AhnLab "Beware of Malware Disguised as Adult Game Executable Files"
AhnLab recently discovered cases of malware distribution by uploading files disguised as various adult game executable files on file-sharing sites and urged users to be cautious on the 10th.
Compressed files disguised as executable files of various adult games uploaded on file-sharing sites [Image provided by AhnLab]
The attacker first uploaded compressed files disguised as executable files of various adult game programs to specific file-sharing sites. The post accompanying the compressed files included a captured image of the game screen along with instructions stating, "To run the game, extract the compressed file and execute the ‘Game.exe’ file."
When the user extracts the compressed file and runs the ‘Game.exe’ file to play the game, a downloader malware that downloads additional malware from the attacker’s server is executed simultaneously. Since the adult game also runs normally upon malware execution, it is difficult for users to realize that their system has been infected.
The downloader malware downloads a remote control malware called ‘Remcos RAT’ onto the user’s PC. Once infected with ‘Remcos RAT,’ the attacker gains remote control privileges over the user’s PC. The attacker can use these privileges to perform various malicious activities such as keylogging, screenshot capturing, webcam and microphone control, and downloading additional malware. Keylogging is an attack that detects the user’s keyboard movements to secretly steal important personal information such as IDs, passwords, account numbers, and card numbers.
Currently, AhnLab V3 detects this malware. To prevent damage, users should follow basic security guidelines such as ▲ refraining from downloading illegal content and using official content websites ▲ keeping the operating system (OS), internet browsers, applications, and office software up to date with the latest versions and security patches ▲ using the latest version of antivirus software with real-time monitoring enabled.
Lee Ik-gyu, a researcher at AhnLab’s analysis team, said, "Cases of malware distribution targeting illegal content users on file-sharing sites have been continuously discovered recently," and added, "Users must use content provided through official channels such as official websites to prevent damage."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
