Researches revealing a new attack in which malware is being embedded in pirated versions or “cracked” versions of popular games.Dubbed Crackonosh by researchers, referring to a “mountain spirit” in Czech folklore, the malware uses the victim’s computer resources to mine crypto currencies

Crackonosh has been around since at least June 2018 and has infected more than 222,000 systems around the world. So far, the malware has earned $2,000,000 (£1,440,000) in Monero cryptocurrency.

Most victims infected by Crackonosh malware belong to countries such as:

  • Italy
  • India
  • Spain
  • Turkey
  • Canada
  • Greece
  • Mexico
  • Poland
  • Sweden
  • Pakistan
  • Portugal
  • Australia
  • Argentina
  • Indonesia
  • Philippines
  • South Africa
  • United States
  • United Kingdom

The list of pirated versions of games where Crackonosh has been found includes:

  • Far Cry 5
  • NBA 2K19
  • The Sims 4
  • Call of Cthulhu
  • We Happy Few
  • Fallout 4 GOTY
  • The Sims 4 Seasons
  • Grand Theft Auto V
  • Euro Truck Simulator 2
  • Jurassic World Evolution
  • Pro Evolution Soccer 2018

When Crackonosh is installed, it deletes registry entries to turn off automatic updates. It then takes actions to protect itself and evades detection by disabling Windows Defender and any other antivirus software installed on the device.

Some of the antivirus solutions disable by Crackonosh include:

  • Scan
  • Panda
  • Norton
  • Adaware
  • F-secure
  • Kaspersky
  • Bitdefender
  • Mcafee (scanner only)

Crackonosh shows the risks in downloading cracked software and demonstrates that it is highly profitable for attackers, Downloading and using pirated software may save you loads of time and money however it poses a massive security risk to naive users. Currently, another malware called DanaBot is also spreading by embedding itself in free software including VPNs, anti-virus software and pirated games, etc. Avoid Pirating to protect.