Symantec warns of malware in Hearthstone add-ons, cheating tools
ACORDING TO new Symantec research, attackers have disguised information-stealing malware as third-party add-ons and cheats for Blizzard’s online card game Hearthstone.
In a press statement, Symantec saidHearthstoneplayerslookingto gainanunfairadvantageoftenturn online for tools to help them play better or earn more rewards.
In this case, attackers created third-party programs that promise to benefit Hearthstone players, but in reality can compromise their computers with malicious software capable of opening a back door,recordingfromtheirwebcam, logging key strokes, and stealing passwords.
In most cases, the use of these tools is considered as cheating, as they give players an unfair advantage. Blizzard, the game’s creator, does not approve of these services.
“This isn’t the only downside; Symantec observed that some of the third-party services contain malware. If a player installs them, then attackers may be able to open a back door on their computer, and steal sensitive information and Bitcoins.
“Ratherthanpayingmoneyorusing in-game methods, some players may try to cheat to get additional gold and dust. This can lead them to applicationslikeHearthstoneHack Toolv2.1,whichpromisesthat“gold and dust won’t be a problem anymore.” Such applications are a total scam; they do not work,” the online security service said.
Symantec has recently observed Trojan.Coinbitclip posing as a Hearthstone gold- and dust-hacking tool. Because Bitcoin addresses are long and include random characters, many users who mine Bitcoins use a clipboard to facilitate the process.
Trojan.Coinbitclip hijacks the user’s clipboard and replaces the user’s Bitcoin address with one from its own list—this is how the malware steals someone’s Bitcoin.
The sample it observed has 10,000 Bitcoin addresses in its body.