Crackonosh: How hackers are using gamers to become crypto-rich
- Published
Gamers are being duped into helping hackers become rich, after downloading games laced with hidden malware.
Versions of Grand Theft Auto V, NBA 2K19, and Pro Evolution Soccer 2018 are being given away free in forums.
But hidden inside the code of these games is a piece of crypto-mining malware called Crackonosh, which secretly generates digital money once the game has been downloaded.
Criminals have made more than $2m (£1.4m) with the scam, researchers say.
The researchers, at Avast, say the "cracked" games are spreading Crackonosh fast and the cyber-security software company is now detecting about 800 cases on computers every day.
And Avast detects malicious software on devices only where its antivirus is installed, so the true impact of Crackonosh is likely to be far higher.
So far, the malware has been found in more than a dozen countries, including:
Philippines: 18,448 victims
Brazil: 16,584 victims
India: 13,779 victims
Poland: 12,727 victims
United States: 11,856 victims
United Kingdom: 8,946 victims
When Crackonosh is installed, it takes actions to protect itself including:
disabling Windows Updates
uninstalling all security software
And the cryptocurrency mining programme it then runs in the background, without the owner knowing, can:
slow their computer down
wear out components through overuse
increase the victim's electricity bill
"Crackonosh shows that trying to get games for free can get you something you didn't expect - malware" Christopher Budd, from Avast, said.
"And we can see that this is highly profitable for the malware authors."
Tracking the hackers' digital wallets has revealed the scam has yielded over $2m in the cryptocurrency Monero, Avast says.
And the company believes the malware's creator may be Czech, hence the name, Crackonosh, which means "mountain spirit" in Czech folklore.
In March, researchers at Cisco-Talos found malware inside cheat software, external for multiple games.
And earlier this month, another fledgling hacking campaign targeting gamers using the Steam platform was discovered by a team at G Data Software, external.
In its latest cyber-threat report, cyber-security company Akamai says it has detected a 340% increase in attacks on both gaming brands and gamers alike since 2019.
Many of the cyber-attacks involved gaming accounts being stolen for their high value in-game items, which are then sold on hacking forums.
"Criminals are targeting gamers at an increasing pace," Akamai security researcher Steve Ragan said.
"Gamers are a demographic known for spending money on their hobby and they're highly engaged, making them a consistent resource for the criminal economy to mine."