These latest threats serve as a reminder that gamers, their accounts, and their in-game goods are lucrative targets for malware authors
Reports of a new malware targeting gamers, along with Avast Threat Labs findings on Crackonosh, are reminders that targeting gamers can be big business for cybercriminals. They’re also a reminder that gamers need to protect themselves against malware and not download illegal, “cracked” versions of games.
BloodyStealer is malware that, like it’s name suggests, steals information. In addition to the usual information malware like this grabs (cookies, usernames, passwords, and financial information) it also steals game sessions. Stealing gaming sessions like this enables the attackers to connect to major online gaming services as the victim, giving them complete control of the victim’s gaming account. BloodyStealer targets some of the most popular gaming platforms out there, including Bethesda, EA Origin, Epic Games Store, and Steam.
Attackers target game accounts because they can sell these accounts to others in underground markets, especially when those accounts are high-level, powerful in-game accounts.
Attackers can also sell items that players have earned or paid for on those platforms to others. In-game goods may be virtual but they cost actual money. That cool, virtual, in-game sword that you paid for can be stolen and resold to someone else for actual money for the cybercriminal, leaving you with nothing.
Another recent malware that Avast’s Threat Researchers discovered this summer, Crackonosh, highlights another way cybercriminals target gamers. With Crackonosh, we found that attackers were loading their malware into “cracked” versions of popular games. “Cracked” versions are illegal copies that people download instead of legally buying the game.
When people would download Crackonosh, it silently included a Monero coinminer, stealing the victims computing power to make cryptocurrency for the malware authors. Because gamers frequently have high performance systems, this is very smart of the malware authors: it gives them above-average computing resources to steal. It disabled security software and updates, leaving the system vulnerable to other attacks.
Our researchers found the people behind Crackonosh were targeting some of the post popular games out there, including:
When we wrote in June, we found that Crackonosh had the most infected users in the United States, Brazil, India, the Philippines, and Poland. We also found notable infections in the United Kingdom, France, Italy, and Canada. Other countries included Mexico, Argentina, Spain, and Portugal.
Since then, we’ve seen Crackonosh continue to be a problem, though it has shifted the countries somewhat as shown below and right now is mainly affecting countries in Africa, India and Pakistan, Mongolia, the Philippines, Australia and New Zealand.
Crackonosh was very lucrative for the people behind it, earning over $2,000,000 USD from over 222,000 infected systems worldwide since at least June 2018.
These latest threats serve as a reminder that gamers, their accounts, and their in-game goods are specific, lucrative targets for malware authors. If you’re a gamer, you have a higher threat profile than other users.
First, running good security on your gaming system can help protect against malware infections. Avast’s security includes the ability to mute alerts while you’re playing, a nice feature to provide you with security and not be interrupted while playing.
Second, many online gaming platforms now include some form of multi-factor authentication. While that may not protect against all attempts to hijack your accounts, it can serve to significantly raise the bar of protection.
Finally, only get games from legitimate game stores. Getting games from other locations, especially ones that are offering “cracked” versions, is a good way to get much more than you bargained for. These threats serve as a reminder that making security a part of your gaming system is a smart move that can help save you a lot of hassle and protect you against these kinds of threats.
Our young people are always learning. It’s a great time to expand their cyber education to help keep them safe in the classroom.
The beginning of the school year is the perfect time to boost your child’s digital literacy by talking to them about online safety, cybersecurity in school, and celebrating their digital milestones.