Curse is a popular gaming and community resource for a number of MMORPG games, and also hosts a World of Warcraft add-on site.
Unfortunately, cyber crooks have managed to create a convincing fake version of the site on which they offered for download the trojanized version of the Curse client, and to make it pop up high up in searches for "curse client" on major search engines.
The Trojan in question has been dubbed Disker, and it is able to steal login information in real time, so it steals both the account login information and the security code that the user receives via the authenticator device, and may result in users' account being compromised. The Trojan targets only Windows users.
If you think that you might have been infected, deleting the fake Curse client and scanning your computer with an up-to-date AV solution is a good idea.
If you don't find anything suspicious, you can also do a manual check for the Trojan, as explained in this post by a moderator on one of WoW's online forums.
If your account has been compromised, report it to Blizzard. But there are also several things you can try before taking that last step.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.