Tuesday, January 10, 2012

Malware Hiding in Files Posing as DOTA 2 Beta Keys and Diablo 3 Cracks

DOTA 2Gamers that are itching to play the highly-anticipated Diablo III (D3) or Defense of the Ancients 2  (DOTA 2) games should keep their cool until the games are officially released and avoid downloading files masquerading as cracks or keys for beta versions off torrent/file sharing sites.

Researchers at Microsoft found that cybercrooks are tricking impatient gamers into voluntarily downloading malware by giving the files misleading names and even mimicking game icons.

The malware targeting DOTA 2 fans has been identified as Backdoor:MSIL/Pontoeb.J (aka “Pontoeb”) and was found to be hiding in a file named “dota 2 Betakeys.txt.exe”.

Once it’s on your computer, Pontoeb collects system information to send to its authors and installs a backdoor to allow its operators to do whatever they want – take remote control, download additional malware, visit a website or even participate in a DDoS attack.

Yes, the overall goal of Pontoeb is to turn your machine into a zombie.

Diablo 3 WallpaperMeanwhile, a file by the name of “diablo3-crack.exe” is likely to wind up on the systems of gamers seeking a Diablo 3 crack.

According to the researchers, the bad guys took the time to alter the icon to imitate the Diablo icon even though the file houses Backdoor:Win32/Fynloski.A (aka “Fynloski”).

Fynloski is a backdoor Trojan that infiltrates PCs in order to “log keystrokes, download and run arbitrary files, and disable security settings.” To add to its creepiness factor, the Fynloski Trojan is also capable of capturing video from your computer’s webcam, record sound produced by your PC and type text on the screen.

So, in theory, the attacker has the means to watch you freak out as your computer takes a life of its own and mock you via text while they’re doing it. Fun, right?!

No, I’m kidding. (But not really.)

Gamers that are not into the idea of having their computer hijacked by malware authors and their products can easily avoid a hostile takeover by running up-to-date antivirus software on their machines and downloading beta versions directly from their vendors.

Happy gaming!!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment