Hackers are distributing a dangerous infostealer and adware by passing it off as cracked versions of popular video games, experts have warned.
Cybersecurity researchers from AhnLab claim this latest campaign is particularly unique due to the file type the hackers chose to bypass antivirus programs and other cybersecurity protections.
The team reported spotted a number of malicious websites advertising cracked versions of popular games such as Elden Ring, ROBLOX, Dark Souls 3, Red Dead Redemption 2, Call of Duty, and many others. However, people downloading the executive files from these locations are in for a surprise - instead of the actual game, all they’ll get is ChromeLoader, a known malware capable of doing all sorts of nasties. Among its features is the ability to show ads to users, steal the credentials stored in the browser, as well as other saved data.
Usually, in campaigns such as this one, the hackers would pack the malware in an ISO file - a virtual drive file that the victims can “mount” on a virtual drive. Once run, the file would show as an additional removable storage drive, from which they’d be able to install the executable (in this case, the malware).
This time around, however, instead of the ISO, the hackers have opted for VHD files. Just like an ISO file, a VHD can be mounted on a Windows system with ease, and also works well with most virtualization software.
In the meantime, the websites hosting the malware have been pulled offline, the researchers said.
As usual, to keep safe from threats such as this one, users are advised to steer clear of torrent websites and other unofficial download sources. Pirated software, cracks, key generators and activators are one of the most popular attack vectors threat actors use to distribute all kinds of malware and viruses.
Having an strong antivirus solution also helps.
- These are the best ID theft protection solutions at the moment
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.