ESET researchers have discovered new malware, named Joao, that is spreading via computer games published on unofficial websites.
Joao is modular malware capable of downloading and running other malicious code.
“To spread their malware, the attackers behind Joao have misused massively-multiplayer online role-playing games,” explains ESET South Africa CEO, Carey van Vlaanderen. “They modified the games to make them capable of downloading further malware.”
ESET research has shown that the criminals behind the campaign misused several game titles by Aeria Games and served their modified versions on unofficial web sites.
The one that remained active in spreading the malware, gf.ignitgames[.]to, is blocked by ESET security products.
The games laden with Joao were able to gather information about the infected computer and then download additional components offered by the Command&Control server.
The Joao components ESET researchers discovered during their research had backdoor, spying, and DDoS capabilities.
“The infection process is well hidden from the victims and these modified games work as expected. Once a game-hungry user jumps into downloading the modified game, there is nothing to raise their suspicion. Those who are not protected with a reliable security solution simply end up with their computers infected,” warns van Vlaanderen.
ESET security experts have compiled a set of recommendations to help gamers enjoy gaming without being faced with threats:
* Favour official sources whenever possible.
* Keep games updated.
* Use a reliable security solution and keep it turned on while gaming.
* Keep in mind that there are other threats targeting gamers.