Malicious Multiplayer Mayhem: When Online Gaming Goes Wrong

Written by: Ryan Angelo Certeza

The world of online gaming has its own dangers, and we’re not just talking about the bad guys in the game. We’re talking about the tricksters, the scammers, the cybercriminals that do not wait around to target you in massively multiplayer online roleplaying games, or MMORPGs.

Recent trends show that cybercriminals use MMORPGs to carry out their malicious activities. They’re inside and out of the game, seeking to hoodwink other players out of their personal details, their cash and their hard-earned loot. This entry aims to enlighten users on the dangers of MMORPGs.

What are MMORPGs?

MMORPGs like World of Warcraft and Star Wars: The Old Republic differ drastically from other games with online multiplayer functions like Farmville or Team Fortress 2. MMORPGs focus on player-to-player interaction as an integral part of the game experience. Chat interfaces and other functions are built into the game specifically to facilitate communication and collaboration between players. Other tools that place the emphasis on player relations include “guilds” and in-game clubs that players can create and invite other players to join. MMORPGs also allow players to link their social networking sites to their gaming accounts.

What kind of threats can gamers encounter?

Most of the threats to online gaming involve malware. An example is a malicious file disguised as downloadable cheats or game hacks. However, we will focus on the certain threat actors that wreak in-game havoc. They are as follows:
  • Scammers: Malicious players who trick potential victims during a transaction. Players may be lured into the transaction by being offered lucrative bonuses or rare items for significantly low prices. Victims usually end up being tricked out of their money during the transaction.
  • Phishers: Malicious players who trick potential victims into giving them their account information. They do this by pretending to be a member of the online game’s administration staff. They often tempt the player with free items and may even threaten players with account deletion to convince them to cooperate. Recently, phishers sent private messages (PMs) disguised as promo notifications for World of Warcraft’s most recent expansion, Mists of Pandaria. The message links to a website that players must log into in order to redeem the free items offered in the promo. Instead, the malicious site sends out players’ login details to cybercriminals.
  • Griefers: These are malicious players who harass other gamers. Griefers do this through actions and dialogue that could be considered as inappropriate or disruptive behavior. Griefing may not be considered harmless as it does not necessarily affect the victim or his/her account. However, such behavior can affect other players' enjoyment of the game. It could also expose other gamers to inappropriate language or material. Cyber bullying can also be considered an act of griefing.

How are threats on MMORPGs different from the others?

MMORPG threats are different from the usual online gaming threats because they involve players inside a game with interaction and communication as its main focus. This guise has the potential to make them indistinguishable from legitimate players, or those whose actions have no malicious intent.

How do these cybercriminals victimize gamers?

All of the cybercriminals mentioned have to establish a line of communication with the victim first in order to start their malicious schemes. Cybercriminals may approach the potential victim through in-game instant messaging or interact with them directly.

How do these cybercriminals affect the online gamer?

Here are some ways that gamers are affected:
  • Item/In-game cash theft. Scammers may unjustly deprive a player of their in-game resources if the player falls for their tricks. This could also result in actual financial loss if RMT (Real money trading) was part of the transaction.
  • Account compromise/loss. Players’ accounts may be hijacked and/or stripped of its contents and resources should they fall for phishing scams. They may also be unable to recover their lost accounts and game data.
  • Harassment. Griefers and cyber bullies most often hound or stalk their victims to make the victim log out in frustration. While their gaming accounts are not drastically affected, harassment impacts the player’s gaming experience and enjoyment.
  • Exposure to inappropriate content. Griefers may expose underage players to sexual or inappropriate content through the use of adult language, contraband references or suggestive behavior.
  • Account compromise. Players may also find that their personal details are at risk of being stolen, especially if their accounts are linked to their social networking accounts.

How can online gamers avoid falling prey to these cybercriminals?

Gamers can easily defend and guard themselves from these threats by always being cautious about whom they talk to or play with. Here are some more tips:
  • Do not simply add random players to their contact lists, and only to add who they know personally or trust.
  • Refrain from clicking links inside suspicious messages or PMs.
  • Ignore or block griefers and cyber bullies and report them to the proper game authorities to ensure that they are dealt with.
  • If possible, do not get involved with RMT or transactions that require actual cash, either by credit card or some other way of money transfer.
  • Be wary of divulging any personal information online.
  • For more tips regarding online gaming security, players and parents can check out our e-guide “How to Level Up and Secure Your Online Gaming Experience.”

Are Trend Micro users protected from this threat?

Web Reputation Services, a cornerstone part of the Trend Micro Smart Protection Network™ protects users through filtering malicious URLs and blocking access to them even before the actual page loads. This stops phishing threats, such as seen in the Mists of Pandaria scam, right in their tracks.

Home users can use Trend Micro™ HouseCall to scan and clean systems infected with malware components related to this attack.


“It is interesting to note that some of the phishing websites were registered just days after Blizzard announced that Mists of Pandaria will be the next World of Warcraft expansion. This clearly shows that the bad guys are up to date and are always in the lookout for events and opportunities to expand their nefarious schemes."– Menard Osena, solutions product manager