Pira-cy is a problem that has affected computing since its inception. Even before the advent of PCs, illegal copies of other content, such as books, were made. Although it may be tempting to save a few euros, one of the main ways to endanger our PC is to download software illegally. And, without realizing it, this attempt to save a few euros can end up being much more expensive than we thought at first because of the malware.
Hackers know how appealing illegal, and free, content is to users. Be it games, series, movies or programs, in the end there are always those who look for it on the net. And, the desire to reproduce such content often makes us trust them and disable certain security measures, such as antivirus. Hackers are constantly looking for ways to trick these users into carrying out their own attacks. The deceptions can range from making us download and execute a certain file, or by deactivating the antivirus or entering our personal data on a website.
Recently, NordLocker researchers came across a long-standing malware campaign that used illegally activated games and programs as a hook to infect users’ PCs.
3.2 million computers compromised and 1.2 TB of data stolen
Hackers have been distributing all kinds of illegal software, mainly pirted games and illegally activated versions of Photoshop , since 2018. Each of the games or programs they distributed concealed a Trojan that gave them full access to the computer of whoever ran it without raise suspicions. In that time, hackers have managed to infect more than 3.2 million Windows computers with malware and steal a total of 1.2 TB of personal and sensitive data. The stolen information includes 1.1 million valid emails, 26 million logins (users and passwords) and 2 billion session cookies, of which 22% are still valid today.
The database also includes all kinds of files that users saved on the desktop and in the download folder. These include screenshots, 900,000 images, 600,000 Word documents and 3 million plain text files, among other much content.
How to protect our data from these malware campaigns
The database was surveyed by one of the pirtes by mistake, and that has revealed all the information about this complex campaign. The Trojan used by the hackers in this campaign was a very simple Trojan, without a specific name. These Trojans are generally created by hobbyists and sold on the Dark Web, or in certain forums or chat rooms, for about $ 100 .
The emails found in the database have been uploaded to have i been pwned? under the name of ” Nameless Malware database ” so that we can check if our mail is among those affected or not. If so, we must think about logging out of all the websites where we have the session open so that the cookie expires, and change all the passwords.
Finally, to avoid falling into this type of campaign again, the best we can do is avoid downloading and running pirted programs or games on our computer. Whenever we go to download a program or a game, we must do it from its main website so as not to take risks. In the end, the cheap ends up being expensive.
