{"id":21269,"date":"2023-02-16T16:11:36","date_gmt":"2023-02-17T00:11:36","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/02\/16\/news-15001\/"},"modified":"2023-02-16T16:11:36","modified_gmt":"2023-02-17T00:11:36","slug":"news-15001","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/02\/16\/news-15001\/","title":{"rendered":"Fake Hogwarts Legacy cracks lead to adware, scams"},"content":{"rendered":"<p><a rel=\"noreferrer noopener\" href=\"https:\/\/www.hogwartslegacy.com\/en-us\" target=\"_blank\">Hogwarts Legacy<\/a>, the much-anticipated Harry Potter video game, has finally landed on major gaming platforms. But, as with all games like this, it comes with a steep price tag, so it&#8217;s no surprise to suddenly see websites peddling &#8220;cracked&#8221; versions of the game for free.<\/p>\n<p>These&nbsp;sites are easily accessible via a quick Google search.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/easset_upload_file3919_259136_e.png\" alt=\"\" width=\"686\" height=\"567\" \/><br \/>&#8220;hogwarts legacy crack&#8221; sample search result by Google (Source: Malwarebytes | Stefan Dasic)<\/p>\n<p>Cracked games are games that are rendered playable due to tampering or file modification. They&#8217;re also generally available for free. Essentially, they&#8217;re pirated games, which is illegal in some states. Malware Intelligence Analyst Stefan Dasic looked into the above websites claiming to share the cracked PC version of the game.&nbsp;<\/p>\n<p>One website,&nbsp;<em>games-install[.]com<\/em>, asks users for an activation key once they&#8217;ve downloaded the &#8220;game&#8221;. In order to access the key, the site says the user must&nbsp;verify themselves&nbsp;via a survey.<\/p>\n<p>Everything falls apart at that point. Either the survey leads to a dead end, or ask&nbsp;users to enter their data, such as a phone number. Suffice it to say the website is a&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.malwarebytes.com\/blog?s=survey%20scam\" target=\"_blank\">survey scam<\/a>.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/easset_upload_file71687_259136_e.gif\" alt=\"\" width=\"984\" height=\"687\" \/><br \/>This is what happens when you try and download a &#8220;free&#8221; version of Hogwarts Legacy (Source: Malwarebytes | Stefan Dasic)<\/p>\n<\/p>\n<p>Dasic said the sites from the above screenshot all resolve to&nbsp;<em>gameportpc[.]ru<\/em>, which redirects to changing sites that are seen hosting a file named&nbsp;<em>Hogwarts_Legacy_Setup.exe<\/em>.<\/p>\n<p>When users click the &#8220;Download&#8221; button,&nbsp;they find that they have downloaded a copy of the legitimate&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.7-zip.org\/\" target=\"_blank\">7-Zip<\/a>&nbsp;file compression program.<\/p>\n<p>If you visit the same&nbsp;<em>gameportpc<\/em>&nbsp;URL, however, the downloaded filebecomes a Trojan dropper, which then drops adware.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/easset_upload_file57119_259136_e.gif\" alt=\"\" style=\"display: block; margin-left: auto; margin-right: auto;\" width=\"984\" height=\"687\" \/><\/p>\n<p>Malwarebytes detects the Trojan and adware as <strong>Trojan.Dropper<\/strong> and <strong>Adware.Agent.Generic<\/strong>, respectively. We also block the websites we&#8217;ve seen pushing fake Hogwarts Legacy game cracks.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/easset_upload_file38530_259136_e.png\" alt=\"\" width=\"890\" height=\"645\" \/><\/p>\n<p>Malwarebytes protects all your devices and personal info from threats, including ones you find while gaming. <a href=\"https:\/\/www.malwarebytes.com\/for-home\">Find out more about our home protection here<\/a>.<\/p>\n<p>Game on, and stay safe!<\/p>\n<hr \/>\n<p><strong>We don&#8217;t just report on threats&mdash;we remove them<\/strong><\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by <a href=\"https:\/\/www.malwarebytes.com\/for-home\">downloading&nbsp;Malwarebytes today<\/a>.<\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/fake-hogwarts-legacy-cracks-lead-to-adware-scams\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<table cellpadding=\"10\">\n<tr>\n<td valign=\"top\" align=\"left\">\n<p>Categories: <a href=\"https:\/\/www.malwarebytes.com\/blog\/category\/news\" rel=\"category tag\">News<\/a><\/p>\n<p>Categories: <a href=\"https:\/\/www.malwarebytes.com\/blog\/category\/scams\" rel=\"category tag\">Scams<\/a><\/p>\n<p>Tags: Hogwarts Legacy<\/p>\n<p>Tags:  video game survey scam<\/p>\n<p>Tags:  survey scam<\/p>\n<p>Tags:  Trojan dropper<\/p>\n<p>Tags:  adware<\/p>\n<p>With Hogwarts Legacy becoming the popular game it was expected to be, online criminals have resorted to old tricks to get users clicking.<\/p>\n<table width=\"100%\">\n<tr>\n<td align=\"right\">\n<p><b>(<a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/fake-hogwarts-legacy-cracks-lead-to-adware-scams\" title=\"Fake Hogwarts Legacy cracks lead to adware, scams\">Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/fake-hogwarts-legacy-cracks-lead-to-adware-scams\">Fake Hogwarts Legacy cracks lead to adware, scams<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[10468,28676,32,10574,20508,28678,28677],"class_list":["post-21269","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-adware","tag-hogwarts-legacy","tag-news","tag-scams","tag-survey-scam","tag-trojan-dropper","tag-video-game-survey-scam"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21269","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=21269"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21269\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=21269"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=21269"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=21269"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}