Malware has been reported found in some versions of the video game Super Mario3: Mario Forever, but this is not the only time that cybercriminals have taken advantage of the fame and interest of gamers to do evil.
Mushrooms, princesses and plumbers. Possibly the most famous video game of all time, and therefore the most coveted. But what is very important in the digital world is also known to be an ideal playground for criminals who take advantage of the fame and insatiable interest of users to carry out their attacks.
When Free version of Super Mario 3: Mario Forever (perfectly legal game, but created not by its parent company, Nintendo, but by specialist fans), pages offering an untrusted version that installs various hard-to-detect executables on the malware user’s computer what causes your computer, among other things, to mine cryptocurrencies without your knowledge, which reduces its performance and causes electricity consumption; or take control of your personal data and the recording device’s camera without your permission.
It’s true that it can be tempting to get something for free, which can sometimes cost a lot of money (depending on your wallet), but it’s always like throwing stones at your own roof: you’ll have a game, but you don’t know what you are risk?
“Of course, this was the most famous case in recent weeks, but gamers are no strangers to this kind of threat. As in any widely used program and as in any application in which hundreds of thousands of people interact (some even open source), it is easy to hide easter eggs that are not at all freebies or malware of varying degrees.Explain Herve Lambert Global Consumer Operations Manager Panda Security.
Mario is not alone
Leaving aside this case widely reported by the media around the world, there are many video games that have been subjected to this kind of attacks throughout recent history and have endangered or threatened the safety of users.
PC games tend to be the most “fake” or virus-infected, and some of the most threatened, according to various sources, are the well-known SIMS, Minecraft, GTA, Fornite, or FIFA itself. But mobile versions are not harmless either. Known Among Us or PUBG, in addition to the mobile versions of the above, are among those that may have been affected. The problem is usually greater in this type of game because, while being easily moddable, there are many content, tools or “mods” created by other users and therefore with less (or no) security controls.
Another well-known case is a malware campaign attacking gamers in China using rootkits. In this case, the malicious rootkit manages to disable security tools and inadvertently install itself on the system without causing alarm or suspicion. This ostensibly Microsoft-owned kernel-mode driver threat — something the company claims is caused by independent developers and which it otherwise tries to block once discovered — is just one of dozens of others uncovered each month. Other examples of malware in this sector are, among others, PoorTry or NetFilter. The goal is usually credential theftbut also used for mimic a different geolocation and thereby cheat the game, for example, to play in places where it is prohibited.
cops and pirates
In this sector of video games, we can distinguish two different lines of cybercrime. On the one hand, they would direct hacker attacks on the official version of the gameinfecting with viruses, hacking the system to steal data, etc. And for another, and much more common, we would find versions false from the same games -or updates, patches, enhancements, etc.- that are primarily distributed via systems flow and pirate download sites (yes, they are still alive and well).
In the first case, the responsibility for the security of the system and the proof of unwanted access lies with the developer company, and, of course, they spend a lot of time and resources on this. For example, Nintendo itself is known to be particularly active in this regard, actively fighting leaks of its games and possible pirated copies circulating in cyberspace. Mobile gaming app distribution platforms also play an important role in this security barrier, and Google and Apple pride themselves on tracking down and eliminating potential rogue apps, but that’s not enough.
On the one hand, these will be direct attacks by hackers on the official version of the game, infection with viruses, hacking the system to steal data, etc. On the other hand, we might find fake versions of the same games – or updates, patches, improvements, etc. – that are mainly distributed through torrent systems and pirated download pages.
Because this problem, the problem of illegal downloads or dubious copies of games that appear to be official but are not, is the real security battle horse in this sector. “While legal action, the closure of the pages that contributed to this, as well as increased user awareness have led to a decrease in this type of practice, the truth is that it continues to exist. It’s true that it can be tempting to get something for free, which can sometimes cost a lot of money (depending on your budget), but doing so is always the same as throwing rocks at your own roof: you’ll have the game, but you won’t. Do you know what you’re risking?asks the Panda Security cyber expert.
act for sure
The safety tips in this case are the same as usual for those who surf the Internet, use a messaging app, or make online purchases:
- Do not share passwords: Rumors spread like wildfire, especially in the digital world, so if you give your access data to just one person, they may share it with others, intentionally or unintentionally, which will already be compromised by security.
- Use two-factor authentication methodsA: Facial recognition and alphanumeric code are an option, but there are others, such as Google Authenticator. Large home games already include such privacy practices.
- Download ONLY and ALWAYS from official platforms: “Torrent” can be tempting, the whole world is within click reach, but no matter how much of an expert you think you are, you won’t be able to distinguish legitimate content from fake and you could end up installing more harm than fun on your computer .
- If it’s too good to be true, it will be.: It is for this reason that if you find or receive announcements that such a long-awaited novelty is now available (and free) by clicking here, it is definitely a marketing campaign. phishing Designed for casual fishing.
- Social media tips? Doubt: Many cybercriminals who use video games for their attacks often use social media or YouTube disguised as tips or tutorials, where they can end up offering “extra information” or free game widgets filled with viruses.
- Use technologies that are always at hand: If playing online, always use secure and secure networks with a VPN. And in any case, install professional antivirus systems on your device, such as Panda Dome, which will take care of scanning, detecting and neutralizing any possible threat for you.