Malicious malware detected in GTA V mods

Several Grand Theft Auto V for PC mods found to have viruses and malware

In the world of PC gaming, the Mods play a very important role in it. Mods take an original base of a game, and with some twists, you get carried to a totally different world. However, it looks though at least one person has decided to take advantage of the circumstances and include the malicious code within without the knowledge to those who download it.

The hugely popular No Clip and Angry Planes mods for Grand Theft Auto V are said to come with malicious code. This only emphasizes the importance of performing scans on the files you download with proper and updated anti-virus and anti-malware tools before you install them.

GTA Forum consisting of seven members carried out an investigation after realizing that Angry Planes had began to misbehave. It was found that an odd C# compiler program was running in the system processes, transmitting and receiving data across the web. A Fade.exe executable was found in his PC’s Temporary Files folder that kept a watch on his activity and changed his Windows registry to silently launch at system boot.

The other user who checked out the malware stated that he had used his PC to take part in a DDoS attack against a Twitch game streamer. Other modules that were found to be active inside the malware include a Facebook spam/credential stealing module, a Messenger.com spam/credential stealing module, a Twitch spam/credential stealing module, a Keylogger module, a Steam spamming module, and a UDP flooding module.

Malwarebytes, a Security firm that thorough examined the malicious files that were shared via the fraud has been identified by the security firm as Trojan-Agent-TRK – in a Malwarebytes blog post.

As told to EI Reg, Chris Boyd, a security researcher at Malwarebytes and an enthusiastic gamer stated that the flexible malicious ad-ons towards gamers is a fairly common action.

“Game mods have been a target for many years, with an older version of GTA coming under fire from a notorious GTA: Hoodlife fake mod containing malware back in 2007,” Boyd explained.

“Fans of the series traditionally enjoy extending the lifespan of the title through modding, so it’s a rich area of exploitation for malware authors. Rockstar could potentially increase mod safety by opening up the Steam workshop to mod downloads, but it seems that option isn’t available yet,” he said.

“If there is no push to host mods on Steam, then gamers will have to rely on third-party sites for downloads. It’s a lot easier for bad files to slip through on forums and fan-made websites than a service such as Steam with various checks and security features in place behind the scenes,” he added.

In case, you are using No Clip or Angry Planes with any mod or GTA V, it is advisable to carry out an anti-malware scan with one of the AV programs that identified the malicious file. It is also advisable to change your passwords to be more secure.

 
0 Kudos
You are
awsome 🙂

Twitch ’s latest insane adventure: Installing Linux

Twitch’s latest insane adventure: Installing Linux

Twitch playing Pokémon was easy mode. Tomorrow, Twitch viewers will be invited to do something altogether more challenging: install Arch Linux. Using the same Twitch chat-driven concept as the collaborative Pokémon playthrough, anyone will be able to enter commands and control the installation process.

Normally, installing Linux is quicker and easier than winning Pokémon. The install processes have been made broadly idiot-proof, especially if you’re installing into a safe virtual machine environment and so don’t even run the risk of clobbering a disk accidentally. But if Twitch chat has accomplished anything, it’s breeding a better idiot, one that is mindlessly bloody-minded, and so we fully anticipate that there will be trolling. Trolling Pokémon revolved principally around getting stuck repeatedly in menus and releasing captured Pokémon—annoying to those trying to complete the game but little that would force players to start from scratch.

Linux, in contrast, opens the door to a whole world of exotic trolling opportunities. There are old classics such as rm -rf / to wipe the disk, or dd if=/dev/zero of=/dev/hda to really wipe the disk. There’s the casual annoyance of kill -9 1, or comedy options such as the bash fork bomb of :(){ :|:& };:. We wouldn’t be surprised to see the machine casually trapped in a reboot loop or have its hardware removed to leave it incapable of I/O.

And who knows, even more exotic options are also possible; security attacks to break into the virtual machine host, recruiting of the machine into botnets, or denial of service attacks. Also possible: a ton of copy-pasta and Kappa spam. Twitch wouldn’t really be Twitch without it.

The project kicks off on Saturday October 31 at 4pm Eastern.

 
3 Kudos
You are
awsome 🙂

Cross Site Request Forgery (CSRF) [HOW-TO]

Cross-Site Request Forgery (CSRF) is an attack outlined in the OWASP Top 10 whereby a malicious website will send a request to a web application that a user is already authenticated against from a different website. This way an attacker can access functionality in a target web application via the victim’s already authenticated browser. Targets include web applications like social media, in-browser email clients, online banking and web interfaces for network devices.

(more…)

 
10 Kudos
You are
awsome 🙂

Infographic: Biggest CyberSecurity Attacks in History

An interesting, but arguable, infographic coming to us today from the Financial Times. Is Kevin Mitnick really bigger than the guys that hacked Target, Home Depot, Bebe, and virtually every fast food restaurant in the US? I think he’s just grandfathered in because of the audacity of his actions (mostly social engineering) and the fact that he’s been on every Top Hacker list since the dawn of time. But still, luv ya, Kev!

Biggest Cybercrime Security Attacks in History

 
1 Kudos
You are
awsome 🙂