A recently announced security flaw in the way windows handles cursor animation has been widely used to steal World of Warcraft accounts.
The security hole was announced in march and allows websites hosting the code to take over vulnerable PCs. But hackers didn't use it to steal credit cards. Instead, the malicious software lays dormant on a victims' machine until they ran World of Warcraft at which point it captures login data and sends it to the hacker.
Research by security firm Symantec suggests that a stolen credit card can be sold for up to $6 while a WoW account is worth at least $10. An account that has several high level characters associated with it could be worth far more as the gold and rare items can be sold for real cash.
Microsoft has already released a patch for the cursor flaw and urged users to download and install it.
