ESET researchers discovered a new sneaky malware named Joao, spreading via computer games published on unofficial websites. Joao is modular malware capable of downloading and running other malicious code.
“To spread their malware, the attackers behind Joao have misused massively-multiplayer online role-playing games. They modified the games to make them capable of downloading further malware,” explains Tomáš Gardoň, Malware Analyst at ESET.
ESET research has shown that the criminals behind the campaign misused several game titles by Aeria Games and served their modified versions on unofficial websites. The one that remained active in spreading the malware, gf.ignitgames[.]to, is blocked by ESET security products.
The games laden with Joao were able to gather information about the infected computer and then download additional components offered by the Command&Control server. The Joao components ESET researchers discovered during their research had backdoor, spying, and DDoS capabilities.
“The infection process is well hidden from the victims and these modified games work as expected. Once a game-hungry user jumps into downloading the modified game, there is nothing to raise their suspicion. Those who are not protected with a reliable security solution simply end up with their computers infected,” warns Gardoň.
More information about the Joao malware – how it works, how to spot it and how to get rid of it – can be found in Tomáš Gardoň’s article at ESET’s blog , WeLiveSecurity.com.
ESET security experts have also compiled a set of recommendations to help gamers enjoy gaming without being faced with threats. With the gamescom fair bringing gaming furhter into the spotlight, following such advice is even more important.
- Favor official sources whenever possible.
- Keep your games updated.
- Use a reliable security solution and keep it turned on while gaming.
- Keep in mind that there are other threats targeting gamers. Check out ESET’s further security tips for gamers.