When you were eleven years old, you probably â€“ like this writer â€“ concerned yourself with some of life’s more mundane joys. Bike rides with your friends. Perhaps a spin on the ol’ Nintendo (or Super Nintendo). Homework. Stuff like that.
Oh, how times have changed.
According to a new report from AVG, kids as young as eleven are apparently brushing up on their coding skills and using a bit of ingenuity to trick fellow gamers â€“ young and old â€“ into giving up sensitive information.
The hack in question is an app, “Runescape Gold Hack,” that allegedly promised to give free gold to players of the popular massively multiplayer online game. All that players had to do was select how much gold they wanted to receive from a handy drop-down box and input their username and password for their Runescape accounts. Obviously, the gold would head straight over â€“ but players are cautioned by the app to, “NOT use more than once a day, as admins may become suspicious!”
Go figure, then, that the malware in question was actually designed to send one’s account information on over to a specific email address. That email address, said AVG representatives in an interview with BBC News, was registered to an eleven-year-old in Canada.
“Mostly kids writing malware are doing it to show off to their peers, by demonstrating ‘hacking’ ability. It could be stealing someone’s game logins. This might seem trivial at first, but online gaming accounts are often connected to credit card details to enable in-game purchases, and these may also have virtual currency accounts amounting to hundreds of dollars,” wrote AVG CTO Yuval Ben-Itzhak in an associated blog post.
“Furthermore, many gamers unfortunately use the same login details for social networks such as Facebook and Twitter, potentially putting the victim at risk of cyber-bullying, in addition to identity theft and major inconvenience,” he added.
Of course, these young code-writers might also have a bit to learn about security themselves. According to the BBC News article, researchers were able to find enough identifying details in the aforementioned app’s source code to track down the identity of said boy, including his current town and the fact that his parents had just recently bought him a new iPhone.
Perhaps not the best of details one wants leaking out when, er, one is trying to scam gamers’ accountsâ€¦