The Dell SonicWALL Threats Research team has received a sample of a backdoor Trojan posing as a game hack. Cheats for games often contain malware and that might not come as a surprise to many. But as a game becomes more popular, cybercriminals take advantage of eager gamers with a promise to help unlock abilities or perhaps accumulate enough credits to buy something to progress in a game and these shortcuts make them more appealing. The sample we received is posing as a cheat to a top ranking free sports game. In fact, searching for 8 Ball Pool game online yields keywords suggestions such as "hack" and "cheats." Infection Cycle The Trojan arrives as a file named "hack 8 ball pool.exe." Upon execution, it copies itself to the following directory: %TEMP%\chrome.exe In order to start after reboot the Trojan adds the following keys to the registry: HKLM\software\microsoft\windows\currentversion\run[8ce73491bf190a3fd7028c92bd3331b1]
Be knowledgeable, pass it on then.