Thugs use pirated video games for my cryptocurrency

These are the Reddit users who pointed to the team of cybersecurity experts at Avast, while many wondered about the disappearance of the named antivirus from their computer.

After conducting an investigation, Avast – which released a statement on Thursday (New window) – Detected that malware was causing this error and that it traveled from pirate video game software available for download on forums or torrent sites.

Its function

According to the report, the malware known as Krakonosh has been around since at least June 2018, especially through video games. NBA 2K19, Grand Theft Auto V., For Cry 5, Sims 4 And Jurassic World Evolution.

When installing the said software, an installer file (serviceinstaller.exe) and a script included in the torrent modify the Windows registry, which allows the malware to run indirectly when the system starts, which automatically selects the safe mode (some files and drivers from the system without loading).

When the Windows computer is in safe mode, antivirus software will not work.

This will allow you to easily disable and remove the malicious serviceinstaller.exe file Windows Defender Antivirus, Continues Daniel Pence in the Avast report.

Finally, the malware uses XMric software, which exploits the system and its resources for my mono cryptocurrency (XMR).

Symptoms of infection

Daniel Benz points out in a report that a computer is vulnerable to a recession, its rapid decline and higher than regular electricity bills.

Krakonosh also replaces the Windows Security Shield icon in the system tray with a fake, green one, and puts a brake on Windows Updates software.

According to the Avast report, the worst affected countries are Brazil, India and the Philippines. Several cases have also been identified in Canada and the United States.

Krakonosh malware has been widely downloaded in Brazil, India and the Philippines.

Photo: Avast

Note that Avast is not the only antiviral targeted by Krakonosho. Kaspersky, McAfee, Norton and Pittefender can also be disabled and removed by malware.

A lucrative maneuver

For a total of 222,000 infected computers worldwide since 2018, Avast now estimates that 1,000 devices will be affected by the malware every day.

About 30 types of malware have been identified, the last of which was released in November 2020.

More than 900 XMR coins have been cut through this project, which is equivalent to US $ 2 million.

The origin of the malware is unknown, but Avast is skeptical of its creator, who may be Czech, meaning Krakonosh The spirit of the mountains In the countryside.

When asked when malware will lose ground, the Avast report points it out As long as people continue to download pirated software, such attacks will continue and thieves will continue to pay..

What to remember from these, […] When you try to steal software, there is a good chance that someone is trying to steal from you, Refers to the statement.