What are the infection vectors for multiplayer online video games?

Discussion in 'other security issues & news' started by Devinco, Aug 20, 2004.

Thread Status:
Not open for further replies.
  1. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Hi Everyone,

    What are the infection vectors for multiplayer online video games?
    Here is what I have come up with so far:
    (1. and 2. are obvious, but what about 3. and 4.?)
    Are there others not listed?

    1. Infection by running infected video games (probably pirated), patches, modifications, maps, etc.

    2. Infection by visiting a malicious game related website with weak browser security settings.

    3. Infection via a malicious game server. Let's say a player installs a clean video game and wants to play online. The game itself (or a related utility) connects to a server which lists available online game servers with the games/maps that the player might be interested playing. The name of the server, the game/map running, number of players, and a few other minor details are visible. Let's say the Russian Mafia is running the game server and the intent is to plant and execute trojans and root kits on visiting players computers without their knowledge while playing. In order to play most games, players will have to open up one or more ports in their firewall to send and receive game data. Some may require firewall server permission for the game application (and accept incoming/outgoing communications). Can the operators of the malicious game server achieve their goal by:
    A) Exploiting a weakness in the video game code to permit greater system access such as injecting a trojan into the game program? Or perhaps dropping and/or executing a trojan/rootkit elsewhere on the system? Or maybe a buffer overflow?
    B) Infecting the player's computer via the open ports needed to play the game? Since the malicious game server knows what ports are required to be open, it would target those.

    4. Infection via another player. Let's say the game server is clean. A malicious player connects to the game server and then to a running game with other players. Is it possible by some means (or utilities) for the malicious player to infect the other players? (perhaps by similar methods to A) and B) above)

    What are real concerns and what are not?
     
  2. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Any thoughts about this....anybody?
     
Loading...
Thread Status:
Not open for further replies.