The company ESET announced a new threat program, aimed at fans of online games.
Trojan called Joao distributed authorship games Aeria Games posted on unofficial sites.
Joao’s main task is to download and run other malicious code. It has detected components for remote access, espionage and DDoS-attacks. The virus was “caught” in the client quite popular game Grand Fantasia.
Trojan is fairly tricky: it runs on the victim’s computer in the background simultaneously with the game. No signs of activity he shows. The only indicator that a particular game is “infected”, is an extra library file msldbe.dll in the root folder. Once started, Joao sends the server all the information (device name, OS version, account, etc.) on the computer of the unsuspecting user. With these data, criminals can easily activate additional components Joao.
Game Studio Aeria Games is not the first time used to spread malware. At the moment most of the sites that was posted infected of the game, either closed or “cleaned” from such programmes, at the initiative of ESET. Basic recommendations for prevention remain the same: download it only from official sites, and download and install only official updates.
© 2017 – 2019, paradox. All rights reserved.