BingoTingo Best Place To Gain Knowledge & WP Theme
Hackers are spreading a dangerous infostealer and adware by posing as cracked versions of popular video games, experts warn.
Cybersecurity researchers at AhnLab claim that this latest campaign is particularly unique due to the file type chosen by the hackers to evade antivirus and other cybersecurity measures.
The team reported a number of malicious websites promoting cracked versions of popular games such as Elden Ring, ROBLOX, Dark Souls 3, Red Dead Redemption 2, Call of Duty, and many others. However, people who download the executive files from these locations are in for a surprise: instead of the actual game, all they get is ChromeLoader, a known malware (opens in new tab) capable of doing all sorts of nasty things. One of its features is the ability to display ads to users, steal the credentials stored in the browser, as well as other stored data.
VHD files
Typically, in campaigns like this one, the hackers packaged the malware in an ISO file – a virtual disk file that the victims can “mount” onto a virtual disk. Once executed, the file would appear as an additional removable storage drive, from which they could install the executable (in this case, the malware).
However, this time the hackers opted for VHD files instead of the ISO. Like an ISO file, a VHD can be easily mounted on a Windows system and also works well with most virtualization software.
In the meantime, the websites hosting the malware have been taken offline, the researchers said.
As usual, users are advised to avoid torrent websites and other unofficial download sources to protect against threats such as this one. Pirated software, cracks, key generators and activators are one of the most popular attack vectors that threat actors use to proliferate all kinds of malware and viruses.
Having a strong antivirus solution also helps.
Via: Bleeping Computer (opens in new tab)
