14 DAY TRIAL // Trend Micro experts warn that a new version of the ONLINEG malware, a threat designed to steal online gaming credentials from infected computers, now comes with backdoor functionality.
Once the malware infects a system, it starts looking for valuable data. In the meantime, it downloads a backdoor onto affected devices.
The threat has been mainly targeted at South Korean users. nProtect, the developer of the GameGuard anti-cheating root kit, has issued an advisory last month to warn users of websites that host the info-stealer.
What’s interesting about the latest version of ONLINEG (TSPY_ONLINEG.OMU) is that in addition to gaming account credentials, it also steals credentials for the portals of various South Korean organizations.
When the malware detects that the victim visits the login pages of organizations from the news, TV, radio, finance, shopping, gaming and advertising sectors, it downloads a keylogger/backdoor (BKDR_TENPEQ.SM).