Sydney, 15 April 2013. If you’ve ever been tempted to download a ‘hack’ for your favourite game to accelerate your progress, or to download a pirated copy of the latest title through a torrent or file-sharing site, watch out: the second edition of AVG’s new monthly newsletter, AVG Insight, reveals that over 90% of such files contained malware.
World of Warcraft, League of Legends, Runescape, World of Tanks and Minecraft: five of the planet’s most popular computer games, played by an aggregate of more than 330 million people worldwide and part of a multi-billion-dollar industry. But that popularity also makes these games and those who play them prime targets for cybercriminals, as the AVG Viruslab Research Group discovered this month.
It takes enormous time, effort and skill to do well in today’s leading Massively Multiplayer Online games (MMOs), and when you consider the cost of buying a game – anywhere from US$5 to US$50 plus desirable add-ons such as extra powers or resources – the cost soon mounts up. In the US, for example, research suggests gamers now spend an average of US$127 on gaming software every year.
Unsurprisingly, not everyone either wants to spend such cash or can afford to, which has led to pirated ‘cracked’ games, license key generators (keygens) and thousands of other game hacks such as patches, cheats and trainers appearing online, usually on unregulated torrent or file-sharing sites.
These may at first glance appear to be an easy option for a gamer seeking to improve their character’s standing or simply to get something for free, but the bad guys are constantly producing hacks and cracks for the latest and biggest titles, and most contain small chunks of executable code designed to pry, steal and disrupt.
AVG’s researchers analysed scores of such hacks and cracks found through metasearch services such as FilesTube and FileCrop, and discovered that more than 90% of them contained some form of malware or malicious code. Even if we assume that just 0.1% of the gamers playing the top five titles go looking for a hack – a highly conservative estimate – that means 330,000 people are potentially at risk of falling victim to game hack malware, which could lead to the loss of any legitimate, paid-for gaming assets, as well as sensitive personal data such as bank details and email or social media passwords.
See it in action
In a quick test, AVG’s researchers searched FileCrop for a Diablo 3 hack, one of the most popular ‘swords and sorcery’ games on the market. The FileCrop search result listed more than 40 hacks, all temptingly titled to encourage users looking for the greatest in-game rewards and benefits. For the biggest titles, such as World of Warcraft or Minecraft, a similar FileCrop search reveals hundreds of hacks.
At random, the team selected and downloaded a file called ‘Diablo 3 Item generator and gold hack.zip’. After downloading and unpacking the file, the team’s installed AVG Internet Security software immediately detected malicious code in the hack itself.
What damage can they do?
Left to do its dirty work, this malicious code would attempt to decrypt the saved website passwords stored in the machine’s web browser keypass. Any sensitive information it found would then be sent back to the attacker via email.
However, it could also mean you lose your game account altogether: attackers can profit from the theft by trading the accounts online in exchange for cash. A registered user account could cost hundreds of dollars and hours of gameplay to replace, while in-game purchases (power-ups, weapons, equipment, etc.) may be lost or sold before the user has a chance to contact the game developer and reclaim their hacked account. This would be in addition to the more common objective of malware – stealing bank account details, hacking email accounts or accessing social networks.
How to game safer
As this rough and ready experiment shows, gamers downloading a hack from a file sharing website should exercise extreme caution, and at least ensure they have the latest security products installed on their computer. However, to be even safer the AVG Viruslab Research Group recommends you:
· DO NOT download cracks, hacks, trainers or unofficial patches.
· ONLY download patches from the official game provider’s website.
· DO vary your login details. Use different usernames and passwords for every game account, even for game forums.
How can I fix my computer if it gets infected?
If you think you might already have malware on your machine from an infected game hack, you should immediately:
· Change your passwords across all your online services that use the same or similar password.
· Contact the game provider to recover access to your account.
· Run a scan of your PC using up-to-date security software
· If the scan reveals a threat, follow the on-screen prompts (also described here) and the software will often be able to remove the malware. If it does not, we suggest you contact the AVG Techbuddy Experts for further advice.
The AVG Viruslab Research Group