(LiveHacking.Com) – Luigi Auriemma and Donato Ferrante, the founders of subscription based security vulnerability company ReVuln, have discovered various vulnerabilities in some of the world’s most popular multiplayer online games including Call of Duty: Modern Warfare 3, and Crysis. Since many online games allow users to purchase virtual goods it is feasible that by exploiting these vulnerabilities hackers could steal personal information including credit card numbers.
It is also possible that a botnet could be created by installing malware on a machine and have it join other machines all composed of vulnerable computers used to play the online games.
Because game companies are focused on making their games compelling and feature-rich, the security aspects of the client and server can often be weak. Also many of the client and server components are written in C or C++ meaning they are susceptible to security issues like buffer overflows and memory corruptions.
The gaming protocols themselves are also complex. For example a remote memory disclosure exists in Call Of Duty: Black Ops because when the gaming server always replies to certain requests with a fixed sized packet of 1168 bytes even if the actual information returned is smaller. The result is that parts of the server’s memory is disclosed to anyone sending an invalid request. This can mean that an attacker could retrieve information like passwords and IP addresses that have remained in junk memory.
“Companies working in the games market don’t like to invest in making their software secure, they are more concerned about people cheating than having their customers compromised by a security vulnerability,” said Luigi Auriemma to SCMagazine.
The pair presented their initial findings at Power of Community 2012 where they also showed a demo of two zero-days vulnerabilities in Call of Duty: Modern Warfare 3 and Crysis. The slides can be found here. Auriemma will also present more details at the March 2013 BlackHat security conference in Amsterdam.