Hackers spread malware via children's gaming websites

Trojan warning on cutearcade.com website Cutearcade.com's website recently triggered Trojan malware warnings

Related Stories

Hackers are increasingly targeting child-focused gaming websites, according to a leading anti-virus firm.

Avast says it detected malware threats at more than 60 sites that contained "game" or "arcade" in their title, in the 30 days running up to 12 January.

It says the pages tried to download Javascript infections, redirectors and potentially unwanted software.

The Czech company says that young children are often less careful than adults about what they click on.

"These are sites with mini-games, including flash applications and simple online apps - one example is software that allows girls to dress and change the clothes of characters," Ondrej Vlcek, the firm's chief technical officer, told the BBC.

Avast says the most visited site affected - cutearcade.com - had generated more than 12,600 infection reports from its protection software as of last week.

The company says a Trojan on the site had redirected users to linuxstabs.com, a known distribution point for malware.

On Wednesday Avast said its software still detected threats on the site.

Cutearcade.com's owner Two Point Oh, registered to the British Virgin Island of Tortola, did not respond to requests for comment.

The webmaster of one of the other sites flagged up by the study said he believed that third-party adverts might have been to blame.

"I have checked my site in and out for malware and have none," said Eric Smith, webmaster of hiddenninjagames.com.

"I have also checked Google Webmaster tools and it shows no malware. I'm not sure why my website has been targeted for this, I am assuming there may have been malware in the Google Adsense advertisement on my site when Avast checked it. That's the only thing I can think of."

Exploit packs

Avast says it believes most of the sites affected are legitimate businesses that have fallen victim to hackers, and had not been deliberately created to spread malware.

It bases this judgement on the fact that affected pages had been online for months or years before its anti-virus software began detecting threats.

The company believes that hackers have taken advantage of "active components" used to run the sites' forums or chat facilities to spread their malware.

It notes that "exploit packs" are sold online, meaning the hackers responsible might not have needed advanced coding skills.

"I believe that children's computers are more vulnerable to attacks because they are usually in worse shape - in other words the owners are less likely to have the latest security updates installed," said Mr Vlcek.

"The child may also be less suspicious that something wrong is happening than an adult would be. For example if a spam-bot infects the computer and keeps sending out spam emails for a long time a young child might not notice it going on."

Parental supervision

In October last year Security News Daily reported a similar problem affecting children's games on more than half a dozen Chinese websites.

Avast's research suggests the problem has become more prevalent since then.

"This report highlights the need for children and young people to be made aware of the potential security risks associated with free online gaming sites," said Dr Joanne Bryce from the cyberspace research unit at the University of Central Lancashire.

"Whilst it is unclear whether these sites for young people are being deliberately targeted, the possibility of computers being infected with viruses or malware may not be something of which young people are fully aware.

"This is an issue that parents should discuss with their children, and also highlights the need for them to ensure that they regularly update the anti-virus and other security software on their children's computers."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.