Beware Of Downloading Pirated Games, Researchers Find Inserted Malware
When you download and install pirated games on your PC or laptop, the antivirus application that has been installed will usually immediately give a warning. And you, as a user who wants to play the game immediately, will immediately disable notifications and firewalls.
In fact, according to research by security experts, it was the wrong decision. Fatal. And potentially turn the GPU on your device into a cryptocurrency mining tool. The scary thing is, this malware also has the ability to disable the firewall from the antivirus.
This means that once your device is infected with malware, the security of data and privacy stored on the device will be more vulnerable. Easier to infiltrate!
A recent report released by antivirus company Avast states this crypto mining malware is called Crackonosh. To date, the malware has infected more than 200,000 Windows devices since 2018.
According to the company's calculations, during the two years the malware had infected PCs, the hackers behind the malware managed to make a profit of up to 2 million US dollars. Fantastic!
“Crackonosh is distributed in illegal copies of popular and sought-after software. (malware) is able to disable many popular antivirus programs as part of an anti-detection and anti-tracking strategy,” wrote Avast researcher Daniel Benes, via Toms Guide, Wednesday, June 30.
Daniel explained that a number of games have been infected with this malware. Includes cracked versions of Game of The Year's Fallout 4, Far Cry 5, Grand Theft Auto V, NBA 2K19, Pro Evolution Soccer 2018, to The Sims 4 and The Sims 4 Seasons.
According to Daniel, this malware is difficult to detect by antivirus and users. In fact, it was also explained that the malware did not interfere with the performance or function of the software. It's just that, there is an undetected activity that runs while the game is playing.
“When a cracked game is installed, the malware will make some changes to the Windows Registry by installing a number of programs that look like normal Windows services: winrmsrv.exe, winscomrssrv.dll and winlogui.exe – the latter program is part of the coin mining program, "said Daniel.
Daniel also gave tips to identify whether someone's device is infected with this malware or not. One of them is by checking the installed antivirus service. If suddenly a lot of viruses infect your device and the antivirus service doesn't work, it could be caused by a Crackonosh attack.