Monero mining malware hidden inside popular game torrents

Source Cryptopolitan

Hackers launched a mass infection campaign to distribute a Monero mining program that could be activated remotely. The hackers delivered the mining payload via popular game torrents and primarily targeted gamers, as gaming PCs commonly tend to have stronger processors with more than 8 cores.

According to a recent report by Kaspersky, hackers launched a mass infection campaign of popular game torrents like Garry’s Mod, Dyson Sphere Program, and Universe Sandbox to distribute Monero mining application. The hackers could activate this application remotely.

Monero mining malware hidden inside popular game torrents
Pie-chart showing the distribution of affected users by game (Source: Kaspersky)

Popular sandbox and simulator games were chosen to distribute the mining program, and the hackers specifically picked games requiring minimal disk space.

The hackers delivered the mining payload via a cracked game installer. Often, such cracked installers require users to turn off their anti-virus to install.

The campaign was referred to as StaryDobry, and it took advantage of torrents consisting of compressed files of the games for quicker downloads.

Kaspersky mentioned that the infections were initially detected in January 2025. However, the campaign started much earlier, in December 2024.

In fact, the campaign has been in preparation since September 2024, at the very least, when the initial versions of these games were uploaded. However, this was only the distribution phase.

The Monero mining program targets processors with 8 cores and above

According to Kaspersky, the remote Monero mining program was activated on 31st December. The functionality of the miner ensures that it makes the most out of the processor’s cores. It first checks if the computer has a process with eight cores or more for the highest yields. If the processor has less than 8 cores, the mining program will not be activated.

Due to this use case, the hackers primarily targeted gamers because gaming PCs are usually equipped with faster processors and strong hardware. According to Kaspersky’s data, most of these infections happened in Russia. However, cases have also been registered in Kazakhstan, Brazil, Germany, and Belarus.

As of yet, the team behind this mass infection hasn’t been identified. However, Kaspersky has reasons to believe that a Russian group is behind the malware, as some of its files use the Russian language. Also, a greater number of infections were reported within Russia.

Cryptopolitan Academy: Are You Making These Web3 Resume Mistakes? - Find Out Here

Disclaimer: For information purposes only. Past performance is not indicative of future results.
placeholder
Bitcoin To Face ‘One Last Speed Bump’ Before Rally To $140,000 – AnalystBitcoin (BTC) is attempting to reclaim a crucial level as support, which could propel its price to its local range high.
Author  NewsBTC
7 hours ago
Bitcoin (BTC) is attempting to reclaim a crucial level as support, which could propel its price to its local range high.
placeholder
Australia hands Tesla lifeline with May sales surge, struggles persist elsewhereAustralia just gave Tesla something it hasn’t had in a while—relief. The company said on Tuesday that it sold 3,897 electric vehicles in Australia in May 2025, its best monthly performance in nearly a year, according to data reported by CNBC.
Author  Cryptopolitan
7 hours ago
Australia just gave Tesla something it hasn’t had in a while—relief. The company said on Tuesday that it sold 3,897 electric vehicles in Australia in May 2025, its best monthly performance in nearly a year, according to data reported by CNBC.
placeholder
Bank of England Governor Bailey releases more aggressive monetary policy,Will the British pound continue to rise or turn around and fall?The latest International Monetary Fund (IMF) report, "World Economic Outlook," shows that the UK economy has demonstrated unexpected resilience, leading to an upward revision of the GDP growth forecast for 2025 from 1.1% to 1.2%.
Author  TradingKey
7 hours ago
The latest International Monetary Fund (IMF) report, "World Economic Outlook," shows that the UK economy has demonstrated unexpected resilience, leading to an upward revision of the GDP growth forecast for 2025 from 1.1% to 1.2%.
placeholder
GBP/JPY Price Forecast: Seems poised to build on momentum beyond 195.00 markThe GBP/JPY cross builds on the previous day's goodish rebound from the 192.75-192.70 area, or over a one-week low, and gains positive traction for the second straight day on Wednesday.
Author  FXStreet
7 hours ago
The GBP/JPY cross builds on the previous day's goodish rebound from the 192.75-192.70 area, or over a one-week low, and gains positive traction for the second straight day on Wednesday.
placeholder
USD/CAD Price Forecast: Tests initial support near 1.3950, followed by nine-day EMAThe USD/CAD pair is retracing its recent gains registered in the previous session, trading around 1.3710 during the European hours on Wednesday. The daily chart's technical analysis suggested a persistent bearish sentiment, as the pair consolidates within the descending channel pattern.
Author  FXStreet
7 hours ago
The USD/CAD pair is retracing its recent gains registered in the previous session, trading around 1.3710 during the European hours on Wednesday. The daily chart's technical analysis suggested a persistent bearish sentiment, as the pair consolidates within the descending channel pattern.
goTop
quote