Hackers are leveraging pirated games to spread malware

Pirated or cracked versions of games have long been a hotbed for malware distribution, and cybercriminals are now using CAPTCHA challenges to make their attacks even more effective.

According to a recent report by McAfee Labs, attackers are leveraging CAPTCHA to trick users into thinking that malicious websites or downloads are legitimate. Security researchers first detected the use of CAPTCHAs in malware delivery schemes last month.

Since then, this technique has rapidly gained traction, with reports indicating a growing number of users encountering it worldwide. McAfee’s data suggests that this method of attack is becoming increasingly prevalent, putting more individuals at risk across different regions.

This method is common in pirated games, where users may already expect to jump through extra hoops, like bypassing verification systems. When users search for cracked versions of popular games, they often end up on shady websites. These sites commonly use CAPTCHAs to appear more credible, creating the illusion that the files or content being offered are secure. After solving the CAPTCHA, users are redirected to download a file that is typically riddled with malware, in this case, Lumma Stealer.

Infection chain of the Lumma Stealer malware.
McAfee

Lumma Stealer is a sophisticated information-stealing malware that surfaced in 2022. It targets sensitive data like login credentials, browser cookies, saved passwords, and information from file transfer protocol (FTP) clients and cryptocurrency wallets.

The malware stealthily collects this data from infected systems and transmits it to remote servers controlled by attackers. Its ability to steal from major web browsers, including Chrome, Firefox, and Edge, as well as its capacity to compromise cryptocurrency wallets, makes it a potent threat, particularly to users holding digital assets.

Google search links to pirated or cracked version of Black Myth Wukong.
It is highly recommended to avoid such websites that offer pirated games or software. McAfee

The malware spreads through phishing campaigns, malicious downloads, and compromised websites, often hidden within pirated software or gaming mods. Lumma Stealer employs various evasion tactics, such as encrypting communications with its command-and-control server and using obfuscation techniques to avoid detection by antivirus programs. Its ability to bypass security measures and harvest valuable information makes it a dangerous tool for cybercriminals.

A false sense of security

The CAPTCHA provides an extra layer of camouflage, as it helps malicious websites and downloads bypass automated scanners used by security solutions. CAPTCHA requires human intervention, thus fooling security systems into thinking the site is legitimate.

Pirated games are attractive to cybercriminals for several reasons. First, users looking for free or cracked software are more likely to take risks, bypassing warnings and even turning off antivirus protections to install the software. Secondly, pirated games often require “patches” or “keygens” that are commonly disguised as malware.

The use of CAPTCHA tricks users into believing that the download or website they are interacting with is more secure. Since CAPTCHAs are typically seen as security measures, many users don’t think twice about solving them. After solving the CAPTCHA, they unknowingly download infected files, leaving their systems exposed to attacks.

How to stay protected

To avoid malware attacks, it’s crucial to steer clear of pirated content. Downloading cracked games or software greatly increases the risk of malware infection. Instead, always use legitimate platforms for downloading games and software, as these sources are verified and safer. Keeping your security software, such as antivirus and anti-malware tools, up to date is essential for detecting and preventing new threats. Additionally, if your antivirus tool flags an installation, don’t ignore it; there’s likely a valid reason behind the warning.

As cybercriminals evolve their tactics, staying informed about new malware strategies is vital. CAPTCHAs, originally designed to confirm human users, are now being exploited by attackers as a method to distribute malware, particularly in the realm of pirated gaming. Understanding these risks and taking preventive steps can significantly reduce the likelihood of falling victim to such attacks.