Downloading and installing pirated PC games can turn off antivirus software, stop Windows security updates, and hijack your beloved GPU to mine cryptocurrency

So warns a new report from antivirus firm Avast, which says a new strain of coin-mining malware called "Crackonosh" has infected more than 200,000 Windows PCs since 2018, bringing the bad guys behind it nearly $2 million in Monero cryptocurrency

"Crackonosh is distributed along with illegally cracked copies of popular software and searches for and disables many common antivirus programs as part of anti-detection and forensic measures," avast researcher Daniel Benes wrote

Crack

Infected downloads including Crackonosh include Fallout 4 Game of the Year Edition, Far Cry 5, Grand Theft Auto V, NBA 2K19, Pro Evolution Soccer 2018, and The Sims 4 and The Sims 4 Seasons "cracked" installers are included

If the anecdotal reports cited by avast were any indication, the cracked games played fine, with only invisible threats added

Once the cracked game was installed, the malware modified the Windows registry and installed executables with names like winrmsrvexe, winscomrssrvdll, winloguiexe and other normal Windows services (the latter performs coin mining)

Many cryptocurrency miners, also known as "cryptojackers," do not do much damage to infected machines They just want to "borrow" CPU and GPU cycles to generate coins Crackonosh, however, is different

Antivirus software does not run in safe mode, so even Windows' own Microsoft Defender Antivirus, aka Windows Defender, gives Crackonosh an opportunity to attack if the PC is started in safe mode Crackonosh

Disable Microsoft/Defender and remove Avast, Bitdefender, F-Secure, Kaspersky, McAfee, Norton, or Panda antivirus software if present Then further tweak the registry and disable Windows security updates

Thus the malware deploys the XMRig miner, ready to hijack your cycle and generate Monero

If your machine is suddenly infected with a large amount of malware, your antivirus software is nowhere to be found, and you have not received any Windows updates in months, Crackonosh may be lurking Getting rid of this malware is not easy; Avast's report provides a complete how-to, but it is quite technical and is best left to someone who knows the intricacies of the Windows registry

It is best to avoid infection altogether by not installing the cracked software If you must install the software, scan each software installer with antivirus software before running it Simply right-click on the installer in the download folder and select "scan" with your preferred antivirus software from the pop-out menu

"As long as people continue to download cracked software, these attacks will continue to be profitable for the attackers

"And that means that when you try to steal software, there's a good chance someone else is trying to steal from you