Crackonosh malware has been around since at least June 2018 and has infected more than 222,000 systems around the world.
The IT security researchers at Avast published a report on Thursday 24th June revealing a new attack in which malware is being embedded in pirated versions or “cracked” versions of popular games.
Dubbed Crackonosh by researchers, referring to a “mountain spirit” in Czech folklore, the malware uses the victim’s computer resources to mine cryptocurrencies for its developers.
According to Avast, Crackonosh has been around since at least June 2018 and has infected more than 222,000 systems around the world. So far, the malware has earned $2,000,000 (£1,440,000) in Monero cryptocurrency.
Most victims infected by Crackonosh malware belong to countries such as:
- South Africa
- United States
- United Kingdom
The list of pirated versions of games where Crackonosh has been found includes:
- Far Cry 5
- NBA 2K19
- The Sims 4
- Call of Cthulhu
- We Happy Few
- Fallout 4 GOTY
- The Sims 4 Seasons
- Grand Theft Auto V
- Euro Truck Simulator 2
- Jurassic World Evolution
- Pro Evolution Soccer 2018
Crackonosh disables Windows updates, defender, antivirus,
In a blog post, Avast’s malware researcher Daniel Beneš wore that when Crackonosh is installed, it deletes registry entries to turn off automatic updates. It then takes actions to protect itself and evades detection by disabling Windows Defender and any other antivirus software installed on the device.
Some of the antivirus solutions disable by Crackonosh include:
- Mcafee (scanner only)
Crackonosh shows the risks in downloading cracked software and demonstrates that it is highly profitable for attackers, said Beneš. “As long as people continue to download cracked games, attacks like these will continue to be profitable for their authors”, he warned.
Risk of downloading pirated, cracked software
Downloading and using pirated software may save you loads of time and money however it poses a massive security risk to naive users. Currently, another malware called DanaBot is also spreading by embedding itself in free software including VPNs, anti-virus software and pirated games, etc.
Therefore, avoid using third-party software, pirated content, and cracked programs or you can be the next victim of malware like Crackonosh or DanaBot.