CRYPTOMINING MALWARE INFECTING GAMERS’ COMPUTERS TO MAKE MILLIONS IN CRYPTOCURRENCY
29 July June, 2021: New research from Avast Threat Labs has revealed that cybercriminals are targeting gamers with cryptomining malware, called “Crackonosh”, through “cracked” or pirated versions of popular online games, earning them over USD $2 million (AUD $2.6 million) in cryptocurrency to date.
The malware has been circulating since at least June 2018 and has been found hidden in free pirated versions of games such as Grand Theft Auto V, Far Cry 5, NBA2K19, and Fallout 4 GOTY which are available to download on torrent sites.
According to Avast Threat Labs, Crackonosh has infected over 222,000 systems worldwide since December 2020, including 2,837 in Australia and 900 in New Zealand, but the number could be significantly higher as this is only what Avast software has detected. Avast Threat Labs data also shows that over 800 devices continue to be infected every day.
Number of hits since December 2020. In total over 222,000 unique devices.
“Crackonosh installs itself by replacing critical Windows system files and abusing the Windows Safe mode to impair system defences,” explains Daniel Beneš from Avast Threat Labs.
“This malware further protects itself by disabling some security software, operating system updates and employs other anti-analysis techniques to prevent discovery, making it very difficult to detect and remove.”
Once installed, the malware uses your computer in the background for cryptomining, helping the cybercriminals gain cryptocurrency by using the processing power of the malware-infected computers to solve complex mathematical problems and verify cybercurrency transactions.
Infected users may notice that their computer is overheating or slowing down substantially in how it performs very simple processing tasks, but sometimes it can be hard to detect.
“As long as people continue to download cracked software, attacks like these will continue to be profitable for attackers. The key take-away from this is that you really can’t get something for nothing and when you try to steal software, odds are someone is trying to steal from you,” added Beneš.
Crackonosh has mostly infected users in the United States, Brazil, India, the Philippines, and Poland, with notable infections in the United Kingdom, France, Italy, and Canada. Other countries included Mexico, Argentina, Spain, Portugal, Australia, New Zealand, South Africa, Greece, Sweden, Turkey, Pakistan, and Indonesia.
Here are some tips to avoid cryptomining:
- Don’t download pirated or “cracked” versions of online games as you don’t know what else you may download – it’s just not worth the risk.
- Use a strong antivirus like Avast that can protect against cryptojacking by detecting unsecure websites and can help to detect and block most malicious software, like cryptomining malware.
- Always make sure your Windows software is updated to prevent against vulnerabilities that can be used to spread cryptomining attacks.
Avast Threat Labs found cracked versions of the following games included Crackonosh:
- NBA 2K19
- Grand Theft Auto V
- Far Cry 5
- The Sims 4 Seasons
- Euro Truck Simulator 2
- The Sims 4
- Jurassic World Evolution
- Fallout 4 GOTY
- Call of Cthulhu
- Pro Evolution Soccer 2018
- We Happy Few
Avast is a global leader in digital security products. With over 400 million users online, Avast offers products under the Avast and AVG brands that protect people from threats on the internet and the evolving IoT threat landscape. The company’s threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technologies to detect and stop threats in real time. Avast digital security products for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE Labs and others.