diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Malware Masquerades as Pirated Starcraft II Wings of Liberty

Microsoft warned of 2nd iteration of malware, “We’ve seen a Harnig sample using the new release of Starcraft 2: Wings of Liberty to get malware-infected counterfeit versions of the game into users’ computers. Harnig is one of the most prevalent malware families. In Aug 2010 alone, more than 140,000 files were detected as Harnig.gen!P.”

The sample that we analyzed (SHA1: b5e2085c4f7554f53a406431aaea942da73d8b9e) uses Starcraft 2 icon to trick user to click on it. Once executed, it drops two files: “activa~1.exe” detected as TrojanDownloader:Win32/Harnig.gen!P, and “sc2.exe” actual copy of Starcraft 2 executable.

Besides Harnig, few other threats disguise themselves as Starcraft 2 components in order to get into PCs. One is PWS:Win32/PWSteal.M (SHA1: a5fbdbb42488a3bab0687e4e3d7fe5e253c7a8c2), an AutoIT script compiled into a stand-alone executable that drop and run various tools that gather credentials stored locally on your PC. Once it has gathered Steam account credentials, and user names and passwords from IE, Firefox, File Zilla or MSN Messenger, it’ll email them back to the attacker.


Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...