Dangerous thief in disguise as a game tops search engine results
A multitude of different ways to play games, including new consoles, in-browser options, and mobile games, are seeing the demand for PC games skyrocket, and at the same time, the desire of gamers to play them for free.
They do this by finding and downloading “cracked” versions of games. But Kaspersky warns that these shortcuts come at a price, as users often install malware instead of the intended game.
Cracking is the modification of software to remove or disable features such as copy protection, and remove DRM restrictions that are in place to prevent the use of the game on an unlimited number of computers from ‘one game purchase.
According to Kaspersky, cyber crooks even go so far as to set up a network of websites, only for the distribution of this type of malware.
In fact, in April of this year, researchers noted a large, well-coordinated campaign, which distributed a dropper, which secretly runs a malicious program dubbed Swarez.
The dropper has been delivered via dozens of fake warez, or sites that distribute pirated software. These sites distributed malware disguised as cracks for various software, including anti-malware software, photo or video editing software, and fifteen popular computer games.
Users in 45 countries around the world have been attacked by files disguised as games.
After a series of redirects from the warez website, users downloaded a ZIP archive with a password protected ZIP file, along with a text document with the key to unzip it.
Emulation of installation processes
Cleverly, the installation process seemed complicated enough that users would pretend they were installing whatever game they wanted, but unfortunately they downloaded the Swarez Dropper, which decrypted and executed a Taurus Trojan-Stealer.
This thief has many functions, is flexible and configurable, and is able to steal cookies, saved passwords, browser autofill data and data related to crypto wallets. It gathers system information, user’s desktop .txt files and can even take screenshots.
Of particular concern about this campaign was the ease with which the right goals were achieved. Bad actors optimized their websites for specific search keywords and in several cases managed to place their malicious sites in the top three results of popular search engines.
Anton Ivanov, security researcher at Kaspersky, says today’s devices contain more valuable information about individuals and their finances than ever before, and are becoming an increasingly popular target.
The Swarez campaign demonstrates that tricking users into installing software from an unknown source is still an effective way to plant malware on their devices.
“And cybercriminals are investing in creating more complex patterns to convince users that what they are installing is not malware – to the point of emulating the installation processes.”
Ivanov says this highlights the fact that there is no middle ground, and to stay safe from these types of threats, users should stick to downloading software from reliable official sources only, as the cost of an error could be much greater than the price. Game.