You might be addicted to gaming. But the virtual criminals seek out their lucrative affairs through your online games. The silent attack comes forth when you execute a game launcher. You would be enjoying your game without any disruption. But behind your back, a malware covertly establishes itself in the background. This could then hand over your personal, sensitive data from your device to the hackers at the other end.
This was revealed by a group of IT security researchers of ESET. They have discovered a new gaming malware called Joao. This is spreading via unofficial sites presenting your favorite computer games.
Joao could run malicious codes on your PC after successfully installing into it. This malware had spying, backdoor and Denial-of-Service (DDoS) capabilities.
Aeria games were found to be the weakest target of these cyber criminals. They have misused several of their game titles. Also, they have manipulated the original to upload the modified versions in unofficial sites. The malware was noted to circulate through gf.ignitgames[.]to game.
The countries mainly targeted by Joao include Brazil, Peru, Argentina, Thailand, Mexico, the Philippines, and Indonesia. The Aeria games are published in Europe and North America too. No malware attack case has been reported here as of now. But it cannot be guaranteed when the misfortune strikes.
The hackers fraudulently took over Massively multiplayer online role-playing games (MMORPGs). An anime-themed MMORPG distribution of the Joao downloader was observed on the Grand Fantasia.
Joao’s main component, mskdbe.dll malignant library was seen to run beside the infected games. It was detected as Win32/Joao.A by ESET systems. This extra .dll file was the only difference between the legitimate and the illegal Aeria games.
Nevertheless, on uncovering this malware, the ESET blocked all its links and extensions. They have sent a report to Aeria games as well.
The ESET expert behind this finding, Tomáš Gardoň puts across his report of the Joao malware attack. “The infection process is well hidden from the victims. Once a game-hungry user jumps into downloading the modified game, there is nothing to raise their suspicion. Those who are not protected with a reliable security solution simply end up with their computers infected.”
You can make a search for the mskdbe.dll file on your computer. If your PC is infected it would show up in the results. If it doesn’t display, it does not suggest completely that you are in safe waters. The name of the file can be altered any moment by the hackers. Yet, keeping in mind that ESET has eliminated all the possible malware history, you should take all the necessary precautions from your part as well.
Further, ESET urges you to keep a check over your gaming activities. You cannot trust any site blindfolded in the 21st century. All in all, you should update your gaming software. Cut-out all the unofficial means, and stick to the official gaming sources.