New Malware Hiding in Gaming Apps, Targeting Windows Users

Image by rawpexels.com, from Freepik

New Malware Hiding in Gaming Apps, Targeting Windows Users

Reading time: 2 min

In a Rush? Here are the Quick Facts!

  • Winos4.0 malware can take over infected computers for further attacks.
  • Winos4.0 includes multiple components for controlling infected systems effectively.
  • The malware may be targeting the education sector.

Fortinet’s FortiGuard Labs recently discovered a new cybersecurity threat that targets Microsoft Windows users through fake gaming apps. This advanced malware, named Winos4.0, can take control of infected computers and perform a range of harmful actions.

Hidden inside seemingly harmless gaming-related applications like installation tools, speed boosters, and optimization utilities, this malware puts users at risk.

Winos4.0 is built on a previous malware framework called Gh0strat and is designed to be versatile and stable. It contains multiple components that allow it to carry out a variety of tasks, making it particularly dangerous.

Fortinet researchers believe the malware may be targeting sectors like education, based on a file description found in its code labeled “校园政务” (Campus Administration).

Once downloaded, the malware installs itself and begins a multi-stage attack. It starts by retrieving a file from a remote server, decoding it, and executing specific functions that allow it to download more malicious files.

These files then load and perform tasks like recording clipboard content, tracking system information, checking for crypto wallets, and avoiding detection from antivirus software.

This malware communicates with its control server, known as a “C2 server,” through encrypted data exchanges. It frequently checks in with this server to receive new instructions, ensuring it remains active and ready for further actions.

Fortinet advises users to only download software from trusted sources to avoid falling victim to this threat. This discovery higlights the importance of caution when downloading new applications, particularly in areas like gaming, where these threats are increasingly hidden.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!

We're thrilled you enjoyed our work!

As a valued reader, would you mind giving us a shoutout on Trustpilot? It's quick and means the world to us. Thank you for being amazing!

Rate us on Trustpilot
0 Voted by 0 users
Title
Comment
Thanks for your feedback
Loader
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Loader
Loader Show more...