Original thread: http://dota-allstars-blog.blogspot.com/2009/04/warcraft-custom-map-virus-important.html
The demonstrations in one paragraph attract me:
COMODO is the only known program at the moment to prevent Warcraft from running the malicious code as of now. Every other AV/firewall/anti-malware program other than that does not currently prevent this exploit from being used.I was wondering which component intercept this malware, AV or Defense+? what does the popup look like?
Now Kaspersky has caught a sample:
Name of virus: HackTool.Win32.Sniffer.WpePro.w Contaminated sites are here: C:\WINDOWS\TEMP\omfg_wtf.dllSo that's one of the main behaviors: add files into Temporary Folders?
Edit by EricJH: made the url clickable