Avast Threat Labs report cracked versions of online games such as Grand Theft Auto V, Far Cry 5, and The Sims 4 that are laced with hidden malware
A new Monero crypto-miner malware, Crackonosh, has been circulating since at least June 2018 and has yielded over 2 million USD in revenue for its creators from over 222,000 infected systems worldwide, according to Avast Threat Labs report.
Crackonosh searches for and disables many popular antivirus programmes as part of its anti-detection and anti-forensics tactics and also disables system updates that help keep the devices vulnerable. The malware was found to be distributed along with illegal and stolen copies of popular online games people download to avoid paying for the games, which secretly generates digital money once the game has been downloaded.
According to Avast’s discoveries, Crackonosh mostly infected users in Brazil, India, Poland, the Philippines and the United States. However, notable infection rates were also reported in Canada, France, Italy and the United Kingdom. Other affected countries included Argentina, Australia, Greece, Indonesia, Mexico, Pakistan, Portugal, South Africa, Spain, Sweden and Turkey.
When Crackonosh is installed, it automatically starts mining Monero crypto coins without the users’ knowledge. It also takes actions to protect itself, including disabling Windows Updates and uninstalling all security software. The crypto-miner programme, which then runs in the background, can significantly slow computers down, increase the users’ electricity bills and put them at risk from security threats.
Craconosh was found in the cracked versions of the following games:
- NBA 2K19
- Grand Theft Auto V
- The Sims 4 Seasons
- The Sims 4
- Fallout 4 GOTY
- Far Cry 5
- Euro Truck Simulator 2
- Jurassic World Evolution
- Call of Cthulhu
- Pro Evolution Soccer 2018
- We Happy Few.
How to Avoid Crackonosh
The best way to protect against Crackonosh is to avoid it entirely by downloading games and other software only from official websites and stores. Users are also advised to be aware of illegitimate sources offering paid-for games for free and to avoid unofficial vendors.