Gamers Targeted By Hackers Through Code And Cheat Downloads

Gamers tend to be surprisingly tech savvy, and as such, they’re a bit harder to trick with social engineering than many other groups.

Gamers do have a weakness, and it’s one that hackers around the world have recently begun to exploit in a systematic way.

Increasingly, security researchers are finding instances of poisoned cheat codes.

The basic idea is the gamer in question downloads a set of cheat codes for his or her current obsession. Lurking inside it is an embedded bit of malicious code, capable of deploying back doors to allow for further malware infection, as well as keystroke logging code. That enables the hackers controlling it to capture a wide range of passwords and other personal information from the compromised system.

Even worse, there’s a growing body of evidence that hackers are launching supply chain attacks against game development companies themselves. They’re specifically targeting Asian companies in a bid to infect vast numbers of systems, and based on initial estimates, it’s working. Security professionals who are tracking the trend now estimate that there could be hundreds of thousands of infected systems around the world, making this a quietly growing threat that has, until now, gone largely unnoticed.

If that wasn’t bad enough, and given that the hackers know that gamers tend to be tech savvy, they’re specifically designing the malware they’re using against them to actively evade detection, making them notoriously hard to pin down on an infected system.

All that to say if you are a gamer, and you enjoy making use of cheat codes to shortcut the time it would otherwise take to master the game, beware. Hackers all over the planet are now targeting you. It seems nothing and no one is safe these days.

Hackers Using Minecraft Modpacks To Distribute Malware On Android Devices

If you’re an avid gamer, you’re almost certainly at least passingly familiar with Minecraft, and you may be an active player. Despite its blocky, simplistic graphics, it’s the most popular game of all time. It is very prevalent on the internet.

If you play on an Android device, be aware that hackers are now exploiting the game’s popularity to install adware on systems.

They’re doing this by finding ways around Google’s strenuous checks and getting fake Minecraft Modpack apps listed on the store.

Name recognition alone has lured more than a million people to install these poisoned apps. The apps are actually just empty shells that don’t include any Minecraft mods at all, but simply install annoying adware that makes using your Android device virtually impossible thanks to the endless parade of full screen advertisements that pop up, often as frequently as once every two minutes. Every ad that gets displayed puts money in the attackers’ pockets.

Researchers at Kaspersky detected the operation, but it took a while because the hackers used bots to give their apps fake five-star reviews, which served to counter the understandably low rankings from actual users.

To add insult to injury, simply deleting the app from your menu screen won’t actually remove the adware. To do that, you have to take the time to go into the Apps menu under device settings, which is a step that often gets overlooked. That means even after a user deletes the offending app (or thinks he has) ads continue to be displayed, making the attackers even more money.

Once Kaspersky discovered the campaign, Google took swift action and removed the offending modpacks from the Play Store. However, If you’re a fan of the game, and you’re seeing an inordinate number of ads recently, this is quite likely the reason why.

Discord Being Used By Hacker To Distribute Malware

If you’re a gamer, and you make frequent use of Discord, there’s a new threat you should be aware of.

Recently, hackers have been seen using a malware strain called ‘TroubleGrabber’ on a wide range of Discord servers.

TroubleGrabber isn’t the worst malware strain we’ve ever seen, but it is highly problematic. Classed as an Info Stealer, it’s designed to collect and exfiltrate gaming login credentials and system information.

Researchers at Netskope first discovered the malware strain in the wild, and note that in terms of capability, it bears a number of similarities to another Info Stealer called AnarchyGrabber.

Although TroubleGrabber is very new, having only been spotted for the first time in October 2020, the hackers controlling it are wasting no time in terms of its use. Based on data collected by the Netskope researchers, TroubleGrabber accounted for more than 85 percent of all of the malware attacks targeting Discord servers during the month of October (2020).

So how does one become infected with this malware strain?

Well, according to the research team, TroubleGrabber is most often disguised as a software crack or some type of game cheat, though it will occasionally present itself as a simple Discord Installer. The Netskope team was rather impressed to find more than a thousand different poisoned binaries in use. So it doesn’t really matter what kind of games you play, if you make regular use of cracks or cheat codes, it’s highly likely that you’ll run across this strain.

Worse, the hacker behind it was also found to have placed a “helpful” instruction video on youtube, which teachers other hackers how to use TroubleGrabber and set up their own Discord servers for hosting it.

All that to say, this issue is likely to get a good deal worse before it starts getting better. Discord users and gamers beware.

Cyber Attack Found At Gaming Company Capcom

Are you a gamer? Are you a fan of Resident Evil, Devil May Cry, Mega Man, Monster Hunter or Street Fighter? All of those games have something in common. All were developed by Capcom, a Japanese development company with offices in Japan, the US, and Canada.

Unfortunately, according to a recent disclosure, Capcom is the latest company to fall victim to a nasty ransomware attack.

The company’s disclosure reads in part as follows:

“Beginning in the early morning hours of November 2, 2020 some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers. The company has confirmed that this was due to unauthorized access carried out by a third party, and that it has halted some operations of its internal networks as of November 2.”

The initial disclosure did not reveal the exact nature of the attack. Subsequently, it has come to light that Capcom fell victim to a Ragnar Locker ransomware attack and the hackers responsible have apparently exfiltrated more than a terrabyte’s worth of sensitive and proprietary information. Worse, they are demanding a staggering eleven million dollar ransom, to be paid in Bitcoin.

The ransom note included a link to a password protected web page containing a 24MB sample archive displaying a small fraction of the data the hackers were able to make off with. The data includes revenue forecasts, salary spreadsheets, NDAs, immigration forms, corporate communications, royalty reports, and more.

At the time this article was written, there is no indication as to if or how Capcom plans to respond to the ransom demand. Although it should be noted that hackers are notorious for promising to delete all stolen data once the ransom has been paid, and then putting the information up for sale on the Dark Web anyway, which puts Capcom in a tricky position indeed.

In any event, there’s nothing for you to do in this case. The stolen information does not appear to include customer payment card information, but if you’ve made purchases on the company’s website, it pays to keep a close watch on the payment card you used, out of an abundance of caution.

Upgrade Older Phones To Get New Pokemon Go Updates

Are you a Pokemon Go fan? If so, we’ve got bad news. Beginning in October of this year (2020), your game will stop working on older Android and iOS devices.

Support is officially being discontinued for Android 5, iOS 10, and iOS 11. Additionally, the company is ending support for the iPhone 5S and the iPhone 6. If you’re using any of the above, you’ll need to upgrade either your OS, your equipment, or both.

Niantic, the company that makes the wildly popular game, didn’t offer up a specific reason for ending support on the equipment and Oss mentioned above. However, one can safely assume that it’s probably related to an upcoming feature the company knows won’t run on those systems.

In any event, if you’re a fan and you want to keep access to the game itself, the items you’ve collected, and to your PokeCoins, you’ll need to upgrade before mid-October of this year.

Concurrent with the end of support warning, the company also announced three weeks of Mega Evolution-themed events in the month of September:

  • A Mega Pidgeot event that is slated to run from September 1st through September 7th
  • A Mega Houndoom event that will run from September 11th through the 17th
  • A Mega-Evolution Timed Research story event that will run from September 22nd through the 28th.

So sure, you may have some upgrading to do, but the reward is that you get three supremely cool week-long events. You’ll be well positioned to keep right on enjoying the game into the future. What’s not to like about that?

Kudos to Niantic for giving their playing base plenty of time to respond to the change, and for making one of the most iconic games in recent history.