"Game companies usually tend to give more importance to anti-cheating solutions than to improving the security aspects of games," they said. "In other words, they tend to care more about cheaters than people exploiting vulnerabilities on their users' systems."
Game vulnerabilities could also be used to compromise the computers of specific individuals or organizations in targeted attacks, the two researchers said. It's not just kids and teenagers that play online games, but people of all ages with different backgrounds and jobs, they said, pointing out that a game player could be a technician working at a power plant, a politician, or anyone with access to some type of sensitive information or system.
When people play games, their defenses are down and the only thing standing between their computer and attackers is a vulnerable game that often doesn't even have Windows exploit mitigation technologies like DEP (Data Execution Prevention) and ASLR (Address space layout randomization) enabled, they said.
Sign up for CIO Asia eNewsletters.