I remember visiting a certain site not too long ago to look for no-CD patches so that I could play games without having to insert that blasted game CD every time. There were also quite a few different scripts and other cheating materials on that site as well, and I always expected there to be some kind of malware hitching a ride, even in my beloved no-CD patches. Now, Evolve has been the target of malware from inside a particular hack.
An Evolve cheat, the PC Monster FireHide Hack has been found to contain keyloggers and trojans instead of the actual promised cheat payload.
When you download the zip file that’s mentioned, instead of installing a cheat which is supposed to enable some sort of fiery hide upon the monster, it instead installs a few files that are actually a keylogger as well as a trojan in which to provide a backdoor to communicate to the server that’s receiving this information.
Malwarebytes reports that the keylogger may send the data it collects to its awaiting servers via email, though they didn’t catch any unusual activity in their own testing. Had I a malware lab, I’d do some testing myself to confirm. But it seems that Evolve is now the target of a small malware campaign.
It’s an unfortunate part of gaming that people cheat at multiplayer games. It just happens. I’ve had my own share of frustrating CSGO matches where I could swear that someone had some sort of hack loaded. And it’s something that propagates into all games. I’m sure there are plenty of you out there that enjoyed the wonderfully funny gameplay when turning on various cheats in Quake 2, right? Maybe I’m dating myself here.
Add in the hype and the relative newness of Evolve and you have a very good target upon which to prey. The multitude of new players combined with the statistically probable amount of people who will seek out cheats, and you have a pretty good audience from which to steal information from. The tools that are available to create malware are rather simple for the average script-kiddie as well, it just takes a few clicks and voila! You have yourself a keylogger ready to steal data that can be injected via any number of already set-up botnets.
The moral of the story is to just not cheat. You’ll get cheated. But seriously, malware protection and not clicking on funny links is a good idea. That and try to, and I know torrents are popular, pick your downloads carefully. Common sense comes a long way in preventing bad things from happening.