Monday, March 8, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware

March 13, 2019
in Internet Security
Malicious Counter-Strike 1.6 servers used zero-days to infect users with malware
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Security researchers have discovered a network of malicious Counter-Strike 1.6 multiplayer servers that exploited remote code execution (RCE) vulnerabilities in users’ gaming clients to infect them with a new malware strain named Belonard.

The network has been shut down, researchers from Russian antivirus firm Dr.Web said in a report published on Monday.

You might also like

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

The entire operation relied on proxy multiplayer servers that enticed users to connect to them because of low ping values.

When CS1.6 gamers connected to these proxy servers, they’d be redirected to malicious ones that used one of four RCEs (two in the official CS1.6 game and two in a pirated version) to execute code and plant the Belonard malware on their PCs.

The computers infected with Belonard were all added to a botnet-like structure.

Belonard would promote ads and CS1.6 servers for a fee

According to Dr. Web security researcher Ivan Korolev, the person behind the botnet would then use the Belonard malware to make modifications to users’ CS1.6 clients and show ads inside users’ games.

“When a player starts the game, their nickname will change to the address of the website where an infected game client can be downloaded, while the game menu will show a link to the VKontakte CS 1.6 community with more than 11,500 subscribers,” Korolev said.

But above all, the trojan was primarily used to promote legitimate CS1.6 multiplayer servers by adding them to the users’ available server list, which the Belonard developer would do for a fee.

Belonard victims would also help infect others users

To make sure that the Belonard botnet grew and remained active, the malware’s author also had another trick down their sleeve.

According to Korolev, the Belonard malware would also create proxy servers running on users’ computers.

These servers would then appear in the main CS1.6 multiplayer server list, which other users would see and connect, thinking they were legitimate servers.

However, these proxy servers would redirect gamers to malicious servers hosting the four RCEs, infecting new gamers, and boosting the Belonard botnet’s ranks.


Image: Dr.Web

According to Korolev, the Belonard network of proxy servers grew to reach 1,951 servers, which accounted for 39 percent of all the CS1.6 multiplayer servers available at the time.

The Dr.Web researcher says they worked with the REG.ru domain registrar to take down all the domain names that the Belonard crew was using to operate their botnet.

After taking over the domains, Dr.Web said that 127 game clients tried to connect to the sinkholed domain, but the number of infected hosts is most likely much larger.

Since development on Counter-Strike 1.6 stopped years ago, users shouldn’t reasonably expect a patch for the remote code execution flaws exploited by Belonard. Connecting to vetted servers or upgrading to a newer Counter-Strike game release is recommended instead.

According to Korolev, users can recognize Belonard’s proxy servers because of a bug in its code that displayed the server game type as “Counter-Strike 1,”http://www.zdnet.com/”Counter-Strike 2,” or “http://www.zdnet.com/”Counter-Strike 3” instead of the standard “Counter-Strike 1.6.”

Malicious servers in CS 1.6

Image: Dr.Web

More vulnerability reports:

Credit: Source link

Previous Post

Why IBM Thinks Quantum Computers Will Boost Machine Learning

Next Post

Supervised learning with quantum-enhanced feature spaces

Related Posts

Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool
Internet Security

Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool

March 7, 2021
Next Post
Supervised learning with quantum-enhanced feature spaces

Supervised learning with quantum-enhanced feature spaces

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Here’s an adorable factory game about machine learning and cats
Machine Learning

Here’s an adorable factory game about machine learning and cats

March 8, 2021
How Machine Learning Is Changing Influencer Marketing
Machine Learning

How Machine Learning Is Changing Influencer Marketing

March 8, 2021
Video Highlights: Deep Learning for Probabilistic Time Series Forecasting
Machine Learning

Video Highlights: Deep Learning for Probabilistic Time Series Forecasting

March 7, 2021
Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027
Machine Learning

Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027

March 7, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Clinical presentation of COVID-19 – a model derived by a machine learning algorithm
Machine Learning

Clinical presentation of COVID-19 – a model derived by a machine learning algorithm

March 7, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Here’s an adorable factory game about machine learning and cats March 8, 2021
  • How Machine Learning Is Changing Influencer Marketing March 8, 2021
  • Video Highlights: Deep Learning for Probabilistic Time Series Forecasting March 7, 2021
  • Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027 March 7, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates