Quote:
Originally Posted by f.montoya
Would the hacker be able to, via an ****** on an ootp league site, be able to steal passwords used to login to a forum on the same site?
I'm also thinking that although we are not the same type of gaming community as, say, WoW, but the hacker does not know that, and thus, is attacking us anyway in case we are.
|
In most cases that I have seen, all the ****** does is "trick" the browser to go to a different site without the user knowing it. From which site there is some code to try to exploit various applications in case the user does not keep their computer patched. Common exploited applications or functions are Internet explorer, Real player, Flash, Adobe Acrobat, Java, etc.
If it finds a computer that has not kept their system up to date on patches and are successful in infecting the computer, it usually loads a trojan on the system which starts various tasks among which is a keylogger that is instructed to capture various kinds of passwords. Forum passwords could be one of them I suppose.. realistically anything could be included when a keylogger is concerned. If you type it in, it will know that.
That isn't the only thing these trojans can do. There are thousands of variations all of which target or do different things.