Malicious code is hidden in cheats and mods that target the gaming community
Through mods, cheats, and even patches in a series of censored games, hackers will implant malware (malicious code) capable of stealing information from systems. infected, mostly the PCs of gamers or those working in the gaming industry.
Notably, attackers mainly use YouTube's social media and video tutorials to promote hacking tools, cheats, or 'floating' mods that contain malware. they evolve. When the victim downloads a mod to his computer and runs it, the malware immediately spreads on the system.
Over the past few months, researchers from the international cybersecurity organization Cisco Talos have consistently discovered many campaigns using the above tactics to commit malicious behavior. Experts say they've "seen some little tools that look like game patches, mods, or modifiers" bundled with rare, confusing malware.
'This type of attack can be seen as a return to classic forms of virus spreading - video game players are no strangers to the need to avoid downloading the wrong malware while trying to dissuade it. card in terms of the game software they are playing, such as applying the mod '.
One of the malware strains commonly deployed on gamers' computers in this form of attacks is XtremeRAT (also known as ExtRat). This is a longstanding remote access trojan (RAT) that has been used in traditional cybercrime's targeted attacks since at least 2010.
XtremeRAT allows its operators to filter documents from compromised systems, record keystrokes, take screenshots, record by webcam or record with microphone, and interact directly with victims. via remote shell, etc.
The ability to hide malicious code
To enhance the stealth of malicious code, threat actors often use a complex VisualBasic-based encoder and shellcode that hinders analysis and detection processes, and conceals the final volume. deployed in their attacks.
Malware distribution tools deployed on gamers' systems execute malicious game engines that also use different code injection techniques to inject malicious code into new system processes. This makes detecting malicious code more difficult, as it allows the malware to hide the final payload from some anti-malware.
With the trend of working from home during an epidemic, the use of a personal PC to connect to the corporate network is increasing - this is a serious threat to enterprise networks.
You should read it
- After WannaCry, Petya's 'extortion' malicious code is raging, this is a remedy to prevent
- The classic cheat codes, almost every 8x 9x player knows by heart
- 14 games on the App Store contain malicious code, iPhone users be careful
- Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messenger
- Warning: New malicious code is infecting about 500,000 router devices
- Find bug in Emotet malware, prevent it from spreading for 6 months
- Threats and risks from malware on USB Flash
- Malicious code is growing up
- CMC InfoSec provides malware removal tool for online DDoS attack
- Discover a new kind of malicious code that can record the phone call to extort money
- Fileless malware - Achilles heel of traditional antivirus software
- New malware using web application has turned into a source of attack, very difficult to detect
Maybe you are interested
This Simple Android App Proves Anything Can Contain Malware
BadBox Malware Is Picking Up Speed, Targeting Certain Android Devices
Warning of new dangerous malware attack campaign targeting Linux
Downloaded malware? Try these fixes before factory reset!
SteelFox Trojan: Malware Turns PCs Into Cryptocurrency Mining Zombies
Remcos Alert: Ingenious Excel Phishing Campaign Spreading Dangerous Fileless Malware