By Leonid Grustniy, Kaspersky
Adware, Trojans, and other malware aren’t the only reasons not to download illegal games.
So long as gamers seek out free apps in the form of unlicensed copies, cracks, and other goodies, cybercriminals will continue to prey on them, and we will continue to spotlight the dangers gamers face. Here are some we’ve found over the past year.
Our experts took a look at how cybercriminals made money from gamers who skimped on both gaming and security, ending up with unexpected apps along with (or instead of) the games they thought they were downloading.
Perhaps the most common surprise greedy gamers find in their popular games is adware. Although not usually too harmful, adware can be very annoying. With this uninvited guest on their computer or smartphone, users will constantly be closing banners, pop-up videos, and browser pages they didn’t open.
In the hierarchy of bad stuff users might get with pirated games, cryptominers rank far higher than adware. Gamers, with their souped-up computers and brawny video cards, make ideal targets for cryptocurrency freeloaders — and a miner concealed inside a game with high system requirements can go unnoticed for quite some time, during which the computer is working for a malicious third party.
Most gamers know that the place to get official games is a specialized store such as Steam. But for a “Minecraft crack” or “virus-free FIFA,” they turn to search engines. Cybercriminals take advantage of this, creating websites offering free keys, cracks, and unlocked versions of games; adding Trojans; and pushing them onto the first page of search results. Alternatively, they can load infected, pirated copies onto existing warez sites.
That is how the Swarez loader gets distributed. Users who try to download, say, cracks for Minecraft get sent through a long chain of redirects to a page with a ZIP archive, inside of which is another password-protected ZIP and a text file with a key. Unzipping the archive loads Swarez on the unfortunate gamer’s device, where it proceeds to download Taurus spyware, a Trojan that takes screenshots and steals cryptowallets, desktop files, and passwords and other data stored in browsers.
Minecraft remains very popular cyberattack bait, including on smartphones and tablets. Back in 2020, we found more than 20 malicious apps on Google Play disguised as mods for the game, and this year saw a repeat.
The game also serves as a front for Hqwar malware, which reports an installation error and prompts the user to uninstall the app. In fact, that removes only the icon; the malware remains, working in stealth mode to harvest online bank credentials.
Another example of cunning malware, Vesub, hides in pirated versions of Brawl Stars and PUBG for Android.
When run, the malware appears to load very slowly — and then, nothing. The victim, seeing the game is not working, quits. The icon disappears from the screen at that point, but the Trojan remains on the device and gets to work.
What’s actually happening during that fake startup is data collection: Vesub collects system data and receives further instructions. Then, running in the background, it can subscribe the victim to paid services, send text messages from their smartphone, play YouTube videos, visit app pages on Google Play, and open advertising websites.
By now you should understand quite well that downloading pirated games is far more trouble than it’s worth. If so, your gaming experience just became a lot safer. However, you should know about another way cybercriminals exploit gamers’ quest for freebies: offering bundles of games at a 99% discount, promising mountains of free or near-free in-game currency, and inviting players to take part in nonexistent tournaments.
Hiding behind famous titles — from FIFA 21 and Apex Legends to GTA Online and Pokemon Go — cybercriminals scoop up victims’ e-mail addresses, social network names and login credentials, and game info. Even without passwords, such information fetches a price on the dark web. Need we state that by entering your password on an unofficial site, you run the risk of losing your account?
Even worse is if the victim, asked for payment card details for “verification,” agrees. What happens next, you know only too well.
The risks gamers face are neither new nor particularly unusual. Although gamers appear to be a relatively risk-tolerant group, you can practice safe gaming by following some commonsense tips: