Severe Keylogger Storm Warning

[mang]

Severe Keylogger Storm Warning in effect until further notice.

Posted verbatim from the AoC forums, which was posted verbatim from the WoW forums. (Haha, full circle)

Subject: Warning: Keylogger storm imminent!

Just in case the CMs aren't up with the latest hot infosec news, the Chinese exploit pack "MPack" just obtained a brand new, "0day" — unfixed — vulnerability in Adobe Flash.

This is, right now at this very moment, being seeded to various domains (which obviously I won't link here — most of them are .cn domains, but not all of them) in preparation for attacks on various online games, including World of Warcraft.

That's right people — we're about to see another storm of keyloggers posted to the forums and possibly included in advertisements on third-party sites by goldsellers to steal your account so they can grab the loot, use your account to spam the heck out of us all, and then sell your gold back to hapless players.

Because this is really a "0day" vulnerability, no patch is available, and since virtually everyone on every platform runs the Flash plugin, you are (very, very likely) vulnerable.

Please be careful where you click, as merely visiting an infected site may at least try to infect your machine, and the password stealers are brand new, so many of the more mainstream antivirus utilities will not detect them yet. They may even try to sneak the exploits into ads served by legitimate sites; they've done it before, so webmasters, pay attention.

Coverage from the Internet Storm Center, as it happens:

SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc

SecurityFocus' reference for it:
Retired: Adobe Flash Player SWF File Remote Code Execution Vulnerability

ZDnet's initial blog on the issue:
Adobe Flash zero-day exploit in the wild | Zero Day | ZDNet.com

A much more detailed blog post with many more technical details, including a list of some of the known domains involved in the attack:
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: Malware Attack Exploiting Flash Zero Day Vulnerability

Why you shouldn't buy gold (in short, because it funds organised crime like this):
World of Warcraft Europe -> Info -> Gold Selling: Effects and Consequences

More information about the nature of Keyloggers.
Souce: Keylogger can record Virtual Keyboard, including of the XP.
Autohotkey is a well known 3rd party application used for simulating keystrokes, macros and commands. It is designed to work along with AutoIt, which is used for automating Windows rollouts and certain Windows GUI elements. WoW users use this program to aid in Multiboxing, which is just one of the many uses. There's an ongoing 'research' on how to break Keyloggers using AutoHotkey, which provides some detailed information into the nature of keyloggers and how they function, as well as what is 'safe' and what isn't. Breaking myths such as virtual keyboard and clipboard backdoors.

[Hellson]

=O. Thanks for the info!

[Grinflict]

Thanks for the heads up.

[NarcoticsShC]

Thanks for the warning!

[Spritemaster300]

thanks for letting us know

[mang]

No problem, I spread things like this because I have personally been keylogged before and its a very not fun process.

Very good addon to prevent flash from loading without permission is no script for firefox..

noscript.net is where you can find it.

[Grinflict]

Blizzard just posted this on the alert message and high recommend players to upgrade their adobe flash to the latest version to prevent that keylog thing.

[mang]

Still not fixed!

[anthill]

so they found ANOTHER way to steal our stuff GREAT!

[Patchumz]

This information is 100% useless to the smart people in Apple's circle.. (Buy a Mac.. then you don't even have to read about any of that stuff)

[Emuchild]

Thats what YOU think...

[cosmicrain]

Thanks for a heads up.

[azzkikr]

ty for the lootout

[mang]

This information is 100% useless to the smart people in Apple's circle.. (Buy a Mac.. then you don't even have to read about any of that stuff)

Absolutely wrong.. Mac still uses flash in everything.

Every platform uses Adobe Flash player.

No one is immune, it affects everyone.

Use firefox(Firefox web browser | Faster, more secure, & customizable) with NoScript (NoScript - JavaScript/Java/Flash blocker for a safer Firefox experience! - what is it? - InformAction) then you choose what loads and what don't.