A few weeks ago, one of the most popular online games on the map was hacked with malicious software. The hackers managed to infiltrate servers and stole data about around 15 million players. A big part of their plan was to release a botnet that would eventually switch all these accounts into bots who would play for them, but the plan failed. At least, it did when it came to Tarkov’s servers.
The software itself was mainly designed for two things: harvesting resources and cracking logins. The EFT hack and eft aimbot were a success: according to our numbers, over 40% of the accounts have been compromised and had their passwords stolen.
The thing is, this tool is designed not just to steal your account data. It’s designed to make sure you never use your account again. A botnet that would play for you was one of its purposes, but there are more. After it gathers enough data about a particular user, it sends an email to his registered email address with a link inside. This link leads you to a page that asks for your login details and other sensitive information such as phone numbers, full address, and so on.
When the message arrives, a link is embedded in the text that takes you to a page with the same information. Here’s the thing, though: while all you need to start playing again is logging into your account and proving that you’re not a part of any botnet, the tool sends an email with the login details for one of its other tools called ‘INFECTED’. This tool is specially designed to rob a person’s online bank account.
The author of this tool does not just want to create botnets for them but also wants to profit from them as much as possible. The author sells servers with ALL permissions needed to use his tools and access every server in any game.
Here are some examples of the things you can get with this server:
Ability to turn anyone into a bot in any popular online game;
Stolen passwords, bank accounts, and credit cards;
Ability to harvest resources and items from accounts; and finally,
Ability to lock player accounts forever. If a player is locked out for too long, he will never be able to play that game again. This seems like something that would happen automatically by a game’s anti-cheat system, but it’s not. It’s much easier this way.
The one thing that is bothering me the most is that this developer offers access to every game on Steam. He’s selling servers, and he’s even selling his own ‘Antivir’ anti-virus tool, a botnet, and all the resources needed to use them. I don’t know what he plans to do with all that information, but selling these things and then using them against the players of one of the most popular online games on the market doesn’t seem like a good idea. The developer keeps saying that it’s just for security purposes, but he sells tools that have nothing to do with security.
This Trojan could have been used for much more than stealing accounts and cheating players.