The researchers of ESET have discovered a new, sneaky malware with the name Joao, which spreads through online games published on non-authoritative websites. Joao is a modular malware capable of downloading and executing other malicious code.
«To spread the Joao malware, its creators have exploited massively multiplayer online role-playing games. They modified them so that they can download even more malicious proletterthe", explains Tomáš Gardoň, Malware Analyst at ESET.
ESET's research has shown that creators of the malicious campaign have abused several game titles from Aeria Games by publishing their modified versions on various, inaccurate, websites. One of these, one has managed to remain active in spreading malicious software, gf.ignitgames [.] To, but ESET's security solutions have managed to block it.
Games containing Joao could collect information σχετικά με τον παραβιασμένο υπολογιστή και στη συνέχεια να κατεβάσουν πρόσθετα στοιχεία που έστελνε ο C&C server. Οι ερευνητές της ESET ανακάλυψαν κατά τη διάρκεια της έρευνάς ότι το Joao διέθετε possibilities for backdoor, espionage and DDoS attacks.
«The process of infection is well "disguised" to deceive the victims and these modified toys work according to the design of their creators. Once the player is fooled and proceeds to download the modified game, there is no evidence to arouse his suspicions. Those who are not protected by a reliable security solution simply end up with infected computers"Warns Gardoň.
More details about Joao malware - how it works, how it is detected and how it is removed - are in a relevant article by Tomáš Gardoň on the ESET blog, WeLiveSecurity.com.
Also, ESET experts have gathered a series of tips to help gamers enjoy their game without the risk of threats, some of which are:
- Prefer official sources wherever possible.
- Make sure games have the latest updates.
- Use a reliable security solution and get active while you play.
- Remember there are other threats that you need to protect yourself.
Even more safety tips for gamers than ESET here.
