Press releases

Cryptominer Malware Hidden Inside Online Games Infected Over 222,000 Systems Worldwide

Avast Threat Labs report cracked versions of online games such as Grand Theft Auto V, Far Cry 5, and The Sims 4 that are laced with hidden malware


Prague, Czech Republic, June 25, 2021 — Avast (LSE:AVST), a global leader in digital security and privacy, has reported a new Monero crypto-miner malware, Crackonosh, that has been circulating since at least June 2018 and has yielded over 2 million USD in revenue for its creators from over 222,000 infected systems worldwide.

 

Crackonosh searches for and disables many popular antivirus programmes as part of its anti-detection and anti-forensics tactics and also disables system updates that help keep the devices vulnerable. The malware was found to be distributed along with illegal and stolen copies of popular online games people download to avoid paying for the games, which secretly generates digital money once the game has been downloaded.

 

According to Avast’s discoveries, Crackonosh mostly infected users in Brazil, India, Poland,   the Philippines and the United States. However, notable infection rates were also reported in Canada, France, Italy and the United Kingdom. Other affected countries included Argentina, Australia, Greece, Indonesia, Mexico, Pakistan, Portugal, South Africa, Spain, Sweden and Turkey.

 

When Crackonosh is installed, it automatically starts mining Monero crypto coins without the users’ knowledge. It also takes actions to protect itself, including disabling Windows Updates and uninstalling all security software. The crypto-miner programme, which then runs in the background, can significantly slow computers down, increase the users’ electricity bills and put them at risk from security threats. 

Crackonosh was found in the cracked versions of the following games: 

  • NBA 2K19
  • Grand Theft Auto V 
  • The Sims 4 Seasons
  • The Sims 4
  • Fallout 4 GOTY
  • Far Cry 5
  • Euro Truck Simulator 2
  • Jurassic World Evolution
  • Call of Cthulhu
  • Pro Evolution Soccer 2018
  • We Happy Few.

 

How to Avoid Crackonosh

 

The best way to protect against Crackonosh is to avoid it entirely by downloading games and other software only from official websites and stores. Users are also advised to be aware of illegitimate sources offering paid-for games for free and to avoid unofficial vendors.

 

More technical information on Crackonosh can be found on the Avast Decoded Blog.