Latest Stories

Cyberespionage campaign vs online gaming firms bared


MANILA, Philippines – Online gaming is among the fastest growing digital entertainment in the Internet. The fact that online gaming has millions of active players has brought it within sight of cybercriminals, according to a recent report.

The report by Kaspersky Lab, developer of secure content and threat management solutions, disclosed a massive cyberespionage campaign against certain online gaming companies, including those in the Philippines.

A cybercriminal group calling itself “Winnti” has been actively attacking online video gaming companies since 2009, stealing digital certificates signed by legitimate software vendors and also source code of online game projects, the report said.

The Winnti team is targeting gaming companies located in various parts of the world but has a stronger focus on Southeast Asia. Among the countries that have been affected are the Philippines, India, Indonesia, China, Taiwan, Thailand, South Korea, Japan, Belarus, Germany, Russia, Brazil, Peru, and the United States, it said.

It was first detected in 2011, when a malicious Trojan was detected on a large number of end-user computers across the globe and was accidentally installed in the PC of some online gamers, it said.

“Winnti’ was originally thought that the online game publisher from where the piece of malicious software was installed was spying on their gamers. The authors, it seemed, were actually targeting the server of the online gaming provider.

A suspicious program that has been analyzed on the request of an alleged “targeted” online gaming publisher showed that “the Trojan is a DLL library that could function as a Remote Administration Tool (RAT) that could control the victims’ computers without being detected”, the report said.

“The malicious module actually had a valid digital signature that turned out to come from another online gaming company that was issued by Verisign,” it said.

“The digital signature was later revoked upon report of its abuse by the cybercrime group,” it said.

The trail showed compromised digital signatures from legitimate online gaming companies used by the Winnti group, most of which were from South Korea, it said.

These signatures were distributed for use to other hacking groups. Kaspersky Lab listed a number of the companies whose digital certificates were stolen, which include Korean firms ESTsoft Corp. Kog Co., MGAME Corp., Sesisoft, Wemade, and Neowiz. Chinese firms Guangzhou YuanLuo and Fantasy Technology Corp., and Japanese game publishers YNK Japan and Rosso Index KK were also targeted.

LivePlex Corp, a South Korean online gaming publisher has operations in the Philippines.

Apart from industrial cyberespionage, Kaspersky Lab experts also found out other illegal money-making schemes are being used by the Winnti group using their malware campaign. These include:

·         Manipulate the accumulation of in-game currency, such as “runes” or “gold” that’s used by players and convert the accumulated virtual money into real money;

·         Use the stolen source code from online game servers to search for vulnerabilities inside games to augment and accelerate the manipulation of in-game currency and its accumulation without suspicion;

·         Use the stolen source code from servers of popular online games in order to deploy their own pirated servers.

Jimmy Fong, Channel Sales Director for Kasperky Lab in Southeast Asia, said “We encouraging online gamers to exercise caution when using PCs for their online gaming activities. While most gamers use their own devices to play, there are still who use Internet cafes for playing.”

“It is recommended that gamers check if the PCs they are using have the proper security applications installed and updated,” he added.

Fong advised gamers must also be extra careful when using their PCs to conduct online transactions by using legitimate software and having the latest updates to ensure that cybercriminals do not easily infiltrate their PCs for their illicit activities.

Follow us on Facebook Follow on Twitter Follow on Twitter

Recent Stories:

Obama arrives in Tokyo, first stop of 4-nation tour 1 min elapsed Believe it or not: Filipinos love US more than Yanks 7 mins elapsed PH, HK end bitter row; sanctions lifted 14 mins elapsed Return of ‘Ibong Adarna’ 2 hours elapsed Practical Phytos plans his future 2 hours elapsed In love … with acting 2 hours elapsed From prison to the peak of success 2 hours elapsed Books 2 hours elapsed
Complete stories on our Digital Edition newsstand for tablets, netbooks and mobile phones; 14-issue free trial. About to step out? Get breaking alerts on your mobile.phone. Text ON INQ BREAKING to 4467, for Globe, Smart and Sun subscribers in the Philippines.

Tags: Cyberespionage , Gaming , Internet , IT , Kaspersky Lab , technology

Copyright © 2014,
To subscribe to the Philippine Daily Inquirer newspaper in the Philippines, call +63 2 896-6000 for Metro Manila and Metro Cebu or email your subscription request here.
Factual errors? Contact the Philippine Daily Inquirer's day desk. Believe this article violates journalistic ethics? Contact the Inquirer's Reader's Advocate. Or write The Readers' Advocate:
c/o Philippine Daily Inquirer Chino Roces Avenue corner Yague and Mascardo Streets, Makati City, Metro Manila, Philippines Or fax nos. +63 2 8974793 to 94
Advertisement Advertisement


  • Whistle-blowers now alarmed
  • Palace prepared to charge its allies
  • 12 senators on Napoles ‘pork’ list, says Lacson
  • PNP chief on plunder raps: ‘Amateurish’
  • Makati readies 12-month traffic plan for Skyway 3
  • Sports

  • Mixers trim Aces, force do-or-die tiff
  • Donaire junks Garcia as coach, taps father
  • ’Bye Ginebra: No heavy heart this time
  • UAAP board tackles new rules
  • Baguio climb to decide Le Tour de Filipinas
  • Lifestyle

  • Entering the monkhood a rite of passage
  • Haneda International Airport: A destination on its own
  • Wanted: Beauty queen with a heart that beats for the environment
  • Kim Atienza: At home with art and design
  • Life lessons I want to teach my son
  • Entertainment

  • Return of ‘Ibong Adarna’
  • Practical Phytos plans his future
  • In love … with acting
  • From prison to the peak of success
  • ‘Asedillo’ location thrives
  • Business

  • PH banks not ready for Asean integration
  • Stocks down on profit-taking
  • Banks allowed to use ‘cloud’
  • SMIC to issue P15-B bonds
  • Honda upgrades PH plant
  • Technology

  • ‘Unlimited’ Internet promos not really limitless; lawmakers call for probe
  • Viber releases new design for iPhone, comes to Blackberry 10 for the first time
  • Engineers create a world of difference
  • Bam Aquino becomes Master Splinter’s son after Wiki hack
  • Mark Caguioa lambasts Ginebra teammates on Twitter
  • Opinion

  • Editorial cartoon, April 24, 2014
  • Talking to Janet
  • Respite
  • Bucket list
  • JPII in 1981: walking a tightrope
  • Global Nation

  • Obama arrives in Tokyo, first stop of 4-nation tour
  • Believe it or not: Filipinos love US more than Yanks
  • PH, HK end bitter row; sanctions lifted
  • 19 Ukrainians, Russians, Filipinas rescued in bar raid
  • Filipinos coming home from Mideast must obtain MERS clearance – DOH
  • Advertisement