Categories: MalwareSecurity

Almost all game hacks are infected with malware

Security worldwide community is alarmed by the explosion of number of cyber threats that are becoming even more sophisticated and are exploring new channel to infect a larger number of machines for various purposes, from cyber espionage to the realization of complex fraud.

Antivirus company AVG has published an interesting study on games hacks that are responsible for the diffusion of malware, the firm warns that over 90% of hacked or cracked games downloaded via file-sharing sites are infected with malicious code.

Malware authors exploit the habit of players to download the ‘hacks’ for their favorite game, typically to gather a pirated copy. The AVG security team analyzed scores of the hacks and cracks found through Metasearch services such as FilesTube and FileCrop discovering the impressive infection rate, the report states;

“Even if we assume that just 0.1% of the gamers playing the top five titles go looking for a hack – a highly conservative estimate – that means 330,000 people are potentially at risk of falling victim to game hack malware, which could lead to the loss of any legitimate, paid-for gaming assets, as well as sensitive personal data such as bank details and email or social media passwords.”

The costs to sustain is often too high for youngster and passionate players that prefer to acquire free pirated ‘cracked’ games, license key generators (keygens) and game hacks such as patches and cheats.  Of course these applications represent a profitable business fir cybercrime that finds a way to spread malware without special efforts, the players infect themselves.

Official IT world suffers double loss, the loss of earnings for the gaming industry and the costs relating to the spread of malware.

This could lead to the loss of any legitimate, paid-for gaming assets, as well as sensitive personal data such as bank details and email or social media passwords.”

The methodology followed by researcher is simple as efficient, they performed a series of searches for popular game Diablo 3 hacks obtaining more than 40 hacks.

“In a quick test, AVG’s researchers searched FileCrop for a Diablo 3 hack, one of the most popular ‘swords and sorcery’ games on the market. The FileCrop search result listed more than 40 hacks, all temptingly titled to encourage users looking for the greatest in-game rewards and benefits. For the biggest titles, such as World of Warcraft or Minecraft, a similar FileCrop search reveals hundreds of hacks.”

Unpacking the download file the AVG researcher detected malicious code hidden in the application downloaded.

The study concluded suggesting to gamer best practices to follow to prevent infection:

  • DO NOT download cracks, hacks, trainers or unofficial patches.
  • DO download patches only from the official game provider’s website.
  • DO vary your login details. Use different usernames and passwords for every game account, even in game forums.

Pierluigi Paganini

(Security Affairs – Malware)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

11 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

18 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.