Online PC gaming comes loaded with benefits, one being that you can upload your own mods into games, possibly changing how the game looks, plays and feels, allowing you to do just about anything you desire. However, while mods are fun to use, hackers have started targeting players using mods on Grand Theft Auto V, injecting malicious codes into several popular files.
Two rather popular Grant Theft Auto V (GTA V) mods, No Clip and Angry Planes, were two mods found to be laced with malicious code. This further emphasizes the importance of scanning files you download with a well performing and updated anti-virus or anti-malware solution before installing them.
Malicious Grand Theft Auto V mods were discovered by GTA Forums, when a team of gamers began to notice that Angry Planes started acting up. One member found an odd C# compiler program running on his PC through his system processes, which was also sending and receiving data from the attackers servers. An odd program called Fade.exe (sometimes Trekker.exe) was found in his Temporary Files folder. The program monitored his system activity and changed his Windows registry in the background to automatically launch malware at system boot.
Another gamer who reported being infected with malware said his computer had been abused to take part in a DDoS attack against a Twitch streamer. Looking through the malware shows the program is capable of distributing Facebook spam with credential stealing capabilities, Messenger.com spam with credential stealing capabilities, Twitch spam with credential stealing capabilities, a Steam spammer, a keylogger and a UDP flooding mode. The GTA V mod malware was found to be pre-loaded with several attack modules built in.
Malwarebytes security research firm thoroughly examined the malicious code that had been laced into GTA mods, identifying the malware as Trojan-Agent-TRK. Malwarebytes researcher, Chris Boyd, said hackers targeting gamers mods is quite common.
“Game mods have been a target for many years, with an older version of GTA coming under fire from a notorious GTA: Hoodlife fake mod containing malware back in 2007,” Boyd speaking on the malware with the Register.
“Fans of the series traditionally enjoy extending the lifespan of the title through modding, so it’s a rich area of exploitation for malware authors,” Boyd explained. “Rockstar could potentially increase mod safety by opening up the Steam workshop to mod downloads, but it seems that option isn’t available yet.”
Boyd thinks trusted gaming engines should open their doors to mods, allowing gamers safely obtain mods for their games, instead of the later, going on a third-party site downloading unverified mods. Gamers continue to push for larger companies to allow verified mods on their networks, stating it would help protect gamers and could significantly cut down on the amount of accounts stolen and mod abuse.
If you used or are currently using No Clip or Angry Planes mods on Grant Theft Auto V, its urgent you perform an anti-virus or anti-malware scan with a reliable program capable of identifying the malicious code, such as Malwarebytes.
Gamers are also advised to change their passwords for additional security as the malware was laced with several credential stealing capabilities.