Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

90 Percent of Game Hacks Infected with Malware, AVG Warns

A majority of game hacks and software freely available online contain malware, according to new research.

A majority of game hacks and software freely available online contain malware, according to new research.

Nearly 90 percent of unauthorized software for popular computer games are infected with malware, AVG Technologies said in its AVG Insight newsletter released today. The list includes unpirated “cracked” games, license key generators (keygens) and thousands of other game hacks such as patches, cheats and trainers readily available online on unregulated torrent or file-sharing sites, AVG said.

AVG’s findings were released the same day Kaspersky Lab disclosed details on a series of targeted attacks against online gaming companies.

“While the hacks may appear attractive at first glance, most are created by cybercriminals looking to pry, disrupt or steal,” AVG said.

Infected Video Game Hacks and KeygensThese hacks are designed to attract players looking to get something for free or enhance their in-game experience. AVG Viruslab Researchers noted that games range anywhere from $5 to $50, and that is before the players have to shell out for add-ons such as extra powers and resources. Recent industry figures suggest gamers spend an average of $127 on gaming software each year. Other players may be looking for ways to advance in the game because they don’t have the enormous amount of time these games often require, the research group added.

AVG’s researchers analyzed such hacks and cracks found through metasearch services such as FilesTube and FileCrop, and discovered malware which could lead steal legitimate, paid-for gaming assets, take over user accounts, or intercept sensitive personal data such as bank details and passwords to email and social networking accounts. AVG searched FileCrop for a Diablo3 hack and found more than 40 hacks. Bigger titles such as World of Warcraft or Minecraft returns hundreds of results, the security firm said.

A randomly downloaded Diablo3 hack turned out to have malicious code which would attempt to decrypt saved passwords stored by the Web browser, AVG researchers found. Any cracked passwords would then be sent back to the attacker via email.

At first glance, the numbers don’t seem all that large, as only a small percentage of gamers go looking for a hack. However, considering that the top five games—World of Warcraft, League of Legends, Runescape, World of Tanks, and Minecraft:—boast about 330 million players worldwide (in all, not each game), even a mere 0.1 percent of players would translate to about 330,000 individuals, AVG noted.

Infected users should immediately change passwords across all online services using the same password, contact the game provider to recover the account, AVG said.

“As this rough and ready experiment shows, gamers downloading a hack from a file sharing website should exercise extreme caution, and at least ensure they have the latest security products installed on their computer,” AVG Viruslab Research Group recommended. Or better yet, don’t download cracks, hacks, trainers or unofficial patches and get patches only from the official game provider’s website.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.