Malicious NuGet Packages Deploy Windows Surveillance Malware to Gamers
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Eleven malicious NuGet packages disguised as game cheats and automation tools have been identified, deploying a Windows payload known as pepesoft.exe. These packages target gaming communities, particularly for titles like Albion Online and GTA5RP. Once installed, they provide attackers with remote access to victims' PCs, allowing for live screenshot capture and other surveillance activities. The attack method exploits the .NET command-line tool installation process, making it easy for users to inadvertently execute the malicious code. The scope of the impact includes multiple gaming communities, with significant risks to user privacy and system security. Currently, there are no specific CVEs associated with these packages, but the threat is active and ongoing. Users are advised to avoid downloading unofficial game-related packages.
Key Points: • Eleven malicious NuGet packages masquerading as game cheats have been discovered. • The packages deploy pepesoft.exe, enabling remote access and surveillance of infected PCs. • Targeted gaming communities include Albion Online and GTA5RP, posing risks to user privacy.