Various groups of cyber criminals are exploiting a series of zero-day vulnerabilities in Counter Strike 1.6, an old videogame, to spread the Trojan known as Belonard, reported network security and ethical hacking specialists from the International Institute of Cyber Security.
To get a better perspective on how dangerous this campaign is, the network security and ethical hacking specialists described the following scenario: In all, there are around 5k video game servers registered on Steam, while players using official clients of Counter Strike 1.6 exceed the 20k users.
“Many popular gaming server owners also collect money from players by selling various user privileges, such as protection against banning, access to all weapons and game accessories, etc”, according to a report from specialists in network security and ethical hacking. “Some server owners are advertised independently, while others purchase server promotion services from contractors”, the experts added.
During a routine inspection, a malicious server was discovered, managed by a user nicknamed “Belonard”, who employs illegitimate advertising and piercing methods to infect players’ computers with a Trojan that exploited a zero-day vulnerability In Counter Strike, aiming to take control of their access credentials and create their own botnet, experts said.
This Trojan, according to the network security specialists, exploits a remote code execution vulnerability to load one of the malicious libraries into the victim’s device. In the last stage of the attack, the investigators were able to neutralize the Trojan and stop the growth of the botnet.
Unfortunately, this is not the first time the video game platform is attacked or is involved in a cyber campaign. On previous occasions, malicious hackers have tried to deploy malware using Steam, or have exploited vulnerabilities on the platform to gain access to restricted material, without having to pay any money to the developers, the cybersecurity specialists added.