Children as young as 11 are writing malware designed to steal login details from online gamers, according to internet security software giant AVG Technologies.

The Czech-founded company, which provides internet and mobile security to more than 140 million customers, has released a Threat Report, detailing its investigations into a number of malicious software developments.

AVG Report Finds ‘Disturbing’ Trend of Child Hackers

 

The report found that children have been developing malicious code, and in one case it was discovered that an 11-year-old had created a Trojan which could steal login information.

The report said that while stealing someone’s game logins may at first seem a minor problem, online gaming accounts are often connected to credit card details to enable in-game purchases, and may also have virtual currency attached to them amounting to hundreds of dollars.

Cyber Bullying

As many gamers use the same login details for social networks such as Facebook and Twitter, the initial breach of obtaining one login, could impact further and in addition to identity theft and being a major inconvenience, the victim could also be put at risk of cyber-bullying.

Chief technology officer at AVG, Yuval Ben-Itzhak, said the company has seen a number of examples of very young individuals writing malware, including an 11-year-old from Canada.

Ben-Itzhak said the code usually takes the form of a basic Trojan, written using the .NET framework, which is easy to learn for beginners and simple to deploy via a link in an email or posted on a social media page.

Mobile Phone Threats on the Rise

“We believe these junior programmers are motivated mainly by the thrill of outwitting their peers, rather than financial gain, but it is nevertheless a disturbing and increasing trend. It is also logical to assume that at least some of those responsible will be tempted to experiment with much more serious cyber-crimes,” Ben-Itzhak said.

The quarter-four Threat Report also stressed the increase in mobile malware, particularly of code designed to target Google’s hugely popular Android operating system.

Throughout 2012 AVG’s ‘threat labs’ also reported on the First Android Rootkit, examples of mobile banking being targeted for attack, malicious apps that send text messages to premium rate services, and Trojan-infected versions of popular games on unofficial app stores, including best-seller Angry Birds Space.

Exploit Toolkits Dominate

The report states that cyber-criminals, who create and sell commercial ‘exploit toolkits’ – allowing less tech-savvy peers to break into the malware market, continue to dominate.

Almost 60 per cent of all threat activity online was performed by exploit toolkits in 2012.

One example of a new exploit toolkit which surfaced during the last quarter of 2012, and bore a ‘remarkable resemblance’ to the Blackhole Exploit Kit, was the Cool Toolkit, which accounted for 16 per cent of the top web threats in Q4 2012, topped only by Blackhole at 40 per cent.