Summary: The “StaryDobry” malware campaign targeted gamers with trojanized versions of popular games like Garry’s Mod and BeamNG.drive, leading to extensive cryptominer infections. It began in late December 2024, employing a sophisticated multi-stage infection process that utilized torrents to distribute the harmful payload. Kaspersky has linked this campaign to a Russian-speaking actor but could not definitively attribute it to any known threat group.
Affected: Gamers and gaming organizations worldwide
Keypoints :
- Trojanized versions of popular games were distributed via torrent sites, leading to widespread malware infections.
- The malware was designed to evade detection and persistently mine cryptocurrency on powerful gaming machines.
- Kaspersky reports that the campaign primarily affected users in Germany, Russia, Brazil, Belarus, and Kazakhstan.