ESET researchers have discovered a new, sneaky malware called Joao, which spreads through computer games posted on invalid websites. Joao is a modular malware capable of downloading and executing other malicious code.
«To spread the malicious Joao software, its creators have abused the massively multiplayer online role-playing games. Modified them so they can download even more malicious programs ", explains Tomáš Gardoň, Malware Analyst at ESET.
ESET's research has shown that creators of the malicious campaign have abused several game titles from Aeria Games by publishing their modified versions on various, inaccurate, websites. One of these, one has managed to remain active in spreading malicious software, gf.ignitgames [.] To, but ESET's security solutions have managed to block it.
Games containing Joao could collect information about the compromised computer and then download additional data sent by the C&C server. ESET researchers discovered during the investigation that Joao had capabilities for backdoor, espionage and DDoS attacks.
«The process of infection is well "disguised" to deceive the victims and these modified toys work according to the design of their creators. Once the player is fooled and proceeds to download the modified game, there is no evidence to arouse his suspicions. Those who are not protected by a reliable security solution simply end up with infected computers"Warns Gardoň.
More details about Joao malware - how it works, how it is detected and how it is removed - are in a relevant article by Tomáš Gardoň on the ESET blog, WeLiveSecurity.com.
Also, ESET experts have gathered a series of tips to help gamers enjoy their game without the risk of threats, some of which are:
- Prefer official sources wherever possible.
- Make sure games have the latest updates.
- Use a reliable security solution and get active while you play.
- Remember there are other threats that you need to protect yourself.
Even more safety tips for gamers than ESET here.