Crackonosh: a malware to mine crypto on the backs of gamers

The hackers keep finding new ways to get rich ! Currently they do on the back from gamers. To do this, they use a malware called Crackonosh, hidden in the code of some “cracked” games.

All over the world, hackers have scammed many gamers without them knowingt. Indeed, after downloading games, they have involuntarily helped hackers To to mine cryptomainnaie. The games they had obtained actually contained a crypto-mining malware. Once installed, it began to generate in secret digital currency.

Players from Grand Theft Auto V, NBA 2K19 and PES 2018, victims of pirates

To lure their victims, hackers have used games such as GTA V, NBA 2K19 and PES 2018. They placed the malware there and offered these games free on forums.

GTA V game

According to Avast researchers, every day they detected Crackonosh on 800 computers about. However, this is only the number of PCs on which the avast software was installed. So, until now, it is unclear exactly how widespread this malware has been.

At any rate, Crackonosh has already done thousands of victims in the four corners of the globe. To Philippines, he did 18,448 victims against 16,584 to Brazil according to estimates. This malware was also rife in India (13,779 victims), in Poland (12,727 victims) and United States (11,856 victims). It was also found at UK (8,946 victims).

Over two million dollars won by hackers!

Avast researchers explained that thanks to Crackonosh, the hackers were able to pocket over two million dollars. The worst part is that they didn’t have to do anything about it. Gamers’ computers have done everything for them. The criminals were therefore content to wait patiently and then receive their winnings in Monero.

Crackonosh: malware capable of protecting itself

Note that when Crackonosh is installed on a computer, it can take steps to protect yourself. It does this in particular by deactivating the windows updates and removing all security software. Then he runs background. He then begins his work of mining in the greatest secrecy.

Crackonosh malware

For victims, the presence of Crackonosh usually results in slowdowns from their computer. This malware can also cause premature wear of the various components of their device. What is more, it can cause a increase in their electricity consumption. Indeed, as soon as it is running, Crackonosh massively exploits all the resources of the computer.

Crackonosh shows that trying to get games for free can get you something you didn’t expect – malware. […] And we can see that it is very profitable for the malware writers.

Christopher Budd from Avast.

More and more malware targeting gamers

Today, there are many malware designed to rip off gamers. For good reason, pirates have not stopped creating new ones for a few years. In March, for example, researchers from Cisco-Talos discovered in several cheat software (Cheat Engine). More recently, a team of G Data Software uncovered a recently launched hacking campaign. For its part, it targeted users of the platform Steam.

As for Crackonosh, Avast researchers believe it could be of Czech origin. Indeed, in the folklore of this country, Crackonosh can be translated as “Mountain spirit” in French.

A gamer in front of his computer

According to Akamai, a company of cybersecurity, the number of attacks targeting gaming brands and gamers increased by 340% since 2019. Most often, their goal is to steal accounts game to appropriate large virtual objects value and resell them.

”Criminals increasingly target gamers […] Gamers are a demographic known to spend money on their hobby and are highly engaged, making them a consistent resource for the criminal economy to tap into.

Steve Ragan, Security Researcher at Akamai.

Download “cracked” games is currently common practice. The free access to these games explains why they are favored by thousands of players around the world. However, this practice can be very beneficial bad surprises. Malware is just one example.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.