PCWorld (USA)

Pirate gamers, beware: This malware targets you

Bitdfender recently discovered a new family of malware it calls Mosaicload­er that tries hard not to be detected and works to install all kinds of malware on your system.

- BY IAN PAUL

In 2021, crime doesn’t pay if you can’t be found on Google. That’s apparently what the creators of the new Mosaicload­er family of malware discovered. PC security company Bitdefende­r recently published a whitepaper ( go.pcworld.com/bitd) detailing the new malicious software that lures users to download it via paid ads… for pirated games.

Bitdefende­r says Mosaicload­er is delivered through downloader­s that victims “seemingly” find when searching for pirated software such as games and other applicatio­ns. It’s no secret that malware creators often target people downloadin­g cracked software, but what’s interestin­g about Mosaicload­er is how hard it works to avoid detection and how problemati­c it can be.

“We named it Mosaicload­er because of the intricate internal structure that aims to confuse malware analysts and prevent

reverse-engineerin­g,” Bitdefende­r said in a blog post ( go.pcworld.com/bitb). Mosaicload­er does a number of interestin­g things. It carves out local exclusions in Windows Defender for specific file names. Doing that attempts to stop Microsoft’s antivirus from taking action if these files start getting up to no good.

As we’ve seen time and again with malware, Mosaicload­er also mimics file informatio­n from legitimate software. It tries to obfuscate its code by creating smaller code chunks and a shuffled execution order. Bitdefende­r says the malware also has “classic anti-debugging tricks” such as preventing a debugging program from doing its job.

Once installed on a system, Mosaicload­er can wreak all kinds of havoc. This can include cookie stealers that try to hijack login sessions to take over some of your online accounts. Hackers getting into your Facebook or Twitter sounds pretty annoying, but it can turn into a much bigger deal. The malicious actors could find clues that help them take down other accounts related to the same person, or they could try to spread more malware by sending links from what the victims believe is a trusted friend.

Mosaicload­er can also introduce the ever annoying cryptocurr­ency miners that run in the background of your computer, siphoning off CPU cycles while you wonder why the heck your PC is suddenly so slow. The malware can also try to install backdoors to let malicious actors into the PC itself.

The bottom line is that Mosaicload­er is not something you want on your system, because it tries hard to avoid detection and can introduce all kinds of problems. The best defense is, of course, to avoid installing cracked software. These days, the risks of using pirated software just aren’t worth it—especially if the code can figure out ways to get past your defenses.

You have alternativ­es to cracked software hiding sneaky malware! You can often catch popular game titles on sale on Steam, GOG, or as part of a Humble Bundle. Epic gives freebies away each and every week. If you’re looking for a great time for no cost, check out our roundup of the best free PC games for 2021 ( go.pcworld.com/ fr21). Beyond games, we’ve also rounded up the best free software for your PC ( go. pcworld.com/fres).

 ??  ??
 ??  ?? Bitdefende­r’s whitepaper provides the dirty details about Mosaicload­er.
Bitdefende­r’s whitepaper provides the dirty details about Mosaicload­er.

Newspapers in English

Newspapers from United States