New threat targeting gamers, ESET security researchers discover

Next story

Malware researchers at IT security firm ESET discovered a new sneaky malware named Joao, spreading via computer games published on unofficial websites. Joao is modular malware capable of downloading and running other malicious code.

ESET research have shown that the criminals behind the campaign misused several game titles by Aeria Games and served their modified versions on unofficial websites. The game that remains active in spreading the malware, gf.ignitgames[.]to, is blocked by ESET security products.

The games laden with Joao were able to gather information about the infected computer and then download additional components offered by the command and control server. The Joao components ESET researchers discovered during their research had backdoor, spying and DDoS capabilities.

“The infection process is well hidden from the victims,” noted Tomáš Gardoň, the ESET researcher behind the discovery. “Once a game-hungry user jumps into downloading the modified game, there is nothing to raise their suspicion. Those who are not protected with a reliable security solution simply end up with their computers infected.”

More information about the Joao malware – how it works, how to spot it and how to get rid of it – can be found in Gardoň’s article at ESET’s blog,