Antivirus companies have recently put out an advisory for a piece of malware called “PWSteal.Wowcraft”. And what does this computer virus do? As Symantec describes it:

PWSteal.Wowcraft is a password-stealing Trojan horse that attempts to steal the password to the “World of Warcraft” game and send it to the creator of the Trojan.

This is ever more evidence that the economy of virtual worlds is becoming so lucrative that crime — in all its variants — is moving there. Over the last few years, we’ve seen all manner of chicanery, such as “dupers” that, like real-world counterfeiters, flood game worlds with duplicated merchandise and money, mucking heavily with the world’s currency and economy. There have also lately been on-line muggings, and, as I reported in The Walrus a year ago, mafias and organized crime. Given, of course, that a world based on code is eminently hackable, we’re likely to see ever more — and ever weirder — crimes as time goes on.

At first, when I heard of the Wowcraft trojan, I thought hmmm: Virtual-world crime is considerably easier to pull off than real-world crime, because role-playing games are filled with virtual items that are easy to steal. When you steal someone’s World of Warcraft password, you can go in and force their avatar to hand over all their goods and in-world currency to the criminal’s account, then quickly sell the stuff on ebay or any online game-merchandise site. It’s very easy to make game-world stuff liquid.

But then I realized, hey, how is this different from real-world digital crime? A Russian cracker gang gets the information to your bank account, goes in pretending to be you, transfers the money to a foreign bank, then extracts it and washes it clean. Sure, role-playing games are rife with possibilities for identity theft. But the real world of commerce and finance is itself, by now, almost indistinguishable from a role-playing game.

I can’t wait until a US-based court gets ahold of one of these cases.

(Thanks to Kottke, Steve Emrich and Joe Wilson for these!)