Cybersecurity researchers have spotted a cheeky little thing called Winos 4.0 floating around in some game-related apps, like installation tools and stuff that claims to make your games run faster. Basically, it's a command-and-control setup that's pretty sneaky and full of features. Fortinet, who's been keeping an eye on this, said in a report that it's based on something called Gh0st RAT and has bits and pieces that can do all sorts of shady stuff.
This Winos thing has been causing trouble since June, according to Trend Micro and the KnownSec 404 Team. They've given it the cool code names Void Arachne and Silver Fox, and it's been aiming at Chinese gamers by using some sneaky SEO tactics on the dark side, spreading the word through social media and apps like Telegram.
So, if you're using these game tools and you're not careful, you might get hit with a fake BMP file that's actually a nasty piece of code. This starts a whole process that's like a digital game of hide and seek with more downloading and installing of bad stuff happening in the background. It even tries to blend in by naming itself something that sounds like it's for school, like "Student Registration System."
Once it's all set up, it's like someone's got a backdoor into your computer, spying on you, copying what you've got on your clipboard, and potentially swiping info from crypto wallets like OKX Wallet and MetaMask. It's a bit like having a cyber ninja in your system, snooping around for goodies.
And if that's not enough, it can also grab screenshots and upload sensitive files from your computer, all because you thought you needed that sweet game optimization app. So, keep your wits about you when you're looking for game helpers, folks. This Winos 4.0 is pretty crafty and could give you more than just a gaming edge. It's like it's playing a game with your security.