The malware used in this attack is XtremeRat (ExtRat) which is a commercially available remote access trojan (RAT).
It is a known fact that gamers are the most cautious individuals when it comes to protecting their PCs from viruses but when hackers decided to place malware in video game cheat codes, things became a little tough for these gamers.
According to Cisco Talos research which was published on Wednesday, threat actors have started targeting gamers specifically with backdoored game tweaks that hide malware capable of stealing information from their systems through gaining microphone and webcam access.
How are these campaigns advertised and how exactly are gamers lured into downloading these cheat codes?
Firstly, the very fact that this malware is hidden in legitimate files that users download to run their game patches, tweaks, or modding tools already makes it very hard for gamers to detect whether anything malicious is being installed on their computers.
Secondly, the attackers mostly popularise their malware-laced modding-related game tools through social media channels and YouTube how-to videos.
The hackers behind this campaign carefully concealed their malicious intent by employing a VisualBasic-based cryptor to obfuscate the malware which shows that the common threats we face nowadays are actually more sophisticated than what we’ve known them to be in the past.
In this situation, according to Cisco Talos’ technical blog post, the malware being used is XtremeRat (aka ExtRat) which is a commercially available remote access trojan (RAT) that is commonly used in attacks where a specific group is being targeted.
This malware can capture audio and video but more importantly, it can even take screenshots, upload and download files and even log keystrokes.
Gamers should absolutely steer clear of such cheat codes and modded versions because they have also proven to be used for illicit profits. According to BBC, recently the Chinese police and Tencent worked together to crack down on a video game cheat ring that was making around $76 million in revenue for selling cheats to popular video games such as Call of Duty Mobile and Overwatch.
Hackers constantly see gamers as perfect targets for malware attacks and a hacking team in Asia was recently caught compromising the update mechanism for some video games run on Windows and MacOS to launch surveillance on gamers in Taiwan, Hong Kong, and Sri Lanka.