Slashdot notes that World of Warcraft players are being targeted by malware. The point is, a password sniffer is being installed to try to get players' World of Warcraft account information. The original BBC article notes that "research by security firm Symantec suggests that the raw value of a WoW account is now higher than a credit card and its associated verification data." That's quite astonishing.
Presumably the accounts are being used to farm gold for resale. I wonder how long a compromised account is really usable, given that WoW only allows one login at a time? If a player tries to log in while a hacker is using the account to farm gold, you'd think that would quickly result in the player contacting customer service.
I guess another possibility is that the hackers are simply cleaning out the accounts. My sense is that a particular account isn't worth much in terms of liquidation value, thanks to Blizzard's "binding" deisgn that makes it so most items aren't resalable after they've been used, once. I'd also think that in this case Blizzard could easily investigate where those items were sent and ban the hackers, but perhaps I'm underestimating the amount of work required, there.
That makes me wonder if, in fact, the farmers aren't just using the compromised accounts to launder gold? It's always seemed to me that the gold collecting accounts must be different from the gold delivering accounts, as I'd expect the latter to get compromised, often. You'd think Blizzard would put in a watcher that would notify them any time someone mailed more than, say, 1000 gold pieces (which, in game, is a pretty significant amount).