Nicknamed “Joao” by researchers, Malware is on third-party sites that offer malicious setup for Aeria games. The malware works in such a way that it can once run other malicious code on the targeted device. Furthermore, Joao utilized “online multiplayer online role-playing (MMORPGs),” a platform for massive role-playing video games and multiplayer online games where a large number of gamers gather to interact.
HackRead Reported Attacker behind Joao has developed malware in such a way that when a victim executes the game launcher, he secretly launches himself in the background and sends the device information to the attacker including the operating system, name and privilege that the user has on that device.
At the same time, the game runs to the user in the absence of interference or a sign of malicious activity. Based on the analysis tool Joao decides which components should be installed on the system. According to the researchers, they found components with the ability to conduct distributed denial-of-service (DDoS) attacks, backdoor, and spy on targeted users. Currently, Joao is targeting users in Argentina, Brazil, Mexico, Peru, Indonesia, Thailand. , And the Philippines. However, this is a matter of time before it starts spreading to other countries since Aeria games are published in North America and Europe as well. To check if your computer is infected with Joao malware, ESET researchers recommend looking for the file “mskdbe.dll”.
If a search result shows a file with this name you are a victim. However, the attacker can also rename the file with another. Therefore, be sure not to download unnecessary applications or games on your computer.
Also, be sure to keep your operating system and antivirus software up to date. As for targeted users, do not download Aeria games from third party sites. Aeria has a social media presence on Twitter and Facebook, It is advisable to report the malicious game file to the developers. At the time of publishing this article, third-party sites are still operating but ESET has informed developers about theissue, and it is expected the company will take some action soon. .
Image source: ESET