spywarecleaners.info

spywarecleaners.info header image 2
Hi, I’m Jeff. Unfortunately, I’m Also Kevin Fake Infection Warnings Interview

Left 4 Dead Steam Keyloggers

February 6th, 2009 · No Comments

Price For Acomplia Drug Information Hoodia Testimonials Price For Penisole Comparison Aldactone Free Samples Where To Get Doxycycline Comparison Discount Soma Proper Dosage Penisole Discount Zithromax Tablets Topamax Dosage Nolvadex Mail Where To Get Avapro Australia Price For Avapro Proper Dosage Price For Levitra United States Taking Flomax Antabuse Generic Diflucan Faq Herbal Stromectol Cheapest Pills Order Phentrimine Honolulu Herbal Propecia Health Forum Lasix Nexium Dosage Where Order Cytotec Swaziland Generic Clomid Augusta Hoodia Description Generic Tramadol Annapolis Where Order Prevacid Mexico Where To Get Nolvadex Equivalent Herbal Diflucan Australia Where To Get Tramadol RX Tramadol Description Where To Get Seroquel Forum Where Order Inderal Effects Discount Lipitor Proper Dosage Norvasc Price For Lotrisone Comparison Generic Acomplia Effects Buy Neurontin Price For Accutane Italy Where To Get Hoodia Canadian Discount Antabuse Horny Goat Weed Generic Nizoral Richmond Levitra Comparison Purchase Levitra Elimite Comparison Price For Nizoral Health Forum Generic Elavil Horny Goat Weed Where Order Cymbalta United Kingdom Where Order Flomax Overnight Delivery Order Erythromycin LittleRock Online Seroquel

It’s been brought to my attention that over the last couple of days, people have been posting malicious links to entice gamers into running keyloggers - all of which seem to revolve around one particular game. These keyloggers will hijack your Steam account, which as you might have guessed, isn’t a good thing to have happen.

One such poster (now banned from the official Steam forums) has been promoting lots of links to videogame modding tools, all focused around the game Left 4 Dead. As an example:

lfd0.jpg
Click to Enlarge

As you can see, “Xpro132″ claims the mod does all sorts of cool things, but anyone downloading this file is in for a surprise. As one person put it,

“I downloaded the rar file,extracted the downloader exe,clicked exe and BOOM nothing… did I do something wrong?”

Unfortunately, you did :(

The file claims to be a “Web Downloader” for Left 4 Dead, giving you access to interesting features that the regular game doesn’t have. The person responsible for the file has uploaded it to numerous free file hosting services:

hllfd4.gif

….which makes the “Downloaded: 3 times” message far too reassuring. From the looks of it, quite a few more people than that have been affected by this so far. This is what it looks like on the desktop:

hllfd5.gif

…and this is what ends up in your System32 Folder should you run the file:

hllfd6.gif

The second Win32 EXE is particularly difficult to shut down. From this point onwards, your Steam login (and potentially other logins) are vulnerable.

Interestingly, this same person is linking to many other files, some of which are hosted on reputable game modding websites. Here’s another one:

hllfd1.gif

Click to Enlarge

This is yet another Left 4 Dead related program - this one is a “especial edition” (as the creator calls it) that allows you to play custom .WAV files ingame.

hllfd3.gif

Click to Enlarge

There are people complaining about it here, and the file itself is flagged by two security products on Virustotal.

Seeing as the other files this person has uploaded don’t seem to be very good for your PCs health, it’s advisable to give the Half-Life Sound L4d Especial Edition a wide berth too. We’ll try and collect as many files related to this in the meantime, but for now, steer clear of anything posted to forums and game mod websites by the person above.

We detect the files as (amazingly enough) L4D Logger and L4D Keylogger.

Additional Research:

Chris Mannon, Senior Threat Researcher
Peter Jayaraj, Senior Threat Researcher

Original post by Christopher Boyd and software by Elliott Back

Tags: Videogames · left4dead · steam