WoW gamers targeted with trojanized Curse client
Posted on 06.01.2014
The DDoS attacks that temporarily took down Blizzard's and Valve's Steam online gaming services over the end of the year holidays have undoubtedly annoyed players, but posed no danger to them - unlike the recently discovered Trojan disguised as a Curse client.

Curse is a popular gaming and community resource for a number of MMORPG games, and also hosts a World of Warcraft add-on site.

Unfortunately, cyber crooks have managed to create a convincing fake version of the site on which they offered for download the trojanized version of the Curse client, and to make it pop up high up in searches for "curse client" on major search engines.

The Trojan in question has been dubbed Disker, and it is able to steal login information in real time, so it steals both the account login information and the security code that the user receives via the authenticator device, and may result in users' account being compromised. The Trojan targets only Windows users.

If you think that you might have been infected, deleting the fake Curse client and scanning your computer with an up-to-date AV solution is a good idea.

If you don't find anything suspicious, you can also do a manual check for the Trojan, as explained in this post by a moderator on one of WoW's online forums.

If your account has been compromised, report it to Blizzard. But there are also several things you can try before taking that last step.


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th