The StaryDobry campaign, identified by Kaspersky, involved cybercriminals luring users with trojanized game installers that deploy a cryptocurrency miner on Windows hosts. This large-scale operation lasted a month, targeting global individuals and businesses, with heightened infections in Russia, Brazil, Germany, Belarus, and Kazakhstan. The campaign leverages highly popular games like BeamNG.drive and Garry's Mod as bait, using poisoned installers uploaded to torrent sites. The malware exhibits advanced techniques to evade detection, showcasing its ability to run checks and gather user location data before launching its mining activities.
Users who are looking for popular games were enticed into downloading trojanized installers, which led to the installation of a cryptocurrency miner on compromised machines.
Research from Kaspersky indicates that the StaryDobry campaign targeted powerful gaming machines to maximize the effectiveness of their cryptocurrency mining activities.
Collection
[
|
...
]