWS have become more and more complicated and have been designed deliberately to attempt to break these protections.
This paper examines some popular protection technologies used by online games these days, such as password matrix cards, memory-based protection, and account/host binding, etc. In light of these technologies, it analyses some of the most recent PWS from the wild and unveils the novel tricks used to defeat these protections (such as DLL hijacking, for example).
Absolutely, it is more than just the responsibility of anti-malware vendors to protect the security and integrity of online games. This paper illustrates how the design/implementation of online game software, and the game users' behaviours impact on security. It also presents advice for game developers on designing with these kinds of threats in mind and advice for game users on how to improve the safety of their online game experience.