Online gamers are the target of hackers’ Microsoft-signed rootkit malware, which steals in-game purchases and other kinds of data.
(Photo : by GERARD JULIEN/AFP via Getty Images)
The logo of French headquarters of American multinational technology company Microsoft, is pictured outside on March 6, 2018 in Issy-Les-Moulineaux, a Paris’ suburb.
Online Gamers Beware: Hacker’s Microsoft-Signed Rootkit Steals
As per Gizmodo, cybercriminals are now using a rootkit called FiveSys, which suspiciously got a digital signature from Microsoft.
It is worth noting that Microsoft’s digital seal should supposedly validate that the program is not malicious. Thus, with it, cybercriminals could use the rootkit without any restriction due to the industry-standard mark that the tech giant awarded it.
What’s more, the malicious program now gives the cyber attacker “unlimited privileges” wherever it is installed.
Gizmodo further noted in the same report that the hackers using “FiveSys” typically target online gamers to steal their in-game purchases by hijacking their credentials.
However, given that the said rootkit provides much larger-scale access than merely stealing in-game purchases, the researchers from Bitdefender suggest that it could also be used to mine other sensitive data elsewhere.
By the way, gamers usually sync their banking details with their profile as a means to purchase in-game items. So, with the Microsoft-signed rootkit, it also gets exposed to cybercriminal minds.
Microsoft-Signed Rootkit FiveSys: Where Does it Come From?
Meanwhile, according to the report of ZDNet, the distribution method of such malicious programs is still unknown. However, the researchers speculated that “FiveSys” is being bundled with crack programs online.
On top of that, the researchers also revealed that the said rootkit originally came from China. Thus, most of its victims are Chinese online gamers as well.
That said, the “FiveSys” rootkit has yet to make its mark in other territories than the Asian country.
It also turns out that the campaign to spread the rootkit malware started way back in 2020. But it only saw a significant uptick during the summer of 2021.
Microsoft-Signed Rootkit FiveSys: How to Avoid
According to the director of the threat research and reporting at BitDefender, Bogdan Botezatu, the best way to counter such malicious software is to download programs from reputable sources.
Botezatu further added that “modern security solutions” could also help in mitigating such attacks from rootkit malware and other similar counterparts.
Read Also: Linux Hacked: Russians Insert ‘Drovorub’ Malware on Linux Computers That Interferes US Election, Reveal FBI and NSA
Microsoft and Rootkit Malware
As per the latest report of Redmond Mag, Microsoft has yet to issue a statement regarding the proliferation of a malicious program that the tech giant digitally signed.
However, it is to note that this is not the first case that Microsoft signed a program that maliciously steals information on Windows users.
In fact, last June 27, Microsoft confirmed that it signed a rootkit malware on Windows that goes by the name “Netfilter.”
Similar to “FiveSys,” the previous rootkit malware also originated from China, bypassing not just the Windows Hard Compatibility Program but other data centers in the country as well.
Related Article: Microsoft Accidentally Leaks ‘Golden Keys’ That Unlock Secure Boot-Protected Windows Devices: Oops?
This article is owned by Tech Times
Written by Teejay Boris
ⓒ 2021 Techbyandroid.com All rights reserved. Do not reproduce without permission.