Jump to content
exile360

Malware invading through Counter-Strike game servers using 0-days

Recommended Posts

Bad news for gamers; it has been reported by Dr Web (makers of the popular free Dr Web CureIt! AV scanner/malware remover and Dr Web AV software) that 39% of all Counter-Strike 1.6 game servers were malicious and attempted to infect players with malware according to ZDNet.

The servers, which were using 0-day remote code execution (RCE) vulnerabilities (basically the worst kinds of vulnerabilities) in the game clients, were using an infection known as Belonard to display ads to players in-game and add new servers to their client lists, also creating proxies on their systems and advertising those to other players signing into the game, showing a low ping rate to entice them to jump on where they'd subsequently be redirected to one of the malicious servers to have their own systems/clients infected by the malware, thus making them a part of this advertising botnet scheme.  Thankfully, according to Dr Web, the botnet has now be shut down but it speaks to the risks involved with any software that interacts with the web, not just web browsers and shows more than ever that we must always be on our guard against the next attack which could come from anywhere.

Share this post


Link to post
Share on other sites

Holy crap. I knew Counter-Strike: Global Offensive (a Source 2 game) had serious problems, but... the original Counter-Strike? Seriously?!
I used to play GoldSource games all the time online... This is actually really shocking for me.

Share this post


Link to post
Share on other sites

Yeah, it sucks that you can't even game online safely any more.  We have to deal with Steam password stealers, ad embedding malware, and countless Trojans and bots that try to infiltrate our systems through our favorite games.  It's really sad.

Share this post


Link to post
Share on other sites

If I ever get hired by MalwareBytes, I might spearhead the formation of a division focused on making online gaming safer, taking the time to work with game developers and create a safer experience for everyone.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.