“To spread their malware, the attackers behind Joao have misused massively-multiplayer online role-playing games. They modified the games to make them capable of downloading further malware,” says ESET South Africa CEO, Carey van Vlaanderen.
ESET research has shown that the criminals behind the campaign misused several game titles by Aeria Games and served their modified versions on unofficial websites. The one that remained active in spreading the malware, gf.ignitgames[.]to, is blocked by ESET security products.
The games laden with Joao were able to gather information about the infected computer and then download additional components offered by the Command&Control server. The Joao components ESET researchers discovered during their research had backdoor, spying, and DDoS capabilities.
“The infection process is well hidden from the victims and these modified games work as expected. Once a game-hungry user jumps into downloading the modified game, there is nothing to raise their suspicion. Those who are not protected with a reliable security solution simply end up with their computers infected,” warns van Vlaanderen.
ESET security experts have compiled a set of recommendations to help gamers enjoy gaming without being faced with threats. With the gamescom fair bringing gaming further into the spotlight, following such advice is even more important.
- Favour official sources whenever possible
- Keep your games updated
- Use a reliable security solution and keep it turned on whilst gaming
- Keep in mind that there are other threats targeting gamers