Information Security, Ethical Hacking, website Security, Database Security, IT Audit and Compliance, Security news, Programming, Linux and Security.
Friday, 6 September 2013
Leaked GTA V Torrents Loaded With Sneaky, Costly Malware
The fifth installment of the legendary (and controversial) sandbox shooters Grand Theft Auto is due out later this month, but some players are hoping to get in on the game early by downloading "leaked" copies of the game. Those who partook of the illicit downloads might end up paying a lot more than the price of the game, however.
What's The Scam
According to Bitdefender, what downloaders are actually getting is a nasty malware scam. During installation, you're asked to fill out a survey in order to receive a confirmation code. To finish the survey, you're prompted to send an SMS message to a shortcode.
The ears of careful readers familiar with our Android malware coverage should prick up, because that's a common scam among bad guys targeting the Android platform. Shortcodes, like the numbers used by the Red Cross to raise money, tell your mobile carrier to add a certain amount to your wireless bill. Bad guys use the same technology for evil by writing apps that secretly send SMS shortcodes that transfer money to them (or affiliates). Sometimes, Android malware creators will just create an official looking app and prompt users to send the codes themselves.
The GTA V malware shows that what is a good idea on Android can work just as well on a PC. According to Bitdefender, the GTA V malware is particularly insidious since it sets up recurring charges of "€1 per day until the service is stopped." The ammount charged is probably intentionally small, in the hopes that it will go unnoticed for weeks or months.
As nasty as they are, malicious shortcodes are tricky since they're localized by region. A shortcode from a Russian Android malware operation probably won't work on a US phone. That's not the case with this scam, says Bitdefender.
"The survey opens in a web browser and, therefore, is able to perform a geographic redirect to the webpage that corresponds to the area you are located in," said, Bitdefender Senior E-Threat Analyst Bogdan Botezatu. "This way, the scam is localized to the numbers that are available in the users' area."
Looking Legit
The criminals behind the malware have also gone to great lengths to make the installer and even the torrents look legit. "Crooks have integrated official wallpapers and artwork into the installation process," says Bitdefender. "These downloads are promoted by cyber-criminals by adding likes and positive comments from fake, duplicate accounts in order to make the download more credible."
Interestingly, the ISO file inside the torrent contains an actual game: The Cave, from DoubleFine productions. No word on whether or not it actually works, however.
Appearing legitimate is nothing new for malicious PC software—in fact, Trojanized PC applications are fairly common. Dressing up malware as something illegal, or disreputable, is also fairly common as victims are less likely to complain.
Staying Safe
The easiest way to avoid this malicious software is to not illegally download copies of GTA V. Especially when the game isn't launching until the middle of September, and no PC version has been announced. Come on, guys.
It's also a good idea to have some kind of anti-malware software on your computer. Bitdefender notes that the malicious installer shows up as "Trojan.GenericKDV.1134859" in their Editors' Choice award winning software Bitdefender Antivirus Plus (2014). Editors' Choice winners Norton AntiVirus (2013) or Webroot SecureAnywhere Antivirus 2013 would also do nicely.
Even if you haven't downloaded a GTA V installer, it's important to understand how this scam works so you can avoid similar ones in the future. For instance, it's highly unlikely that any legitimate company will ask you to text a shortcode in order to activate a product.
For those of you who have already fallen to this scam: your best bet is to contact your mobile provider and try to get the charges reversed or at the very least halted. Remember: every day you wait is $1.32 USD wasted.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment