CNet has an article up documenting a not-too-well known problem with World of Warcraft these days. Chinese and Russian hackers have been stealing World of Warcraft accounts by the tens of thousands and selling off all of the items in them. The problem is continuing to this day and shows no sign of slowing down.

How do they do it? Keyloggers. World of Warcraft gamers visit sites related or unrelated to the game, and those sites silently push a keylogger virus/malware program onto their PC, which sits and waits patiently, logging keystrokes, and listening in when the user types their World of Warcraft login and password. It transmits the information off to the gangs, who then log in another time and strip the account of everything of value.

CNet says that the best advice being offered by Blizzard since the attacks are indeed on user PC’s and not the Blizzard systems themselves is to keep your antivirus and anti-malware solution and its underlying OS fully patched and up to date.

Personally I think that while you need to have anti-virus and anti-malware software fully patched and up to date, it is not going to be good enough. You need to use web browsing and email software without the big holes in it to install this stuff, using Firefox and its NoScript extension to control how JavaScript runs instead of using Internet Explorer would be a good start for browsing, and running Thunderbird instead of Outlook for your email should close up a number of vulnerabilities. Add in using OpenOffice instead of Microsoft Office and you’re likely to be safer from any macro viruses embedded in MSWord documents that the gangs could be sending around as how-to’s for certain parts of the game. All of these things can improve your safety online, not just with World of Warcraft, because key loggers don’t just listen in on game logins, they listen in on every kind of login on your PC.

Via CNet.