Windows gamers are the latest target in the Winos4.0 campaign, according to a new threat analysis from security researchers at FortiGuard Labs. The report suggests that the malware is hiding within various gaming-related applications, such as speed boosters and optimization utilities.
This particular malware is one that has been known for a while. It was built from the ashes of GhostRat, another malware framework designed to take over control of the target computers it infects.
Much like GhostRat, Winos4.0 can take over your computer, giving the hacker full control of the system. It’s a very advanced malware framework with a lot of effective online endpoint controls that support a ton of different functions the threat actors can take advantage of.
After you install the infected application, a fake bitmap image is downloaded from a server. The image extracts a dynamic link library that is loaded onto your system. This is then deployed deep into the target computer, giving control at a root system level.
A successful installation of Winos4.0 gives the threat actors access to everything on your system. They can check for crypto wallet extensions and anti-virus extensions, gather and send encoded system information back to the control server, capture screenshots of your system, and even manage documents.
If your system becomes infected with this particular malware, then you’re likely in for a world of hurt. This isn’t as simple as an Android malware that steals your money and wipes your accounts. No, this framework can take full control of your system and anything that it has access to.
To avoid Winos4.0, be aware of where all your downloads are coming from, and check their sources before installing.
