ESET, global leader in cybersecurity solutions, has discovered a new threat that is aimed towards gamers all over the world. The threat was found to have backdoor spying and DDoS capabilities.
Aeria Games were the ones found infected by the malware named Joao. It is a modular type of malware that has the ability to download and run code on a victim’s computer.
The particular games affected are massively-multiplayer online role-playing games (MMORPGs) published by Aeria, they include the Grand Fantasy Online game shown below. These affected games are the ones found in unofficial websites such as gf.ignitgames[.]to.
According to the report by ESET, the Joao malware has a malicious library named mskdbe.dll, it was detected as Win32/Joao.A. It uses the following process to affect the unaware victim; when a user runs the game launcher, Joao gets launched too. The malware collects information from the computer such as device name, OS version plus information on user privileges and sends it to the attackers server. From there, the server uses the received information and decides whether and which components will be sent to the victim’s computer. The components discovered by ESET showed backdoor spying, and DDoS capabilities.
All the while, the games play along as usual; the user will not be able to tell any difference from the operation of an infected game versus a clean one. The only red flag is in the game’s folder, there, you will get the malicious mskdbe.dll file.
Fortunately, the cybersecurity company offers a solution in the form of ESET Free Online Scanner. To avoid infections gamers are advised to favor official sources whenever possible and to keep all games updated to avoid vulnerabilities that can be exploited by malicious actors.
In addition they should also use a reliable security solution while playing games. Most security solutions today have a gamer mode option that lets you enjoy your games without interruptions while also keeping your computer protected.