Global leader in cyber security ESET, has discovered a new threat targeting gamers worldwide with backdoor, spying, and Distributed Denial of Service (DDoS) capabilities.
The sneaky malware named Joao, is a modular malware capable of downloading and running other malicious code on the victim’s computer.
To spread their malware, the attackers behind Joao have misused massively-multiplayer online role-playing games originally published by Aeria Games.
Compared to downloading and launching a legitimate Aeria game, the only visible difference is an extra .dll file in the game’s installation folder.
How it Infects your computer:
- The affected games have been modified to run Joao’s main component – a malicious library with downloading capabilities dll, detected by ESET’s systems as Win32/Joao.A.
- When users run the game launcher, Joao is launched along with it.
- Upon launching, the Joao downloader first sends basic information about the infected computer – device name, OS version and information on user privileges to the attacker’s server.
- After the communication with the server has been established, server-side logic decides whether and which components will be sent to the victim’s computer. The components discovered by ESET showed backdoor, spying, and DDoS capabilities.
To clean the malware, one can use a reliable security solution to detect and remove the threat. You can also use ESET’s Free Online Scanner.
- To avoid infections gamers are advised to Favor official sources whenever possible and to keep all games updated to avoid vulnerabilities that can be exploited by malicious actors.
- Use a reliable security solution while playing since many security solutions today have a gamer mode option that lets you enjoy your games without interruptions while also keeping your computer protected.