If You Are a Gamer, You Might Be Helping Hackers Get Crypto Rich

A recent research published by Avast pointed out that hackers have been particularly targeting gamers with ‘Crackonosh’, a crypojacking malware.

By Jasmin Jose | Updated: 2 July 2021 16:54 IST

Gamers Particularly Targeted in Cryptojacking - Avast Malware Researcher Daniel Benes Explains Why

Photo Credit: Pixabay/ Dean Van Der Linde

A hacking campaign that was targeted at gamers using Steam this June

Highlights

It doesn’t come as a surprise that India is being highly targeted
The name Crackonosh is a combination of words - Krakonoš and Crack
Users should install all the security updates available for their PC

Cryptojacking is a growing problem and gamers are particularly being targeted by malware that uses their computers to mine for cryptocurrency, according to recent research published by security firm Avast. According to the research, cyber criminals have been targeting gamers with ‘Crackonosh', a crypojacking malware. Crackonosh was installed into the gamers' system while free versions of games like NBA 2K19, Grand Theft Auto V, Far Cry 5, The Sims 4, and Jurassic World Evolution were downloaded from unreliable sources like torrents.

In June this year, a team at G Data Software discovered a hacking campaign that was targeted at gamers using Steam. Researchers at Cisco-Talos found out malware inside cheat software of multiple games. And Akamai Security Research recently reported a 340 percent surge in the number of cyberattacks on gamers during the coronavirus pandemic.

Gadgets 360 caught up with Daniel Benes, a malware researcher with Avast and the author of the report on crypojacking to find out more about the threat, why gamers are being targeted, and how to keep our devices safe from the attack. Here are Benes' responses, edited slightly for brevity.

Over the Counter Stalkerware Turns Your Phone Against You. How Can You Stay Safe?

What is cryptojacking? How does it get installed into a user's system?

In cryptojacking malware, the attacker uses the resources of the infected machine to mine cryptocurrency. This malware became popular with the first wave of cryptocurrency and the Bitcoin boom around 2018. Since then, a lot of different tactics have been used (by the hackers) to infect personal computers. DirtyMoe (a Windows botnet) using known system vulnerabilities is an example of this.

How did the team at Avast discover the recent threat caused by the Crackonosh malware?

Cryptocurrency-Mining Crackdown in China Spreads to Sichuan

We started our research after we discovered a post on Reddit about a missing Avast folder from a user's system. We looked into this issue and found a new malware that we're calling ‘Crackonosh'.

How did the name ‘Crackonosh' come about?

The name Crackonosh is a combination of words - Krakonoš, a fairy-tale character and spirit/protector of Czech Giant Mountains, and Crack, from cracked software. The other interpretation of the word in Czech language means the one who brings (-noš) cracked software (Crack).

Once installed, is the presence of the malware easily detectable? How can a user detect if his system is infected by a cryptojacking malware?

Crackonosh does a great job in hiding itself on computers, but it has the same flaw as other cryptojacking malwares. An infected computer becomes slower, unresponsive, and the fans get noisier due to all the heat produced by mining on the devices. Users can also have problems with short battery life and higher power consumption.

Why do you think Crackonosh malware is particularly targeting gamers?

Piracy of computer games is large enough that it pays for attackers to crack the game or pack the cracked games with Crackonosh, as we can see in our numbers. People who download cracked games are certainly not concerned about their security as (compared to) other PC users.

Are there any other user groups who are more susceptible to cryptojacking attacks?

All the people who download and run softwares from unreliable sources are susceptible to cryptojacking attacks. Also people who solve their cybersecurity issues by stating that "There is nothing to steal or destroy in my computer." are in danger of cryptojacking.

As per your report, India is one of the worst affected countries by cryptojacking. Why do you think this is happening?

India is one of the most populated countries; therefore it doesn't come as a surprise that India is being highly targeted.

What measures can the users take to ensure the safety of their devices against cryptojacking attacks?

Users should install all the security updates available for their PC and should use antivirus software. Most importantly, you have to (be able to) trust the source of any file you want to download from the Internet. With respect to PC software, its developer and sellers are the sources that you should trust.

Interested in cryptocurrency? We discuss all things crypto with WazirX CEO Nischal Shetty and WeekendInvesting founder Alok Jain on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Cryptojacking, Cryptocurrency, cyberattack, cybersecurity, hacking, mining, Online Gaming, NBA 2K19, Grand Theft Auto V, Far Cry 5, The Sims 4, Jurassic World Evolution, Avast