How pirates hook gamers

The story of a guy who just wanted to download a pirated copy of a game but got malware instead. It’s happening more and more often, and we explain why.

Brandon wanted to play a computer game without paying. No fool, he knows where to download games free (without SMS or registration). The Internet is teeming with sites with headings such as “Download pirated games free without viruses.”

Of course, game developers aren’t fools either, and they’ve come up with plenty of methods to fight piracy. But for every cunning developer, there’s sure to be a kindly hacker who can somehow get around the tricks of the trade, upload a crack, and share it online so that others can play free.

In this case, Brandon even knew the name of the crack needed for the game he wanted to play, so he went straight to googling the names of the game and the crack. Google didn’t disappoint. Among the numerous search results, however, Brandon didn’t see a single familiar site offering pirated games and cracks. No matter — he just wanted to get playing.

All sorts of websites with discussion forums — Google Groups, Zendesk, Yahoo! Answers, and others — come in handy in cases like this one, and Google tends to show them above the search results because they are likely to answer user queries. Sure enough, someone was interested in getting this crack before Brandon was, and an obliging user had given a link to a pirate site that had the game and the crack.

Brandon mentally thanked the user and went to the site. Sure enough, he found a link to download the game and a crack for it. He downloaded everything, installed the game from the downloaded image, and ran the crack as directed in the instructions.

The crack seemed to work, but for some reason the game continued to demand activation. Cursing under (and over) his breath, Brandon started to look for a new crack for the game. Meanwhile, the ransomware that had downloaded itself under the guise of being the crack stealthily encrypted the files on his hard drive and prepared itself to deliver a ransom demand.Man gets really mad with his computer because of ransomware

Virus-ridden cracks. Why now more than ever?

There is nothing new about running into malware when using pirated products. Those who avoided paying for software back when protection was weaker remember how their resident antivirus would choke on a Trojan when they were trying to run a crack.

Game-cracking hackers need to eat too, so they make a little extra by turning users’ computers into bots or homes for banking Trojans. The chances of downloading a free game without a virus have always been low. But recently, the likelihood of downloading a malicious program not just with a crack, but instead of it, has shot up.

According to a Torrentfreak article, scammers recently launched a major campaign to promote sites with malware.

It goes like this. Scammers actively distribute links to their malicious sites through public and well-known sites such as Google Groups, Facebook Events Calendar, Zendesk, and many others. They include links to download what are advertised as cracks or actual pirated games, and they write how-to guides for them.

The links point to a file storage site, only a malware installer is downloaded instead of the promised game crack. And users, being accustomed to their antivirus identifying a Trojan when installing a game, ignore or even disable it so as to download and install the file in peace.

“Bad” pirates outgoogle “good” pirates

Even more interesting, scammers, pretending to be well-known publishers like Valve or Ubisoft, have begun to bombard Google with complaints under the DMCA (Digital Millennium Copyright Act) against respectable (relatively speaking) sites hosting pirated games — that is, ones that do not distribute malware.

What’s more, these are not ordinary complaints about copyright violation; they’re complaining about the sites’ bypassing of DRM protection. The DMCA devotes a separate paragraph to such complaints, and unlike with ordinary ones, the accused sites cannot challenge the decision.

Following the rules, Google removes the “good” pirate sites from its search results, meaning that the “bad” pirates who distribute malware under the guise of cracked games get listed higher. That means freebie-seekers are more likely to visit them and download more viruses as a result.

How to avoid infection

One piece of advice stands head and shoulders above all others:

  • Do not use pirated software. Buy games and software, and only in official stores at that. If you really want to save, wait for the next sale — discounts can reach 90%.

But something tells me that the Brandons of the world won’t follow this advice, so here are a couple of tips for those who can’t give up pirated software:

  • Avoid obscure pirate sites. On a major torrent tracker with many moderators, the probability of picking up an infection is at least lower than on a quirky resource that only appeared six months ago.
  • Install a reliable antivirus and never (ever ever) disable it. They don’t cry “malware” for no reason — no pirate resource, even a “good” one, can offer a 100% guarantee that a free game will come without a virus.

You don’t need to break the bank to get good antivirus protection — we offer a great one for no charge at all: Kaspersky Free. And whatever you do, don’t be one of those geniuses who download pirated antivirus software and get a Trojan instead — the irony is thick enough to spread on toast.