From InfoSec Magazine:
Grand Theft Auto fans have been warned off loading two game modifications (mods) which were found to contain hidden trojan malware designed to steal sensitive information from their machines.
The GTA V mods in question are Angry Planes – designed to divebomb the player with aggressive aircraft – and No Clip, which is said to give the user the ability to walk through walls and other objects.
A few days ago a worried user took to the GTA forum to reveal that although the mods worked as advertised, they also tried to covertly install the fade.exe file.
The file turned out to be malware, identified as Trojan.Agent.TRK by Malwarebytes, which attempt to connect to the internet and send out recorded keystrokes.
The concern is that the hackers behind this attack could steal passwords used for GTA which are reused by users on other, high-risk online accounts, such as e-commerce and banking.
Of course Easy Security Online readers will immediately cringe upon reading that last sentence – why would anyone use their video game password on their banking website? NEVER use the same password on more than one site.
The Grand Theft Auto forum has tips on how to remove the trojan, and warns that even if the file in question doesn’t exist now it may have already stolen the required credentials before deleting itself or being wiped by AV software.
“If your anti-virus removed or quarantined the virus, don’t assume that you weren’t affected. Still go through all the steps below and change passwords you believe are at risk,” noted the advice.
“If the files don’t exist and your anti-virus didn’t remove anything, but you still ran the mods, the virus could have still affected you and removed itself to cover its tracks. It’s unknown if this is really the case but why run with the risk? Go through all the steps again to make sure, and then change your passwords.”
Users were also urged to change their passwords if in any doubt, and if still worried, to format and reinstall Windows.
I’ll bet nobody was concerned enough to reinstall Windows. That sounds extreme.
One final warning from the article:
“Loading malware into game add-ons has been around for some time now. Because of this, gamers need to be cautious when installing mods onto their computers, especially those that haven’t gone through any sort of quality check.”
I recommend sending all installation programs through a virus scanner or two before executing them. And don’t be the first to install anything.